Vendor Landscape: Security Information & Event Management

More documents

Recommendations

Info

Introduction Understand your organization’s requirements for Security Information & Event Management (SIEM) to ensure product selection achieves key goals. This Research Is Designed For: Organizations seeking a SIEM solution. Their SIEM use case may include: • IT leaders considering SIEM technology to reduce the cost of meeting ever-increasing compliance requirements. • IT leaders looking to enhance the effectiveness of existing IT security operations. • Organizations seeking to improve risk management processes. This Research Will Help You: Understand the capabilities of SIEM technologies, and their potential use cases. Differentiate between vendor offerings and identify what aligns with your organization’s requirements. Shortlist vendors, prepare a Request for Proposal (RFP), and score RFP responses to select a SIEM solution. Develop an implementation strategy and maximize your investment in SIEM. Info-Tech Research Group 2
Executive Summary Understand SIEM Trends and Considerations • Security Information & Event Management (alternatively known as Security Incident & Event Management) technologies have evolved from point solutions into comprehensive systems that allow organizations to optimize any or all of the following important security-related functions: ◦ Collection and management of critical system and network log data. ◦ Execution of processes in support of regulatory and policy compliance obligations. ◦ Identification of information security threats and responses to them. ◦ Continuous information security risk management processes. • Understand your organization’s needs, potential costs, and readiness to undertake a SIEM deployment before taking the leap. Evaluate SIEM Vendors • Vendor offerings target these security functions in substantially different ways based on their SIEM product origins, integration with their broader security offerings, architectural deployment options, and specific market focus. • Map your organization’s immediate and future requirements for SIEM against vendor and product capabilities, and leverage the tools and templates included in this solution set to accelerate selection of a SIEM technology. Develop a SIEM Implementation Strategy • Understand options for managed versus self-staffed SIEM implementations and their pros and cons. • Design a deployment architecture and capture additional implementation and operational costs and benefits, based on addressing your organization’s specific security and compliance requirements. • Develop a plan for a phased implementation of the selected SIEM product and architecture, ensuring that you realize both short and long-term objectives and benefits. Info-Tech Research Group 3
Page 1: Vendor Landscape: Security Informat
Page 5 and 6: Understand SIEM Trends and Consider
Page 7 and 8: Like every tool, SIEM has limitatio
Page 9 and 10: Determine how and where SIEM will h
Page 11 and 12: Be clear about the impact of SIEM-e
Page 13 and 14: Evaluate SIEM Vendors What’s in t
Page 15 and 16: SIEM Vendor selection / knock-out c
Page 17 and 18: The Info-Tech SIEM Vendor Landscape
Page 19 and 20: The Info-Tech SIEM Value Index What
Page 21 and 22: Advanced Features are the capabilit
Page 23 and 24: LogRhythm’s comprehensive SIEM fe
Page 25 and 26: Sensage is a small company that eas
Page 27 and 28: Q1 Labs QRadar: a quality product l
Page 29 and 30: LogLogic provides a strong solution
Page 31 and 32: NitroSecurity continues to bring a
Page 33 and 34: SolarWinds is a newer face in the m
Page 35 and 36: RSA has a solid solution, but also
Page 37 and 38: Symantec offers vendor stability an
Page 39 and 40: ArcSight offers both enterprise- an
Page 41 and 42: Trustwave’s strength is in their
Page 43 and 44: Streamline monitoring, alerting, an
Page 45 and 46: Ensure the reduction of enterprise
Page 47 and 48: Issue an RFP to ensure SIEM vendors
Page 49 and 50: Take charge of vendor demonstration
Page 51 and 52: Getting to a SIEM implementation st
Page 53 and 54:
Identify constraints for your SIEM
Page 55 and 56:
Account for implementation resource
Page 57 and 58:
Determine how you intend to staff S
Page 59 and 60:
Start modestly, but keep the final
Page 61 and 62:
Vendor Landscape Methodology: Overv
Page 63 and 64:
Vendor Landscape Methodology: Scori
Page 65 and 66:
Vendor Landscape Methodology: Infor
Page 67 and 68:
Page 69 and 70:
Page 71 and 72:
Vendor Landscape Methodology: Fact
Page 73 and 74:
Product Pricing Scenario, continued
Page 75 and 76:
Country Info-Tech Research Group 75
Page 77 and 78:
FTEs Info-Tech Research Group 77
show all

Vendor Landscape: Security Information & Event Management

Create successful ePaper yourself

Delete template?

Save as template?