ENTERPRISE SECURITY INFORMATION MANAGEMENT 5 IMPLICATIONS



Similar documents
Critical Watch aims to reduce countermeasure deployment pain by doing it all for you

THE CHANGING LINUX LANDSCAPE. The cloud, community distributions and devops are dramatically impacting the market

DATACENTER INFRASTRUCTURE MANAGEMENT SOFTWARE. Monitoring, Managing and Optimizing the Datacenter

E-DISCOVERY AND E-DISCLOSURE 5 IMPLICATIONS

Tom Reilly President & CEO, ArcSight

TOTAL DATA WAREHOUSING:

THE CYBER-SECURITY PLAYBOOK

GETTING MORE FOR LESS AS LOG MANAGEMENT AND SIEM CONVERGE

CIO Update: Gartner s IT Security Management Magic Quadrant Lacks a Leader

CLOUD CLIENTS AND VIRTUAL CLIENTS

What is SIEM? Security Information and Event Management. Comes in a software format or as an appliance.

Achieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR

Magic Quadrant for Security Information and Event Management

With Cloud Defender, Alert Logic combines products to deliver outcome-based security

Magic Quadrant for Security Information and Event Management

Vendor Landscape: Security Information & Event Management (SIEM)

Brochure More information from

How To Buy Nitro Security

Magic Quadrant for Security Information and Event Management

TOTAL DATA INTEGRATION

Magic Quadrant for Security Information and Event

KEYW uses acquired Sensage technology to form Hexis Cyber Solutions

Magic Quadrant for Security Information and Event Management

7 things to ask when upgrading your ERP solution

MOBILE APP LIFECYCLE

You Rely On Software To Run Your Business Learn Why Your Software Should Rely on Software Analytics

Chartis RiskTech Quadrant for Model Risk Management Systems 2014

Magic Quadrant for Security Information and Event Management

Smart Ingest Solution for Telecommunications

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

Magic Quadrant for Security Information and Event Management

Ability to Execute. 1 von :55. What You Need to Know

Magic Quadrant for Security Information and Event Management

2016 Trends in Datacenter Technologies

Hybrid Cloud Adoption Gains Momentum

Data virtualization: Delivering on-demand access to information throughout the enterprise

VMware vcenter Log Insight Delivers Immediate Value to IT Operations. The Value of VMware vcenter Log Insight : The Customer Perspective

LogRhythm and NERC CIP Compliance

OF THE CLOUD, FOR THE CLOUD

EMC s Enterprise Hadoop Solution. By Julie Lockner, Senior Analyst, and Terri McClure, Senior Analyst

Why Implement a Two-Tier ERP Strategy

The Evolution of Manufacturing Software Platforms: Past, Present, and Future

whitepaper critical software characteristics

M A R K E T A N A L Y S I S

How to leverage SAP HANA for fast ROI and business advantage 5 STEPS. to success. with SAP HANA. Unleashing the value of HANA

QRadar SIEM and Zscaler Nanolog Streaming Service

MANAGED INFRASTRUCTURE MARKET OVERVIEW 2013

Tech Brief. Choosing the Right Log Management Product. By Michael Pastore

2016 Trends in Storage

AppDynamics is making strides with its Mobile Real-User Monitoring offering

BMC Remedy IT Service Management Suite

MarketsandMarkets. Publisher Sample

Advanced Analytics for Financial Institutions

How To Improve Your Business

Log Analytics: Critical for Effective IT Operations

The Rising Cost of Customer Service:

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst

Deep Dive on SimpliVity s OmniStack A Technical Whitepaper

CARRIER-NEUTRAL COLOCATION 2009 DATACENTER REPORT BY JASON SCHAFER APRIL TIER1 RESEARCH & THE 451 GROUP DATACENTER

The higher education user type market is expected to be the highest revenue generating component.

ANALYTICS PAYS BACK $13.01 FOR EVERY DOLLAR SPENT

Optimizing your IT infrastructure IBM Corporation

How To Monitor A Global Unified Communications Network

CLOUDSCAPE. IT SERVICES Tooling up for ITaaS KEY FINDINGS

How To Protect A Smart Grid From Cyber Security Threats

Improving Business Service Uptime. Proactive network performance management solutions ensure optimal business service for the Dynamic Enterprise

Why Big Data in the Cloud?

