Security Information & Event Management (SIEM) , Security Operations , Video

Forrester: Security Analytics Tools a Challenge to Manage

Forrester Analyst Allie Mellen Shares Evolution of SIEM, SOAR and UEBA, Market Gaps
Allie Mellen, analyst, Forrester

According to the Forrester Wave issued in December 2022, the top challenge security analytics vendors face when bringing SIEM, SOAR and UEBA together is making it easy for customers to manage and maintain the offering.

See Also: Splunk Named a 10-Time Leader in Gartner® Magic Quadrant™ for SIEM

Forrester analyst and lead author of the report, Allie Mellen, points out that "one of the things that was promised when customers moved from an on-premises SIEM and security analytics platform to one in the cloud was that there'd be fewer maintenance requirements. You wouldn't have to worry about managing the system."

While this is true to "some extent," she says, clients interviewed by Forrester indicated the need for "detection and response maintenance; maintenance of playbooks, of rules, of analytics; doing tuning; making sure that you're bringing the correct log sources in strategically - all of that work that's very operationally focused, not necessarily the exciting detection investigation response aspect."

Mellen advises security analytics customers to look for a vendor "that's looking to decrease that maintenance and make sure the product is reliable, consistent and builds better detections."

In this video interview with Information Security Media Group, Mellen discusses:

Mellen focuses on security and risk professionals at Forrester, covering all aspects of security infrastructure and operations. She covers the people, processes and tools of the SOC, including security analysts; security information and event management; security user behavior analytics; security analytics; security orchestration, automation and response; endpoint detection and response; extended detection and response; and SOC metrics. Her research focuses on where analytics, detection, automation and response are headed in the security industry.

About the Author

Anna Delaney

Anna Delaney

Director, ISMG Productions

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.