Here is what I have in mind for the next few months:
- An architectural blueprint (a new type of GTP document) on SIEM that will depict one good way of architecting Security Information and Event Management across a large organization
- A detailed list of SIEM tool evaluation criteria, a document that I always wanted to create in order to cover – to a painful level of detail – a set of technical features and capabilities that an enterprise-capable SIEM should have (it would be a little reminiscent of our SIEM RFP toolkit, but with stronger focus on product – rather than vendor – requirements)
- Updates to my past SIEM documents [see below], one on operational practices (with its own SIEM success guidance framework!) and one on the technology landscape.
- “Security Information and Event Management Futures and Big Data Analytics for Security” (chock full of SIEM futures and REAL big data use cases for security analysis)
- “Security Information and Event Management Architecture and Operational Processes” (my favorite paper I’ve ever written on SIEM )
- “SIEM Market Trends, Solutions, Assessment and Select Product Profiles” (a bit dated, but still a fun read!)
Select recent blog posts related to SIEM:
The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.