Splunk Named in Gartner 2017 Critical Capabilities for SIEM Report

Splunk was named a leader in the Gartner 2017 Magic Quadrant for Security Information and Event Management for the fifth straight year.

In the companion report, 2017 Critical Capabilities for Security Information and Event Management (SIEM), Gartner recommends that security and risk management leaders buying a security information and event management (SIEM) solution should leverage this research to evaluate their use cases and requirements against an increasingly complex vendor landscape with varying degrees of capabilities.

Splunk was named in the Critical Capabilities report and received the highest score in the Basic Security Monitoring Use Case.

For the Critical Capabilities for Security Information and Event Management document, Gartner evaluated eight capabilities across SIEM solutions.

  1. Real-Time Monitoring

  2. Incident Response and Management

  3. Advanced Threat Defense

  4. Business Context and Security Intel

  5. User Monitoring

  6. Data and Application Monitoring

  7. Advanced Analytics

  8. Deployment and Support Simplicity

In the report, each critical capability is weighed in terms of its relative importance for the basic security monitoring, advanced threat detection and forensics and incident response use cases.

A Customer Success Story Using Splunk’s SIEM Solution

Find out how TransAlta, a leading Canadian power-generation company replaced its legacy SIEM using Splunk Enterprise Security (ES), reduced its user investigation time from days to minutes and improved performance and visibility of its energy-trading platform.

Learn how a global fashion accessories retailer sped up threat identification and prevented advanced attacks using Splunk SIEM in the cloud.

Thousands of customers use our integrated, analytics-driven security portfolio, which includes Splunk® Enterprise (Splunk Cloud), Splunk Enterprise Security, Splunk User Behavior Analytics, Splunk Stream and more than 600+ Splunk and partner apps!

Get Your Copy of the 2017 SIEM Critical Capabilities Report

Register to download a complimentary copy of the 2017 Gartner Critical Capabilities for Security Information and Event Management today!

We encourage CISOs, CIOs, security and risk leaders to use this research to recognize Splunk’s leadership position and make the best-informed buying decision possible.

Do you want to understand how these scores can help solve your security use cases faster? Or are you in a hurry to get started with SIEM replacement? Contact our Security Specialists with any questions on how Splunk can help you.


Girish Bhat
Director, Security Product Marketing
Splunk Enterprise Security and User Behavior Analytics

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Splunk.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Girish Bhat

Posted by