Analysis of the SIEM and Log Management Market

  • November 2013
  • -
  • Frost & Sullivan
  • -
  • 73 pages

Continuous Security Intelligence

Security information event management (SIEM) and log management products are gaining a strong following as enterprise organizations look for techniques to defend against advanced threats and persistent hackers. As cyber attacks become more sophisticated, organizations are implementing security products, such as SIEM, to protect their virtual and physical assets. Large organizations leverage SIEM to gain the continuous security intelligence needed to protect against threats that inevitably defeat antivirus , intrusion detection systems (IDS), network behavior analysis devices, and firewall defenses.

Executive Summary

• Frost & Sullivan estimates the global Security Information and Event Management (SIEM) and Log Management (LM) market at $Xbillion for 2012. The SIEM/LM market is estimated to grow at an X% CAGR through 2017 and reach $X billion.
• Frost & Sullivan considers Security Information and Event Management/Log Management (SIEM/LM) to be a mature market with little competitive movement among the top revenue-producing companies. SIEM/LM is very much a displacement market (i.e., one vendor’s product replacing another) and it is also common to see an incumbent SIEM positioned as a data feed to a competing vendor.
• The primary driver at the high end of the market is continuous security intelligence to protect against threats that inevitably defeat antivirus (AV), intrusion detection & intrusion prevention system (IDS/IPS), network behavior analysis devices (NBAD), and firewall (FW) defenses.
• The primary driver at the low end of the market is compliance with regulatory mandates at lower price points. In this market segment, vendors follow a cloud-delivery model to capture new SIEM/LM businesses where there is no incumbent to displace. Incremental features will be added over time to appeal to more than first-entry SIEM/LM customers.
• Unlike other security sectors, the federal government represents the leading vertical for many vendors, a trend that will continue through 2017 with increasing cybersecurity budgets, though there is always the risk of government budget cuts.

CEO’s Perspective

1. SIEM based intelligence becomes focal point of continuous security intelligence
2. Log Management critical for complying with regulatory mandates
3. Federal government remains the leading vertical for many
4. Privacy issues inhibit multi-national SIEM/LM deployments in EMEA
5. Cloud vendors find traction extending the low end of the market

Market Overview—Definitions

• Log Management (LM) - The collection, administration, and archiving of cyber-information—tackles the Big Data problem. Frost & Sullivan considers LM to provide the foundation for continuous compliance and SIEM analysis. Types of information collected include:
oSecurity events from sources such as firewalls, intrusion detection & intrusion prevention systems, and host-based antivirus are collected in centralized systems by LM.
oNetwork flows provide information on communications within the network—essential for tracing an attack.
oApplication logs, from Web servers, application servers, and database servers, for example, provide operations information.
oManagement feeds including Syslog and Simple Network Management Protocol (SNMP) provide standardized mechanisms for delivering information to Log Management.
oCustom-developed connectors for translating proprietary protocols and delivering custom information to LM are developed and deployed when necessary.

• Security Information and Event Management (SIEM) – The continuous correlation, analysis, and reporting of security and operational information—tackles the Security Intelligence problem. Frost & Sullivan considers SIEM to be essential in translating the information stored within LM into actionable intelligence.
• For many vendors, SIEM includes LM features.
• SIEM will drive the inclusion of more information into LM, including:
oThreat feeds with profiles of newly discovered cyber-attacks. Security teams use threat feeds to measure the risk of new attacks to their businesses and to take preventive actions before security signature updates are created.
oVulnerability scans, targeted at specific resources on demand by SIEM, allow IT to embark on continuous compliance and monitoring programs.
oBusiness intelligence and analytic systems allow IT operations to associate security actions with business priorities.

Key Questions This Study Will Answer

How can I tell earlier if my network is being victimized by a cyber-attack?
How can I better drive the costs out of complying with government and industry security regulations?
What are the major opportunities in the SIEM/LM security segment?
Who are the leading SIEM/LM vendors? Who are the upstarts to keep an eye on?
What are the financial profiles of the SIEM/LM market? Is the market growing or contracting?
What are the major trends being established by the SIM/LM market leaders?

Table Of Contents

Table of Contents

1. Executive Summary
2. Market Overview
3. Total SIEM/LM Market
• External Challenges: Drivers and Restraints
• Forecast and Trends
• Market Share and Competitive Analysis
4. Leading SIEM/LM Vendor Profiles
5. Mega Trends and Industry Convergence Implications
6. The Last Word
7. Appendix

View This Report »

Find all the market research you need - instantly, in one place.

+1.2 Million Research Documents & Statistics +200,000 Trusted Public Sources 350 Industries With Global Coverage

24/7 Customer Support

Talk to Louis

+1 718 618 4302

Purchase Reports From Reputable Market Research Publishers

Global Identity Access Management market 2014 - 2018 [Global Identity and Access Management Market , by Region market, by deployments, End Users verticals , by Components, Authorization), Key player offerings, Drivers, Inhibitors and forecasts to 2018

Global Identity Access Management market 2014 - 2018 [Global Identity and Access Management Market , by Region market, by deployments, End Users verticals , by Components, Authorization), Key player offerings, Drivers, Inhibitors and forecasts to 2018

  • $ 5 200
  • Industry report
  • May 2014
  • by ResearchFox Consulting

Global Identity Access Management market 2014 - 2018 [Global Identity and Access Management (IAM) Market , by Region market, by deployments(On premises , Cloud, Hybrid), End Users verticals , by Compo ...

Global Cyber Security Industry

Global Cyber Security Industry

  • $ 4 950
  • Industry report
  • June 2014
  • by Global Industry Analysts

This report analyzes the worldwide markets for Cyber Security in US$ Million by the following Product Segments: Application Security, Content Security, Endpoint Security, Network Security, Services, and ...

The Global Cybersecurity Market 2014-2024

The Global Cybersecurity Market 2014-2024

  • $ 4 800
  • Industry report
  • September 2014
  • by Strategic Defence Intelligence (SDI)

Summary The Global Cybersecurity Market 2014-2024 report, published by Strategic Defence Intelligence, provides readers with a detailed analysis of both historic and forecast global industry values, factors ...


ReportLinker is an award-winning market research solution that finds, filters and organizes the latest industry data so you get all the market research you need - quickly, in one place.