Finance & Banking , Industry Specific , Security Information & Event Management (SIEM)
How Major Acquisitions Are Transforming Security Operations
Forrester's Allie Mellen on How Palo-QRadar and LogRhythm-Exabeam Will Reshape SIEMThe LogRhythm-Exabeam merger and purchase of IBM QRadar's SaaS assets by Palo Alto Networks were driven both by internal dynamics as well as competitive pressures.
See Also: Building Better Security Operations Centers With AI/ML
The rapid growth of Microsoft Sentinel in the SIEM market has pushed other vendors to reassess their positions and consider ways to get bigger faster, said Forrester Principal Analyst Allie Mellen. At the same time, Mellen said, Cisco's $28 billion acquisition of Splunk in March has created uncertainty for practitioners, and customers are worried about the integration and maintaining the same user experience (see: Nikesh Arora on Why Palo Alto Networks Is Buying IBM QRadar).
"The SIEM market has been disparate in that you've had some vendors who have very strong capabilities in one area like user behavior analytics, log management or SOAR, while they've had manageable but not-as-strong capabilities in some of the other aspects," Mellen said. "So, at this point, we need that consolidation to happen, so that we can have stronger overall products."
In this video interview with Information Security Media Group, Mellen also discussed:
- The impact of Cisco's acquisition of Splunk on SIEM market dynamics;
- Palo Alto Networks' strategy in acquiring IBM's QRadar SaaS assets;
- Challenges and opportunities for smaller providers in the market.
Mellen supports security executives and professionals in building and maturing their threat detection and response strategies. Her coverage at Forrester includes people, processes and technology in security operations.