We are happy to announce that our awesome SIEM papers have just published:
- The fabled “Security Information and Event Management Architecture and Operational Processes” (now in its 3rd edition) is our 2016 update to a really popular and well-rated “bible” on how to run a SIEM opertation. Both of us think that it exudes pure awsomeness! Those who read the previous version …. do not despair: this one IS a bit shorter….thus with more concentrated awesomeness inside.
- Renamed and heavily updated “SIEM Technology, Market and Vendor Assessment” contains 2016 extended SIEM vendor profiles, technology trends, discussion on SIEM sourcing options and so much more. Did we mention it is awesome? Well, we did now…
Some juicy quotes follow below:
- “Gartner expects security information and event management (SIEM) tools to remain a central point for enterprise security monitoring. “
- “Ultimate SIEM program success is determined more by operational processes than by architecture or specific tool choice. SIEM implementations often fail to deliver full value due to broken organizational processes and practices and lack of skilled and dedicated personnel.”
- “A mature SIEM operation is a security safeguard that requires ongoing organizational commitment. Such commitment is truly open-ended — security monitoring has to be performed for as long as the organization is in business.”
- “SIEM products are gaining additional analytics capabilities — via acquisition of user and entity behavior analytics (UEBA) vendors, internal development or OEM partnerships — and the trend for more analysis of already-available data will grow further.”
One more super-exciting paper is coming soon – our study on security monitoring and SIEM use cases, in depth.
Related blog posts annoucing research publication:
- All My Research Published in 2015
- Our Vulnerability Assessment Vulnerability Management Research Publishes
- 2030: Have They Social Engineered Your AI?! [our Maverick piece published]
- My “Evaluation Criteria for Security Information and Event Management” 2015 Update Publishes
- My “How to Monitor the Security of Public Cloud Resources” Publishes
- My “Demystifying Security Analytics: Sources, Methods and Use Cases” Paper Publishes
- My “How to Work With an MSSP to Improve Security” Paper Publishes
- Our “Selecting Security Monitoring Approaches by Using the Attack Chain Model” Publishes
- All My Research Published in 2014
- All My Research Published in 2013
The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.