Back to SIEM Research!
by Anton Chuvakin | May 2, 2014 | 6 Comments
Now that my threat intelligence research project is wrapping up, I am going to be spending my summer in SIEM!
Here is what I have in mind for the next few months:
- An architectural blueprint (a new type of GTP document) on SIEM that will depict one good way of architecting Security Information and Event Management across a large organization
- A detailed list of SIEM tool evaluation criteria, a document that I always wanted to create in order to cover – to a painful level of detail – a set of technical features and capabilities that an enterprise-capable SIEM should have (it would be a little reminiscent of our SIEM RFP toolkit, but with stronger focus on product – rather than vendor – requirements)
- Updates to my past SIEM documents [see below], one on operational practices (with its own SIEM success guidance framework!) and one on the technology landscape.
Just as a reference, my published Gartner research on SIEM includes (GTP access required):
- “Security Information and Event Management Futures and Big Data Analytics for Security” (chock full of SIEM futures and REAL big data use cases for security analysis)
- “Security Information and Event Management Architecture and Operational Processes” (my favorite paper I’ve ever written on SIEM )
- “SIEM Market Trends, Solutions, Assessment and Select Product Profiles” (a bit dated, but still a fun read!)
Select recent blog posts related to SIEM:
- SIEM Webinar Questions – Answered
- How to Use Threat Intelligence with Your SIEM?
- Detailed SIEM Use Case Example
- On “Output-driven” SIEM
- On SIEM Maturity Scale and Maybe On CMM Too
- On SIEM Deployment Evolution
- On People Running SIEM
- On SIEM Processes/Practices
- On Large-scale SIEM Architecture
Additional Resources
View Free, Relevant Gartner Research
Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.
Read Free Gartner Research
Category: announcement security siem
Anton Chuvakin
Research VP and Distinguished Analyst
8 years with Gartner
19 years IT industry
Thoughts on Back to SIEM Research!
Comments are closed
Who's Blogging
- Don Scheibenreif
- Nicole Greene
- Anthony Bradley
- Andrew White
- Darin Stewart
- Debbie Wilson
- Bill Ray
- Pedro Pacheco
- Andrew Lerner
- Emily Moquin
- Kate Muhl
- Avivah Litan
- Rene Buest
- Merv Adrian
- Deacon Wan
- Jitendra Subramanyam
- Dave Egloff
- Charles Golvin
- Colin Reid
- Craig Roth
- Tony Iams
- Rajesh Narayan
- Scot Kim
- Rajesh Kandaswamy
- Zachary Weinberg
- Srijita Chakraborty
- Mike Mcguire
- Kristina Laroccacerrone
- Manjunath Bhat
- Steve Rietberg
- Benjamin Bloom
- Robert Hetu
- Richard Watson
- Hank Barnes
- Marko Sillanpaa
- Marco Meinardi
- Marty Resnick
- Chris Ross
- Augie Ray
- Lizzy Foo
- Daniel Sanchezreina
- Mark Mcdonald
- Vivek Swaminathan
- John Wheeler
- Simon Walker
- Mark Diodati
- Julian Poulter
- Jane Anne
- Samantha Searle
- Cassandra Nordlund
About
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.
[…] By Anton Chuvakin […]
[…] By Anton Chuvakin […]
Welcome back Anton. We’ve missed you here! Feel free to reach out if we can be of assistance.
@Joe
Sure, another call on SOC operational practices would come handy!
[…] Back to SIEM Research! […]
[…] Back to SIEM Research! […]