Security Information & Event Management (SIEM) , Security Operations , Video
Forrester: Security Analytics Tools a Challenge to Manage
Forrester Analyst Allie Mellen Shares Evolution of SIEM, SOAR and UEBA, Market GapsAccording to the Forrester Wave issued in December 2022, the top challenge security analytics vendors face when bringing SIEM, SOAR and UEBA together is making it easy for customers to manage and maintain the offering.
See Also: Unified SASE: The Third Era of Network Security
Forrester analyst and lead author of the report, Allie Mellen, points out that "one of the things that was promised when customers moved from an on-premises SIEM and security analytics platform to one in the cloud was that there'd be fewer maintenance requirements. You wouldn't have to worry about managing the system."
While this is true to "some extent," she says, clients interviewed by Forrester indicated the need for "detection and response maintenance; maintenance of playbooks, of rules, of analytics; doing tuning; making sure that you're bringing the correct log sources in strategically - all of that work that's very operationally focused, not necessarily the exciting detection investigation response aspect."
Mellen advises security analytics customers to look for a vendor "that's looking to decrease that maintenance and make sure the product is reliable, consistent and builds better detections."
In this video interview with Information Security Media Group, Mellen discusses:
- Highlights and surprises from The Forrester New Wave: Security Analytics Platforms, Q4 2022;
- The state of the security analytics market today and opportunities for growth;
- Advice to security analytics platform customers and what they should be asking of their providers.
Mellen focuses on security and risk professionals at Forrester, covering all aspects of security infrastructure and operations. She covers the people, processes and tools of the SOC, including security analysts; security information and event management; security user behavior analytics; security analytics; security orchestration, automation and response; endpoint detection and response; extended detection and response; and SOC metrics. Her research focuses on where analytics, detection, automation and response are headed in the security industry.