Analysis of the SIEM and Log Management Market

Nov 18, 2013, 10:34 ET from Reportlinker

NEW YORK, Nov. 18, 2013 /PRNewswire/ -- announces that a new market research report is available in its catalogue:

Analysis of the SIEM and Log Management Market

Continuous Security Intelligence

Security information event management (SIEM) and log management products are gaining a strong following as enterprise organizations look for techniques to defend against advanced threats and persistent hackers. As cyber attacks become more sophisticated, organizations are implementing security products, such as SIEM, to protect their virtual and physical assets. Large organizations leverage SIEM to gain the continuous security intelligence needed to protect against threats that inevitably defeat antivirus , intrusion detection systems (IDS), network behavior analysis devices, and firewall defenses.

Executive Summary

• Frost & Sullivan estimates the global Security Information and Event Management (SIEM) and Log Management (LM) market at $Xbillion for 2012. The SIEM/LM market is estimated to grow at an X% CAGR through 2017 and reach $X billion.
• Frost & Sullivan considers Security Information and Event Management/Log Management (SIEM/LM) to be a mature market with little competitive movement among the top revenue-producing companies. SIEM/LM is very much a displacement market (i.e., one vendor's product replacing another) and it is also common to see an incumbent SIEM positioned as a data feed to a competing vendor.
• The primary driver at the high end of the market is continuous security intelligence to protect against threats that inevitably defeat antivirus (AV), intrusion detection & intrusion prevention system (IDS/IPS), network behavior analysis devices (NBAD), and firewall (FW) defenses.
• The primary driver at the low end of the market is compliance with regulatory mandates at lower price points. In this market segment, vendors follow a cloud-delivery model to capture new SIEM/LM businesses where there is no incumbent to displace. Incremental features will be added over time to appeal to more than first-entry SIEM/LM customers.
• Unlike other security sectors, the federal government represents the leading vertical for many vendors, a trend that will continue through 2017 with increasing cybersecurity budgets, though there is always the risk of government budget cuts.

CEO's Perspective

1. SIEM based intelligence becomes focal point of continuous security intelligence
2. Log Management critical for complying with regulatory mandates
3. Federal government remains the leading vertical for many
4. Privacy issues inhibit multi-national SIEM/LM deployments in EMEA
5. Cloud vendors find traction extending the low end of the market

Market Overview—Definitions

Log Management (LM) - The collection, administration, and archiving of cyber-information—tackles the Big Data problem. Frost & Sullivan considers LM to provide the foundation for continuous compliance and SIEM analysis. Types of information collected include:
oSecurity events from sources such as firewalls, intrusion detection & intrusion prevention systems, and host-based antivirus are collected in centralized systems by LM.
oNetwork flows provide information on communications within the network—essential for tracing an attack.
oApplication logs, from Web servers, application servers, and database servers, for example, provide operations information.
oManagement feeds including Syslog and Simple Network Management Protocol (SNMP) provide standardized mechanisms for delivering information to Log Management.
oCustom-developed connectors for translating proprietary protocols and delivering custom information to LM are developed and deployed when necessary.

Security Information and Event Management (SIEM) – The continuous correlation, analysis, and reporting of security and operational information—tackles the Security Intelligence problem. Frost & Sullivan considers SIEM to be essential in translating the information stored within LM into actionable intelligence.
• For many vendors, SIEM includes LM features.
• SIEM will drive the inclusion of more information into LM, including:
oThreat feeds with profiles of newly discovered cyber-attacks. Security teams use threat feeds to measure the risk of new attacks to their businesses and to take preventive actions before security signature updates are created.
oVulnerability scans, targeted at specific resources on demand by SIEM, allow IT to embark on continuous compliance and monitoring programs.
oBusiness intelligence and analytic systems allow IT operations to associate security actions with business priorities.

Key Questions This Study Will Answer

How can I tell earlier if my network is being victimized by a cyber-attack?
How can I better drive the costs out of complying with government and industry security regulations?
What are the major opportunities in the SIEM/LM security segment?
Who are the leading SIEM/LM vendors? Who are the upstarts to keep an eye on?
What are the financial profiles of the SIEM/LM market? Is the market growing or contracting?
What are the major trends being established by the SIM/LM market leaders?

Table of Contents

1. Executive Summary
2. Market Overview
3. Total SIEM/LM Market
• External Challenges: Drivers and Restraints
• Forecast and Trends
• Market Share and Competitive Analysis
4. Leading SIEM/LM Vendor Profiles
5. Mega Trends and Industry Convergence Implications
6. The Last Word
7. Appendix

To order this report: Analysis of the SIEM and Log Management Market

Contact Clare:
US: (339)-368-6001
Intl: +1 339-368-6001

SOURCE Reportlinker