Security Operations, Content, Security Program Controls/Technologies

Gartner Magic Quadrant: Security Information and Event Management (SIEM) for MSSPs?

Fourteen cybersecurity companies landed in Gartner's Magic Quadrant for Security Information and Event Management (SIEM). But which of those SIEM providers have friendly MSSP (managed security services provider) offerings? We took a closer look at Gartner's August 2016 Magic Quadrant results. (Yes, we'll take another look when the 2017 results arrive.) Then, we cross-referenced each Magic Quadrant member with their MSSP initiatives. The result is this blog. Before we take a look at each company and their MSSP strategies, let's define the SIEM market. SIEM fulfills a customer's need to analyze event data in real time for the early detection of targeted attacks and data breaches, Gartner says. Also, SIEM helps partners to collect, store, investigate and report on log data for incident response, forensics and regulatory compliance, the researcher says. The typical SIEM technology aggregates event data produced by security devices, network infrastructure, systems and applications, Gartner adds. Now, here's a look at each SIEM provider. We've sorted them alphabetically within Gartner's Magic Quadrants, and the commentary is our own.

SIEM Gartner Magic Quadrant: Niche Players

  • BlackStratus: The company is very well known for its CYBERShark platform, which is designed for MSPs that support SMB customers. BlackStratus also has a security operations center in Connecticut. MSSP Friendly?: Yes.
  • EventTracker: The company’s EventTracker platform comprises SIEM, vulnerability scanning, intrusion detection, behavior analytics, a honeynet deception network and other defense in-depth capabilities within a single management platform. EventTracker offers managed services from its global SOC. MSSP Friendly?: Yes
  • Fortinet: The company's FortiSIEM is formerly known as AccelOps. MSSP Friendly?: Yes.
  • ManageEngine: ManageEngine offers a range of IT management solutions for IT professionals and service providers. For SIEM, check out the company's Log360 offering. MSSP Friendly?: ManageEngine has some MSP-centric tools, but I don't see SIEM listed among them.
  • Micro Focus: Here, you've got to look for Micro Focus's NetIQ business -- which offers a SIEM platform called Sentinel. MSSP Friendly?: I don't see any particular MSSP emphasis.
  • SolarWinds: The well-known maker of IT management tools has a SIEM product aptly called SIEM: Log and Event Manager. MSSP Friendly?: SolarWinds also has a business division called SolarWinds MSP -- which includes a range of RMM (remote monitoring and management), backup and disaster recovery (BDR), remote control and security offerings. At present, the SIEM offering isn't part of the SolarWinds MSP portfolio  -- but I've been watching for potential cross-pollination...
  • Trustwave: Poke around and you'll see that Trustwave offers multiple SIEM products. MSSP Friendly?: The company has a partner program. But Trustwave itself also is an MSSP, offering managed SIEM services and plenty of additional security services.
Continue to Page 2 of 2 for companies in the Visionaries, Challengers and Leaders Quadrants Welcome to Page 2 of 2. Here are companies in the Visionaries, Challengers and Leaders quadrants.

SIEM Gartner Magic Quadrant: Visionaries

  • AlienVault: The AlienVault Unified Security Management (USM) solution provides SIEM, vulnerability assessment (VA), asset discovery, network and host intrusion detection (NIDS/HIDS), flow and packet capture, and file integrity monitoring (FIM), Gartner notes. MSSP Friendly?: Yes.

SIEM Gartner Magic Quadrant: Challengers

SIEM Gartner Magic Quadrant: Leaders

Bottom Line

Of the 14 companies in this particular Gartner Magic Quadrant, roughly five have been absolutely committed to MSSPs with clear communications. Several more have some MSSP engagement strategies under way. If you disagree with our views or have a different take on the market please email me ([email protected]) or post a comment. By the way, here's how Gartner displays the SIEM Magic Quadrant for 2016:
Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.