It has been 17 years since the generation of the first Gartner Magic Quadrant by evaluating Security Information and Event Management (SIEM) technology. At that time a product appeared (ArcSight) very important for many years and that lately is in decline, more due to the lack of investment in R&D on this product.
But the market was supported by tools that analyzed and correlated the events of the most important security tools of the time.
At that time the maintenance windows, the implementation of Firewall, IDS, Antivirus were my daily tasks. But a product that managed to correlate Firewall logs, IDS attack detections and the enrichment with the results of vulnerability tests led me to dedicate myself in the following years to what I liked the most in the security operation: the management of threats.
In 2006 I started supporting the OSSIM project, I met my current partner Javier Lopez-Tello, CEO of A3Sec Group, who helped me to implement a key project for one of the most important global consulting firms. Although many of my colleagues reminded me that trying to change such an organization was swimming against the current, I did not give up trying, and that security operations center got its first customer in 2007, constantly evolving and growing until the day I made the decision to go to the financial sector, 3 years later.
In 2010 the sector had already evolved a lot, there was a clear leader, but there was still much to evolve. Once again I started a SIEM implementation project for the financial sector industry and once again I bet on the evolution of OSSIM, which had already become AlienVault. That year I was not yet listed in Gartner, but I was looking for something that would help me to integrate 3 elements that were fundamental for me, integration of other sources that were not only security, integration of automatic responses to certain critical events; and finally, inclusion of intelligence sources to enrich the events. Something that was not very developed in these platforms, but with the OpenSource capabilities that OSSIM had, at that time, gave us the ability to integrate within hours of development and patience.
Magic Quadrant SIEM - Gartner 2010
In 2014, I decide to leave the financial sector, and try to start my dream, that of being an entrepreneur. I join as a partner in the A3Sec project, starting operations in Colombia and since A3Sec is AlienVault's professional services and consulting, we continue developing SIEM solutions implementation projects. But migrating our capabilities to new generation platforms that will be supported in BigData and Analytics technology.
Being 2020, 17 years later, again Gartner presents its evaluation of SIEM solutions in the market. Although the magic quadrants have always been very important to me because of the inclusion of criteria such as pricing, marketing, sales coverage, vertical strategies and innovation. I think there are some technical elements that can be extracted in order to compare the solutions.
To download the latest Gartner Magic Quadrant for SIEM, please access the following link from our partner Splunk.