SIEM/LM solutions remain the best compliance and auditing technology in the market.
The global market for security information and event management (SIEM) and log management (LM) is expected to maintain its steady growth as traditional use cases for SIEM/LM in compliance, storage, and forensic investigations remain crucial, and in some industries, indispensable. New analysis from Frost & Sullivan estimates that the market earned revenues of $1.50 billion in 2014, and is forecast to reach $2.98 billion by 2019.
Always the stalwart of compliance auditing and reporting, SIEM vendors are expected to expand revenues by using SIEM capabilities to develop and bolster an integrated cyber-defense platform. "The business case for SIEM/LM is strong as vendors use advanced analytics, statistical baselines, and network behavioral anomaly detection to prevent data exfiltration," says Frost & Sullivan Network Security Industry Analyst Christopher Kissel. "To block network access from a bad IP address, SIEM engines employ bidirectional communication with other security platforms such as next-generation firewalls, intrusion detection and intrusion protection systems, and network access control."
However, SIEM engines also compete with endpoint security platforms and cyber defense platforms, thus vying for limited budgets. Nevertheless, SIEM/LM solutions remain the best compliance and auditing technology in the market. In most cases, the analytics applied to SIEM may be the last opportunity a network security team has to detect a breach before wide exfiltration occurs.
Moreover, intense competition among industry heavyweights such as Hewlett-Packard, Intel Security, RSA, IBM, Splunk, and LogRhythm, is likely to accelerate technology advancements.