Vendor Landscape Plus: Security Information & Event Management

  • ID: 1870378
  • July 2011
  • Info-Tech Research Group
1 of 4

Simplify compliance and IT risk management with Security Information & Event Management tools.

Your Challenge

- Enterprises are deploying an ever increasing volume of dedicated security tools, and as a result are drowning in log and alert data to the point where the tools inhibit their own value. Additionally, regulatory and industry compliance initiatives are springing up frequently, each with additional and differential monitoring and reporting requirements.

- Implementing Security Information & Event Management (SIEM) allows enterprises to address both of these issues by consolidating, aggregating, correlating, and reporting on security events. Acting on correlated data is quick and efficient, and the reporting indicates just what measures the enterprise is taking to be compliant.

- Getting the strategy, architecture, and product selection right means enhanced enterprise security at a manageable cost; making the wrong choice could mean higher cost, lower security, or both.

Our Advice

Critical Insight

- At ten years old, the SIEM market is still in its infancy and product sets continue to be rationalized. However, market consolidation READ MORE >

Note: Product cover images may vary from those shown
2 of 4

- Vendor Landscape Plus Storyboard: Security Information & Event Management (powerpoint)

- Security Information & Event Management Vendor Shortlist Tool (excel)

- Security Information & Event Management RFP Template (word)

- Security Information & Event Management RFP Scoring Tool (excel)

- Security Information & Event Management Vendor Demo Script 9 (word)

Note: Product cover images may vary from those shown
3 of 4

What you receive:

*Vendor Landscape Plus Storyboard: Security Information & Event Management (powerpoint)

Symantec’s Security Information Manager achieved the top spot in the evaluation of Security Information & Event Management (SIEM) products, but competitors offer compelling alternatives, especially where business requirements and/or existing IT security solutions dictate a different priority on specific product features.

Use this research to:

- Understand current capabilities of SIEM vendors and evaluate offerings for best fit.

- Use scenario analysis and case studies to shortlist vendors.

- Assess implementation recommendations and pitfalls.

Focus first on business requirements so that current and future SIEM objectives can be achieved through the vendor and product chosen – whether the objective is simplifying compliance reporting, making security event management more efficient, or improving IT risk management. Consider managed security service providers (MSSPs) as a means to cost-effectively implement real-time monitoring of security events.

*Security Information & Event Management Vendor Shortlist Tool (excel)

This tool allows enterprises to profile their Security Information & Event Management (SIEM) requirements and generate a rank-ordered vendor shortlist from a fixed list of vendors. Vendor profiles are based on Info-Tech’s recent in-depth review of the SIEM market. The tool includes the following specific aspects of analysis:

- Variable prioritization for product suitability on the following factors:

- Advanced features including enhanced capabilities for event correlation, aggregation and normalization, alerting, reporting, forensic analysis, and data management.

- Product usability.

- Product architecture.

- Relative cost.

- Variable prioritization for vendor suitability on the following factors:

- Vendor viability.

- Vendor focus on SIEM and on the SME market.

- Breadth of the vendor support organization.

- Size and strength of the channel.

- Weightings to adjust the contribution of various suitability factors to overall vendor ranking.

- A self-sorted ranking list of SIEM vendors. The ranking is based on user input.

Narrow the vendors to a shortlist of solutions that best satisfy your organization’s requirements before sending out RFPs and scheduling vendor demonstrations.

*Security Information & Event Management RFP Template (word)

A Request for Proposal (RFP) is a formal invitation issued by a business or agency requesting interested vendors to submit written proposals meeting a particular set of requirements. This RFP template comes populated with crucial selection considerations, including:

- The Statement of Work

- Proposal Preparation Instructions

- Scope of Work, Technical Specifications, and Functional Requirements

- Vendor Qualifications & References

- Budget & Estimated Pricing

- Vendor Certification

A detailed RFP saves time in the selection process and ensures that you select a best-fit solution for the organization.

*Security Information & Event Management RFP Scoring Tool (excel)

This tool assists in the evaluation of completed Security Information & Event Management (SIEM) vendor RFP forms. It is pre-built with the essential criteria that must be considered. Use this tool to:

- Determine the importance of each solution capability to meeting your organization’s business requirements.

- Score and compare potential SIEM RFP vendor responses.

- Review overall vendor rankings and cost estimates.

Put hard numbers behind vendor claims, and keep evaluations objective by scoring RFP responses.

*Security Information & Event Management Vendor Demo Script 9 (word)

This template is designed to provide Security Information & Event Management (SIEM) vendors with a consistent set of instructions, ensuring an objective comparison of product features – all while evaluating ease-of-use, and ease of setup and configuration.

The template is pre-built with four common scenarios to leverage:

- Log source configurations: basic, enriched, and custom.

- Event correlation, alerting, log analysis, and incident management: standard, threshold-based, and custom.

- Reporting features: standard and advanced.

- Dashboard and access control features: granular access control and customized displays.

Vendor demonstrations are essential in order to evaluate SIEM user experiences. Allowing vendors to run the demonstration without your guidance will only highlight their strengths.

Note: Product cover images may vary from those shown
4 of 4
Note: Product cover images may vary from those shown





Our Clients

  • Visonic Group
  • Symantec Corporation
  • Raytheon Company
  • EMC Corporation
  • Nagra Kudelski Group
  • Cisco Systems, Inc.