Cambridge-Ma based analyst house Forrester Research has released the latest iteration of its flagship Wave report for Security Analytics solutions.
In their 36-criteria evaluation of Security Analytics providers, Forrester researchers Joseph Blankenship, Stephanie Balaouras, Bill Barringham, and Peter Harrison identified the 11 solutions providers that they consider most significant in the category — BAE Systems, E8 Security, Fortinet, Hewlett Packard Enterprise (HPE), Huntsman Security, IBM, Intel Security, LogRhythm, RSA, Securonix, and Splunk— then researched, analyzed, and scored them.
The Wave report details their findings and examines how each vendor meets (or falls short of) Forrester’s evaluation criteria and where vendors stand in relation to each other.
In order to help security and risk (S&R) professionals select the right partner for their Security Analytics needs, The Forrester Wave Report also outlines the current state of the market and separates the top providers into Leaders, Strong performers, and Contenders.
Forrester’s Wave Reports also include a grid chart with ratings on vendor’s current offerings, strategy, and market presence.
Below are our key takeaways from the report.
What? SIM Is Evolving (Into Security Analytics)!
Old-fashioned, rules-based Security Information Management (SIM) has had a good run. It’s been around since the mid-nineties and became a mainstay in the enterprise security toolkit as companies sought to keep up with mandates like PCI DSS by using SIM as a compliance tool. But now, with a surge of cyberthreats and an explosion in competing cybersecurity tools, legacy SIM must evolve to keep up, says Forrester. In this new threat landscape, vendors are adding security analytics features to existing solutions, and newer vendors are building SA solutions that leverage newer technologies without the baggage of legacy solutions.
Forrester’s research has shown that 74% of global enterprise security technology decision makers rate improving security monitoring as a high or critical priority, while 64% of global network security decision makers at enterprises have already implemented or are expanding their implementation of SIM and SA. An additional 17% of decision makers say they are planning to implement a SA solutions within the next year, says Forrester.
Four Vendors Lead The Way
Forrester’s research found a stratified market in which IBM, Splunk, LogRhythm, and RSA are Leaders, HPE, Securonix, E8 Security, Fortinet, and Intel Security, offer competitive options, while BAE Systems and Hunstman security offer developing solutions.
Forrester praised IBM’s QRadar Security products for its strong cognitive security capabilities and for introducing security automation following its acquisition of incident response vendor Resilient Systems. Likewise, LogRhythm, the largest “pure-play” SIM vendor on the market, was lauded for its feature-rich platform that “includes traditional SIM capabilities along with SUBA, file integrity monitoring (FIM), SAO, endpoint monitoring, and NAV functionality.” On the other hand, vendors on the opposite spectrum of the ‘Wave’ were criticized for shortcomings in their security monitoring capabilities and limited market reach.
Latest posts by Jeff Edwards (see all)
- Five Questions You Need To Ask Yourself When Evaluating SIEM Solutions - November 8, 2017
- Winning the Data Breach War with User and Entity Behavioral Analytics - November 3, 2017
- 5 Alternatives to The Gartner Magic Quadrant for SIEM - October 31, 2017