Last week, Info-Tech Research Group released their 2015 SIEM Vendor Landscape Report. The report evaluated ten SIEM vendors on overall product attributes, capabilities and market performance, as well as ranked them on their ability to address specific use case scenarios. This report is a valuable device in helping IT and security managers:
- Identify which SIEM solution is best for their organization
- Evaluate vendor tools through a Vendor Shortlist Tool
- Assess vendors in various use case scenarios
- Complete the selection process
- Create an implementation plan
The report discusses the origin of SIEMs and the evolution of the market. Info-Tech Research Group notes, “As the market evolves, capabilities that were once cutting edge become default and new functionality becomes differentiating. Basic forensic analysis capabilities have become a Table Stakes capability and should no longer be used to differentiate solutions. Instead focus on advanced detection methods and usability to get the best fit for your requirements.”
So what are the table stakes? Info-Tech Research Group defines them in the below graphic. Note that the table stakes represent the minimum standard for product evaluation.
Info-Tech Research Group also outlines advanced features that allow for product differentiation in the report. These included:
- Threat Intelligence Feed
- Incident Management and Remediation
- Full Security Threat Visibility
- Scalability and Network Performance
Info-Tech Research Group scored vendors on both Product Evaluation Features and Vendor Evaluation Features (as seen below).
Info-Tech Research Group also introduced their ValueScore™ analysis. They define ValueScore as so: “Each use-case scenario also includes a Value Index that identifies the Value Score for a vendor relative to their price point. This additional framework is meant to help price-conscious enterprises identify vendors who provide the best “bang for the buck.”
Use Case Scenarios
In their report, Info-Tech Research Group provided five use cases in which to evaluate vendors. These were chosen based on market research and client demand. They included:
- Threat Management
- Compliance Management
- Management of Security Events
- SIEM Small Deployments
- Risk Management
In this evaluation, LogRhythm received the rating of “Champion” in four of five SIEM use cases and “Best Overall Value” in all five SIEM use cases. According to Info-Tech Research Group, “LogRhythm offers the most feature-rich product with the ability to adapt to trends.”
About the Report
Info-Tech Research Group Vendor Landscape reports recognize outstanding vendors in the technology marketplace.
Info-Tech Research Group’s SIEM Vendor Landscape Report is one of the most comprehensive assessments of SIEM offerings available in the market. Having LogRhythm’s security intelligence and analytics platform being recognized by an independent analyst firm is great validation of our vision and execution. It highlights our ongoing commitment to innovation to help our customers continuously improve their ability to detect, respond to and neutralize cyber threats before they cause damage.