Blog post

Our 2016 SIEM Papers Are Out!

By Anton Chuvakin | February 12, 2016 | 1 Comment


We are happy to announce that our awesome SIEM papers have just published:

  1. The fabled “Security Information and Event Management Architecture and Operational Processes” (now in its 3rd edition) is our 2016 update to a really popular and well-rated “bible” on how to run a SIEM opertation. Both of us think that it exudes pure awsomeness! Those who read the previous version …. do not despair: this one IS a bit shorter….thus with more concentrated awesomeness inside.
  2. Renamed and heavily updated “SIEM Technology, Market and Vendor Assessment” contains 2016 extended SIEM vendor profiles, technology trends, discussion on SIEM sourcing options and so much more. Did we mention it is awesome? Well, we did now…

Some juicy quotes follow below:

  • “Gartner expects security information and event management (SIEM) tools to remain a central point for enterprise security monitoring. “
  • “Ultimate SIEM program success is determined more by operational processes than by architecture or specific tool choice. SIEM implementations often fail to deliver full value due to broken organizational processes and practices and lack of skilled and dedicated personnel.”
  • “A mature SIEM operation is a security safeguard that requires ongoing organizational commitment. Such commitment is truly open-ended — security monitoring has to be performed for as long as the organization is in business.”
  • “SIEM products are gaining additional analytics capabilities — via acquisition of user and entity behavior analytics (UEBA) vendors, internal development or OEM partnerships — and the trend for more analysis of already-available data will grow further.”

Both of these are updates to our super-successful papers and so they contain both new and time-tested material. Gartner GTP access is required for both papers.

One more super-exciting paper is coming soon – our study on security monitoring and SIEM use cases, in depth.

Related blog posts annoucing research publication:

The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.

Comments are closed

1 Comment

  • Unzile Algul says:


    I would like to be informed about security and the events.