SIEM 2.0: AN IANS INTERACTIVE PHONE CONFERENCE INTEGRATING FIVE KEY REQUIREMENTS MISSING IN 1ST GEN SOLUTIONS SUMMARY OF FINDINGS

BACKUP IN A VIRTUAL WORLD. Data-Protection Challenges in Virtual Server Environments

"Increasing demand for intelligent cities and IoT devices is expected to drive the Internet of Things (IoT) in smart cities market"

Smart City Live! 9-10 May 2016, Nice

Splunk expands operational intelligence to mobile apps with MINT

IBM PureFlex System. The infrastructure system with integrated expertise

August Investigating an Insider Threat. A Sensage TechNote highlighting the essential workflow involved in a potential insider breach

Securely Yours LLC Top Security Topics for Sajay Rai, CPA, CISSP, CISM

Service Performance Management: Pragmatic Approach by Jim Lochran

Managed Security Service Providers vs. SIEM Product Solutions

Exchange Storage Meeting Requirements with Dot Hill

MarketsandMarkets. Publisher Sample

Data Platforms and Analytics Market Map 2016

Bringing Enterprise-class Network Performance and Security Management Together using NetFlow

Security Information Management (SIM)

Securing your IT infrastructure with SOC/NOC collaboration

CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security

EMA Radar for Application Performance Management (APM) for Cloud Services: Q1 2012

Driving Business Value. A closer look at ERP consolidations and upgrades

Telco Multi-Play and Content Strategies

Why Cloud BI? of Software-as-a-Service Business Intelligence. Executive Summary. This white paper explores the 10 substantial

The Data Management of Things

Syslog Analyzer ABOUT US. Member of the TeleManagement Forum

Five Reasons to Take Your Virtualization Environment to a New Level

Choosing an System for the Mid- Sized Business: A Comparison

locuz.com Big Data Services

WHITE PAPER OCTOBER Unified Monitoring. A Business Perspective

WebSphere Business Integration for Telecommunications DSL focused demo targeted at IT managers (Part 1)

Next Generation Business Performance Management Solution

Navigating the Road to Growth and Success

WHITE PAPER Top 5 Questions to Consider During the ERP Research Process

Using the cloud to improve business resilience

Intrusion Detection and Intrusion Prevention. Ed Sale VP of Security Pivot Group, LLC

Transcription:

ENTERPRISE SECURITY INFORMATION MANAGEMENT Since 2007, a shift has occurred in the ESIM marketplace. Changes to the regulatory and security environment for enterprises resulted in higher spending, shorter sales cycles and more hype. As customers began to seek more value for their converged security-compliance dollar, log management eclipsed correlation as the primary feature or value driver for ESIM deployments. This has changed the competitive landscape. ESP ENTERPRISE Analyzing the Business of Enterprise IT Innovation SECURITY PRACTICE 4 FINDINGS ESIM s value is now less about correlation and more about log management. PAGE 8 Log management, once a complementary and separate product set, is now the prime driver of new ESIM sales. PAGE 8 Correlation is not dead: smart correlation is the key to a successful deployment. PAGE 9 Ease of deployment and management is nearly as important as the features of the ESIM product while customers are done devoting significant FTE resources to get these products to process logs, they are willing to spend on professional services or consulting to make deployment less painful. PAGE 11 5 IMPLICATIONS ESIM vendors previously able to get by with relational database back-ends must update their storage and retrieval systems and schema to provide proper log management functionality. PAGE 2 Vendors unable to so invest will die; their correlation assets are worth far less than they were two years ago. PAGE 2 We have seen the winnowing of the field begin through bankruptcy, asset sales and mergers. More will follow. PAGE 13 Log management vendors must upgrade their correlation capabilities. PAGE 9 Enterprise-class, scalable log management and correlation that is easy to deploy and maintain is the new marching anthem. PAGE 8 1 BOTTOM LINE Customers bemoan the din of alerts, alarms, FYIs and other tips that promiscuous ESIM correlation brought. Similar to the intrusion-detection failure, security operations centers were overwhelmed with information spew from the system designed to reduce information spew. The new strategy: alert selectively, then dive into the log pile. Once the increased scope and reduced set of event sources is matched with smart correlation rules, the strategy comprises smart alerts followed by a deep dive into the log corpus with an array of tools. JUNE 2009 2009 THE 451 GROUP ENTERPRISE SECURITY PRACTICE

