It is with tremendous excitement that I am announcing the publication of my “Evaluation Criteria for Security Information and Event Management” document and SIEM selection tool (download link inside the document).
Love the “Magic Quadrant for Security Information and Event Management” and “Critical Capabilities for Security Information and Event Management” but want more details? [and I mean MORE DETAILS!!] Use our SIEM evaluation criteria!!!
There are numerous use cases for this essential document/tool, such as:
- Figure out what to look for in a SIEM product
- Create your very own set of SIEM selection criteria
- Evaluate a SIEM product based on a set of criteria
- Compare two or more SIEM products and choose the product that fits better
- Build an RFP/RFI for SIEM
- Understand the vendor materials and map vague claims to specific, measurable features
- Impress your friends with knowledge of esoteric SIEM features such as “Agents and collectors should be able to operate within low-bandwidth requirements and throttle the data based on predefined rules and requirements” or “The ability to group assets, users, log sources and so forth automatically and/or based on external information.”
Without further ado, enjoy the …
30 June 2014 | G00262712
Analyst(s): Anton Chuvakin
SIEM is a pivotal and widely used security technology, and a deep understanding of SIEM technology is critical for success in acquiring the right SIEM product. This evaluation criteria document helps define and refine SIEM buying criteria.
And don’t tell me I didn’t warn you about the details 🙂
Related announcement posts:
- My Threat Intelligence and Threat Assessment Research Papers Publish
- My Updated Vulnerability Management Practices Paper Publishes
- My Security Solution Paths Published: Threats and Vulnerabilities
- All My Research Published in 2013
Select recent SIEM blog posts:
- SIEM Magic Quadrant 2014 Is Out!
- On SIEM Tool and Operation Metrics
- SIEM Analytics Histories and Lessons
- Back to SIEM Research!
- SIEM Webinar Questions – Answered
- How to Use Threat Intelligence with Your SIEM?
- Detailed SIEM Use Case Example
- On “Output-driven” SIEM
- On SIEM Maturity Scale and Maybe On CMM Too
- On SIEM Deployment Evolution
- On People Running SIEM
- On SIEM Processes/Practices
- On Large-scale SIEM Architecture
The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.