Vendor Landscape: Security Information & Event Management
Vendor Landscape: Security Information & Event Management
Vendor Landscape: Security Information & Event Management
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
SIEM <strong>Vendor</strong> selection / knock-out criteria: market share,<br />
mind share, and platform coverage<br />
• The SIEM space is now over ten years old and through acquisitions, solutions are transitioning from mainly independent,<br />
SIEM-focused technology vendors to larger vendors with broad portfolios of security and related technology solutions.<br />
• For this <strong>Vendor</strong> <strong>Landscape</strong>, Info-Tech focused on those vendors that offer broad capabilities across multiple platforms<br />
and that have a strong market presence and/or reputational presence among small to mid-sized enterprises.<br />
Included in this <strong>Vendor</strong> <strong>Landscape</strong>:<br />
• ArcSight (HP). The market leader with enterprise-focused Enterprise Systems <strong>Management</strong> (ESM), ArcSight continues<br />
its push into SME SIEM with its Express system.<br />
• LogLogic. An independent SIEM and log management provider with a modular platform that offers flexibility to<br />
enterprises of all sizes.<br />
• LogRhythm. An independent player with a strong platform that allows for granular management of log data,<br />
LogRhythm offers a SIEM solution that can do even more.<br />
• Nitro<strong>Security</strong> (McAfee). Recently acquired by McAfee, Nitro <strong>Security</strong> has added its highly capable SIEM solution to<br />
McAfee’s broad portfolio.<br />
• Q1 Labs (IBM). Formerly the largest independent player in the SIEM space, Q1 Labs QRadar anchors a capable suite<br />
of SIEM tools, now under the IBM umbrella.<br />
• RSA (EMC). RSA’s fusion of NetWitness and enVision solutions provides a fully integrated platform that offers a<br />
traditional SIEM system complete with a focus on identifying advanced threats.<br />
• Sensage. One of the smaller vendors in this evaluation and still primarily focused on the large enterprise and highlyregulated<br />
verticals.<br />
• SolarWinds (formerly TriGeo SIM). SolarWinds has a strong handle on compliance and is looking to become more<br />
focused on security over the coming year.<br />
• Symantec. The world’s largest security vendor markets a flexible platform to clients of all sizes, enriching raw log data<br />
with geolocation and reputation-based information.<br />
• Trustwave. Trustwave entered the SIEM market as they have done in other spaces: through acquisition. Trustwave<br />
features a wide range of managed services.<br />
Info-Tech Research Group<br />
15