Table of Contents
All Information Becomes Actionable
Security information event management (SIEM) and log management (LM) products have been used traditionally by organizations for compliance reporting and auditing. SIEM/LM are integral to advanced persistent threat defense (APT) as statistical baselines can be established to monitor enterprise networks for anomalous behavior. SIEM can be the last chance to find a malicious binary before a cyber-attack detonates. In this report, the SIEM/LM market is reviewed for revenues by region, by vertical market, by product type, and by market-size. Market shares for overall market, enterprise accounts, and SMB are provided. The strategies of top SIEM/LM vendors are discussed and evolving trends within SIEM/LM are presented.
- Frost & Sullivan estimates security information and event management (SIEM) and log management (LM) vendors sold $ billion of SIEM/LM appliances and related services for the basis year of the study 2014. This represented an improvement of % more than 2013.
- Note: In the report the term SIEM/LM will be used the majority of the time as the appliance is usually sold as a combination of products and functions. When the term SIEM is used without LM, this is in reference to the single module or console that houses the analytics or physical archive. SIEM is also is also used to refer to the logistical functions of the technology.
- The traditional use cases for SIEM/LM in compliance, storage, and forensic investigations remain important (and in some industries indispensable).
- The traditional SIEM/LM use cases can be argued to be passive in nature. The new approach to SIEM/LM is to use SIEM/LM as a part of an active cyber defense plan.
- The following is how SIEM is used to enhance an active cyber-defense posture:
o Bidirectional communication between SIEM and other cyber security platforms (e.g., firewalls and vulnerability management (VM)) enhances the efficacy of each platform.
o Incident mean-time-to-detect and mean-time-to-respond can be greatly reduced if analytics are applied in the SIEM.
o Analytics are applied to detect anomalous behavior from end users.
o Rules violations can be used as a way to create alarms or fed into a ticketing system.
o Analytics can be applied to SIEM for redundancy. For example if a patch is applied, subsequent polling of the SIEM will determine if the patch got through to the endpoint.
- In the report, Frost & Sullivan classifies five different product types: physical appliance, virtual appliance, software, managed service, and software-as-a-service (SaaS).
- In the years 2014–2019, the physical appliance form factor will have the largest product group in terms of revenue. In 2019, SIEM/LM is projected to have revenues of $ million. However, the physical appliance will have the slowest moving CAGR at % during the same forecast period.
- Frost & Sullivan expects SaaS to be the fastest rising product group in terms of CAGR with %.
- North America is the region that accounts for most SIEM/LM sales accounting for % of all global SIEM/LM revenues in 2014. In 2019, Frost & Sullivan expects that share to drop to % of revenue.
- In 2014, Frost & Sullivan estimates nearly unique SIEM/LM customer contracts. By 2019, Frost & Sullivan estimates there will be slightly more than companies using SIEM/LM
products. SIEM/LM deployments are nearly universal with companies that have more than endpoints. Most of the growth has to come from midsized markets.
- In 2014, the average annual contract price (ACP) for SIEM/LM products to a company was nearly $ . In 2019, the ACP will be slightly more than $ . The comparative lack of growth in SIEM/LM average ACP is the result of an increase in smaller companies using SIEM/LM products, and persistently strong competition in the enterprise segment.
Get Industry Insights. Simply.
Talk to Ahmad
+1 718 618 4302
This IDC Vendor Profile is one in a series of IDC studies that examine automated software quality solutions and provides both vendor analysis and customer reference context for technology adoption. This ...
Global Exploration and Production Software Market: Overview The report provides analysis of the Exploration & Production (E&P) Software market for the period 2014–2024, wherein the years from 2016 to ...
WLAN hardware to play a significant role in augmenting the growth prospects in the enterprise WLAN market This study has been done on a global level covering five regions broadly, North America, Europe, ...