 |
What would you call the market for security monitoring solutions that help organizations better detect investigate, and respond to advanced security threats? Five or ten years ago you could certainly be excused if you referred to this market as “SIEM”. However, today what the right answer is is not clear, other than it certainly isn’t SIEM anymore. Traditional, log-centric SIEMs lack the visibility and analytic sophistication needed to detect and investigate today’s threats. As markets are apt to do, as customer needs evolve, technology and the associated marketable products also evolve to better address those needs. And, previous approaches that can’t evolve are left behind and are turned into legacy systems. But to what exactly is the security monitoring market evolving into? This issue became crystal clear to me – that it won’t be crystal clear for sometime – as I was reviewing the latest research from the multiple analyst firms (you know who I am talking about) that most closely follow and analyze what I will call here the advanced threat detection and response technology market. I will let you play the game of matching the market and product category names to the analyst firms that espouse them. Here are some of the current main contenders: Specialized Threat Analysis and Protection, User and Entity Behavior Analytics, Security Incident Response Platforms, Security Analytics, Continuous Network Forensics, and Real Time Security Intelligence. While they don’t agree 100% on the included capabilities, they all correctly, are attempting to sort out what’s next for detection and response technology market. I can’t tell how and when this naming and market definition battle will sort itself out. Clearly we have been and will continue to live through significant market flux for some time. Ultimately, of course it doesn’t matter what this new marketplace is called, but how it helps organizations improve their ability to detect, investigate, and respond to the increasing stream of sophisticated attacks that are being launched by cybercriminals, nation states, and hacktivist groups. RSA plans to continue to invest heavily in the products and services that are already major players in this advanced threat detection and response market (how about that as a market name?). If you want to check out what we currently offer in this space, check out our Advanced Security Operations Solution and its component products and services. What would you call this market? The post What Would You Call the Market for Today’s Threat Detection and Response Solutions? appeared first on Speaking of Security - The RSA Blog and Podcast. |