REPORT SNAPSHOT TITLE ESP: Enterprise Security Information Management ANALYST RELEASE DATE June 2009 LENGTH Nick Selby, Research Director, Enterprise Security Practice 33 pages ABOUT THIS REPORT Since our last report in 2007 on the enterprise security information management (ESIM) industry, a decisive shift has occurred in the marketplace. Where real-time correlation was the primary value proposition for many vendors and their customers, the difficulty in achieving the panacea promised by correlation was in feeding data that provided relevant business context into the system - we know what they say about garbage in. A string of changes to the regulatory and security environment for enterprises resulted in higher spending, shorter sales cycles and more hype. As customers began to seek more value for their converged security-compliance dollar, log management eclipsed correlation as the primary feature or value driver for ESIM deployments. This has changed the competitive landscape, caused leading players to introduce new product features, and contributed to bankruptcies, asset sales, mergers and acquisitions. 2009 BY THE 451 GROUP. ALL RIGHTS RESERVED 1

TABLE OF CONTENTS EXECUTIVE SUMMARY 1 1.1 INTRODUCTION....................... 1 1.2 KEY FINDINGS....................... 3 1.3 METHODOLOGY....................... 4 1.4 451 ENTERPRISE SECURITY PRACTICE............... 6 ANALYSTS........................... 7 ASSOCIATES.......................... 7 CUSTOMERS LOOK TO SMARTER CORRELATION 8 2.1 ORGANIZATIONAL CONTEXT.................. 10 2.2 INTO THE REAL WORLD.................... 10 2.3 EXCEPTIONS TO THE RULE................... 12 2.4 FORENSICS TOOLS...................... 12 WHITHER CONSOLIDATION? 13 3.1 CHANGING DYNAMICS AND OPPORTUNITIES............ 14 3.2 SPOOK CITY....................... 15 3.3 GOVERNANCE, RISK AND COMPLIANCE.............. 16 COMPANY PROFILES 17 4.1 ARCSIGHT......................... 17 4.2 ALERT LOGIC........................ 18 4.3 CISCO SYSTEMS....................... 19 4.4 DECURITY......................... 20 4.5 EIQNETWORKS....................... 21 4.6 INTELLITACTICS....................... 22 4.7 LOGLOGIC/EXAPROTECT.................... 23 4.8 LOGRHYTHM........................ 24 4.9 NETFORENSICS....................... 25 4.10 NITROSECURITY....................... 26 2 THE 451 GROUP: ENTERPRISE SECURITY INFORMATION MANAGEMENT

4.11 NOVELL.......................... 27 4.12 Q1 LABS.......................... 28 4.13 SENSAGE......................... 29 4.14 TENABLE NETWORK SECURITY................. 30 4.15 SPLUNK INC........................ 31 4.16 TRIGEO NETWORK SECURITY.................. 32 4.17 VIGILANT......................... 33 TERMS OF USE 40 2009 BY THE 451 GROUP. ALL RIGHTS RESERVED 3

ABOUT THE 451 GROUP The 451 Group is a technology analyst company. We publish market analysis focused on innovation in enterprise IT, and support our clients through a range of syndicated research and advisory services. Clients of the company at vendor, investor, service-provider and end-user organizations rely on 451 insights to do business better. ABOUT TIER1 RESEARCH Tier1 Research covers consumer, enterprise and carrier IT services, particularly hosting, colocation, content delivery, Internet services, software-as-a-service and enterprise services. Tier1 s focus is on the movement of services to the Internet what they are, how they are delivered and where they are going. Please note that the following 451 report is copyright protected and is being provided to you on a limited, licensed basis. By viewing this document, you consent to and agree to abide by the terms of this license and the general Terms of Use (below) for users of services of The 451 Group. Only authorized, licensed users may access this and other content from The 451 Group. If you have any questions about this license or terms of use for your organization, please contact your account manager directly. Alternately, you can contact a general representative of The 451 Group directly via phone at 212-505-3030 or via mail at 20 West 37th Street, 6th Floor, New York, N.Y. 10018. Analyzing the Business of Enterprise IT Innovation 4 THE 451 GROUP: ENTERPRISE SECURITY INFORMATION MANAGEMENT

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information