2022 Gartner® Magic Quadrant™ SIEM
Get the reportMore
Senior Director of Product Marketing
Sridhar Karnam leads the security product marketing for Sumo Logic. Sri has a decade of experience with SIEM, Security Analytics, Cloud Security, and IT Operations. He has led product management & marketing for SIEM solutions at ArcSight, Arctic Wolf, and at Oracle. He has written hundreds of blogs on SIEM, and has also spoken at many security and IT events.
The coronavirus pandemic is one tough test for business leaders. It disrupted all routines and scrapped most of the business plans for the coming months, or even years. Our lives have changed dramatically and no longer is it business as usual. Businesses have to adapt to the change and they need to do it with agility.
As the cloud continues to expand with no end in sight, it’s only wise to invest in it. Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service bring significant cost savings (personnel and ownership), improved performance, better reliability, freedom to scale and - above all - significant security benefits. It’s no wonder that so many businesses have already adopted all three of these models.
SaaS adoption is continuously on the rise and so is the number of companies migrating their email services to Microsoft Office365. It’s the most popular SaaS service and while over 90% of enterprises use it, only less than a quarter of them have already migrated to the cloud-based suite. Nonetheless, this number is growing steadily, as cloud adoption rates are increasing.
In 2010, cloud computing just started to lead the IT revolution. It’s 2020 and the cloud is already mainstream. If you’re not running your business in virtual yet, you’re missing out on huge profit opportunities and capabilities that the cloud has to offer. Adopting a cloud strategy brings better security, increased stability and overall greater flexibility for your organization.
Nowadays, it’s not uncommon to see enterprise IT leaders in a situation that seems like a catch 22. Oftentimes, they are expected to be involved in making data-driven decisions for augmenting productivity and profitability. Paradoxically, they are preoccupied with what they consider as their core responsibilities – applying best practices to safeguard the IT infrastructure and expediting investigations when incidents occur. As practitioners of IT, we must admit that it rings a bell and also chip in with our knowhow.
Never before in history has the concept of identity been so vital. To a large extent, everything we rely on to live our lives depends on who we are… or perhaps more accurately, who we can prove ourselves to be. Our data has come to be the standard by which we define ourselves. Because this identity-defining data is online, the protection of our data is of paramount importance.
Virtually every organization is a victim of cybercrime today. As the threat landscape evolves and proliferates, it’s necessary to prioritize the protection of data, customers’ privacy and brand reputation. Security directors must be prepared and equipped with the necessary tools to detect security events and address them accordingly at all times. This cannot be achieved without security investigation and correlation, and with the latest technologies, these can be performed at cloud-scale with ease.
Enterprises are increasingly adopting a cloud-first approach and migrating their workloads, data and applications to the Cloud. Amazon Web Services continues to lead the Public Cloud industry with more than 30% of the market. As digital transformation progresses and the digital space expands, so does the attack surface that exposes the ongoing proliferation of security risks.
Today, we are announcing the general availability of our new module within our Global Intelligence Service with a benchmarking capability on AWS security by baselining the Amazon GuardDuty findings. If you are one of the 100,000 users of Sumo, go to your App catalog and install the Amazon GuardDuty benchmark app with one click and see your threats against the global threats that we gather from hundreds of Sumo customers.
Gartner has been a thought leader in the SIEM space for the last few years. Gartner’s Magic Quadrant is considered one of the top market research reports on SIEM’s capabilities and vendors. Very recently, I attended the 2019 Gartner Security & Risk Management Conference, and based on thousands of conversations Gartner has had with their clients, they have a good vantage point on the SIEM space this year.
Organizations that deploy SIEM systems know this uphill climb well. Deployment typically takes 18 months, and more than half of these SIEM deployments fail. A major friction point is the big hardware refresh every three to four years, requiring all configurations & customizations be saved. With the refresh, you must update hardware, software, rules, patches, among others, and that usually renders the SIEM unusable. If you magically get the SIEM working on the first cycle, it may fail on the next. Or when you stop pedaling.