skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Ovum view

Summary

Over the last year, Ovum has seen that customers and vendors appear to be signaling that the security incident and event management (SIEM) platform might be in its last years of life. Among many transactions, HPE spun off ArcSight in 2016 to merge with MicroFocus, which at a minimum, suggests it is a very mature technology. Ovum does not therefore expect much growth in traditional SIEM technology, but does anticipate a flurry of activity to supplement and replace this now legacy technology.

Industry activity seems to indicate SIEM's end-of-life position

Ovum believes that enterprise customers and MSSPs view traditional SIEM platforms as not providing the security posture nirvana they had expected and have become part of the security tool exhaustion most CISOs are now dealing with.

It is unclear whether SIEM will become part of the security tool graveyard, or whether it will morph into some new expanded, open, next-generation security management platform. While vendors of new security tools are at pains to highlight that they can integrate with SIEM platforms, companies developing rival oversight and monitoring technologies, as well as several emerging MSPs, are attacking SIEM's value and functions. Many new security vendors and SPs are initially pitching their offerings as complementary to SIEM, but have plans (not so hidden) to replace it over time. New technology, including cloud-based security and advanced analytics with machine learning/AI, encourage customers to try new approaches, with and without SIEM in place.

Ovum’s research shows that the SIEM market is a mature enterprise technology segment, where most high-end target customers already have a SIEM platform. This makes it a market characterized by recurring/maintenance fees (this is what will have attracted Micro Focus to the ArcSight business), where customer wins typically mean ousting a rival.

The future seems limited for traditional SIEM, and the need of enterprise customers to know and maintain or improve their required security posture will create alternatives to the use of a singular technology such as SIEM as the long-term solution. Future platforms will need to be open, fully integrated with third parties, and cloud-aware, if not fully cloud-based.

Appendix

Author

Mike Sapien, Chief Analyst, Enterprise Services

mike.sapien@ovum.com

Rik Turner, Principal Analyst, Infrastructure Solutions

rik.turner@ovum.com

Recommended Articles

  • Consumer & Entertainment Services

    Telco loyalty programs are about more than improving churn

    ByNicole McCormick 07 Mar 2018

    Loyalty programs have long been held as key to indirect monetization for the communications service provider. Upcoming research from Ovum has verified that notion – loyalty schemes improve Net Promoter Scores (NPS – a measure of brand perception) and can help improve churn. They can also lead to net additions growth and can even earn revenues for the operator.

  • Service Provider Markets

    5G is here – almost – with the launch of Verizon 5G Home

    ByMike Roberts 01 Oct 2018

    Verizon 5G Home is a milestone in the telecoms market because it is the first large-scale commercial launch of broadband services based on 5G technologies, albeit not on a fully standardized version of those technologies.

  • Consumer & Entertainment Services, Service Provider Technolo...

    When Netflix runs out of steam

    ByRob Gallagher 05 Dec 2018

    Never underestimate the power of one big idea – and one company's ability to deliver on its promise. But no single idea has infinite potential. Sooner or later, Netflix will need to look beyond the limits of its current business model.

;

Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700


Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8935

Email us at ClientServices@ovum.com

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at pr@ovum.com

Contact marketing - 
marketingdepartment@ovum.com

Already an Ovum client? Login to the Knowledge Center now