Security and Risk Management Leaders: Know the Critical Capabilities for SIEM

As you may have heard, in the recently published Gartner 2018 Magic Quadrant for Security Information and Event Management (SIEM)*, Splunk was named a Leader for the sixth straight year. In the report, Gartner placed Splunk in the “Leaders” quadrant with the highest overall position in “Ability to Execute.”

Gartner recommends that security and risk management leaders responsible for security operations use a companion report, 2018 Critical Capabilities for Security Information and Event Management (SIEM), to evaluate and select solutions.

As per the Critical Capabilities report, “Gartner recommends a use-case-based, output-driven approach to achieve long-term value from deploying a SIEM solution. The use case categories identified in the report are:

  • Basic Security Monitoring
  • Complex Security Monitoring
  • Advanced Threat Defense

Gartner identified ten Critical Capabilities for SIEM, which are weighed in terms of its relative importance for the basic security monitoring, complex security monitoring and advanced threat detection use cases and assigned scores to covered vendors.

We are pleased to share that Splunk received the highest score for the Basic Security Monitoring (4.03/5) and Complex Security Monitoring (4.13/5) use cases.

Splunk Security Portfolio

Customers rely on Splunk’s security portfolio as the nerve center of their business to address a wide range of security. Splunk Enterprise Security (ES) and Splunk User Behavior Analytics (UBA) are used together as an analytics-driven SIEM to build their security operations centers (SOC) to detect, investigate and respond to threats. Splunk Phantom, a security orchestration, automation and response (SOAR) solution, helps customers to investigate and accelerate their response to incidents.

Splunk and partner apps, playbooks and analytic stories extend and simplify deployments by providing pre-packaged, ready to deploy content designed for specific use cases and data types.

Learn about why Splunk was positioned as a Leader in 2018 Magic Quadrant for Security Information and Event Management.

Register for a complimentary copy of the 2018 Gartner Critical Capabilities for SIEM today! Check out how the City of Gold Coast and a global fashion accesories retailer use Splunk as their SIEM. 

How can you benefit from Splunk security solutions? Contact us to find out.

Girish Bhat
Director, Security Product Marketing

Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be constructed as statements of fact. Gartner disclaims all warranties, expreessed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 

Gartner, 2018 Magic Quadrant for Security Information and Event Management, 3 December 2018, Kelly Kavanagh, Toby Bussa, Gorka Sadowski

Gartner, 2018 Critical Capabilities for Security Information and Event Management, 3 December 2018, Toby Bussa, Kelly Kavanagh, Gorka Sadowski

Girish Bhat

Posted by


Show All Tags
Show Less Tags