How and When to Use Co-managed SIEM


Archived Published: 13 August 2015 ID: G00289587

Analyst(s):

Purchase this Document

Price: $195.00 USD (PAGES: 7)

To purchase this document, you will need to register or sign in above.

Summary

Co-managed SIEM services allow organizations to maximize value from SIEM investments and enhance security event monitoring capabilities while retaining control and flexibility. This note will help organizations to identify and select a provider, and to avoid common implementation challenges.

Table of Contents

  • Introduction
  • Analysis
    • Start With SIEM Goals and Use Cases
    • Identify Gaps in Internal Capabilities
    • Perform Due Diligence to Identify and Select a Provider
      • Identify Potential Providers
      • Verify Capabilities of the Provider
    • Post-Vendor-Selection Activities
      • Spend the Necessary Time Upfront to Establish a Comprehensive Agreement
      • Develop or Update Applicable Processes and Activities
  • Gartner Recommended Reading
© 2015 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Why Gartner

Gartner delivers the technology-related insight you need to make the right decisions, every day.

Find out more

Call +1 855-515-4486 or contact us

to become a Gartner client.