Published: 22 November 2022
SIEM solutions are a security system of record with threat detection, investigation and response capabilities, often demanded as SaaS or cloud-native. Security and risk management leaders who require SIEM solutions should evaluate critical capabilities in their selection processes.
Included in Full Research
Gartner clients often prefer software-as-a-service security information and event management deployments. With many outsourcing large portions of their IT functions to single vendors as SaaS, they require complementary and tightly integrated solutions for cloud-first businesses.
SIEM functionality is diverging from having a role central to security operations centers, with many realizing they need a wider set of integrated threat detection, investigation and response capabilities that stretch beyond traditional, log-driven solutions.
Many SIEM solutions are simplifying their operational capabilities and focusing on more immature buyers, with more out-of-the box-content, automation and wizards to assist with the set-up of log ingestion. This
To view the entire document, log
in or purchase
Strategic Planning Assumptions
- Micro Focus
- Sumo Logic
- Architecture and Deployment
- Data Collection
- Add-On Components
- User Interface
- Out-of-the-Box SIEM
- Customizable SIEM
- Threat Detection, Investigation and Response
Gartner Recommended Reading
Critical Capabilities Methodology