Story image

Frost & Sullivan analyses FireEye's progression in SIEM space

22 Nov 17

A Frost & Sullivan report names FireEye as one of the leaders in security incident and event management (SIEM) solutions for the company’s work on its FireEye Threat Analytics Platform (TAP).

The report, titled, ‘Security Information and Event Management Global Market Analysis, Forecast to 2021 – The Transition to SIEM 3.0,’ Frost & Sullivan estimated the 2016 market for SIEM was worth more than $1.78 billion – an increase of 8.2% on 2015.

SIEM vendors should also expect a 10.6% CAGR revenue growth rate from 2016-2021.

While traditional SIEM use cases include compliance, storage and forensic investigation, it is evolving to include many more features for threat response, comments Frost & Sullivan.

The analyst firm says that SIEM functions incorporate: bidirectional communication between SIEM and other security platforms, analytics that can reduce mean-time-to-detect and mean-time-to-respond; user behaviour analytics and network performance monitoring; rules violation; and analytics that can be applied to SIEM for redundancy.

The firm believes that FireEye’s relationship with its US-based firm Mandiant enhances both FireEye appliances and Mandiant’s threat hunting skills.

“FireEye has a unique approach to security because they are able to capture their insights from investigating breaches and design a SIEM solution based on frontline experience,” explains Christopher Kissel, senior analyst, Frost & Sullivan.

“The advantage of this approach came through in our report, as FireEye led in the User Behavior Analytics and threat hunting capabilities areas, key capabilities for any organization building a modern security program,” Kissel continues.

FireEye’s TAP was recognised for its user behaviour analytics. The company says this offering differentiates its features between platform providers.

Frost & Sullivan’s report also says that SIEM customers are burdened by implementation costs that can be between three to five times more than the initial software purchase costs.

Users can also spend more time maintaining their SIEM rather than using it.

FireEye says that its approach excels in cost and efficiency for managing security events, not maintenance.

“Customers can finally move beyond compliance and focus on protecting their organizations from the threats that matter,” comments FireEye CTO Grady Summers.

The report notes that FireEye has built an ‘extensive’ alliance partner network. FireEye says its roadmap includes security orchestration tool refinement and an app store to simplify the integration of cloud data sources.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.