Accumuli : Splunk named a Leader* in Gartner 2014 Magic Quadrant for SIEM

Tuesday 8th July 2014

Gartner evaluated Splunk® Enterprise and the Splunk App for Enterprise Security, reinforcing the focus that an analytics-enabled Security Operations Center (SOC) is essential and more effective at detecting and responding to today's cyberthreats.

"Analytics provide the SOC and security team a holistic view by collecting, monitoring and analysing all the data in an organisation with rich enterprise and global threat context," said Haiyan Song, vice president of security markets at Splunk. "Splunk customers are continuously transforming their operations by giving their SOC and security teams situational awareness and, more importantly, the ability to investigate and make determinations fast, which means more decisive and timely actions against attacks, advanced persistent threats, insider threats and other operational issues."

The report highlights the fact that companies are re-evaluating SIEM providers due to partial, marginal or failed deployments. Significantly, it is early breach detection which causes considerable concern. With more than 92% of breaches going undetected, the importance of stronger threat intelligence, behaviour profiling and improved analytics is central to business strategy and the growing focus on Cyber Resilience.

Ian Tinney, Head of Big Data Platforms and Performance Analytics at Accumuli Security says, "Targeted, advanced attacks and insider threats can be detected and resolved using analytics of diverse data sets, but it is challenging to bring this data into traditional SIEM deployments. We at Accumuli Security use Splunk Enterprise and the Splunk App for Enterprise Security to create a security intelligence platform that leverages analytics to help find known and unknown, advanced threats. With vast security domain expertise, Accumuli is able to integrate Splunk Enterprise Security with a whole range of new and existing Security products within the customer's infrastructure."

"This recognition from Gartner endorses our belief that the solution we provide to our customers is based on a leading platform for collecting, analysing and visualising machine data, providing a unified way to organise and extract real-time business insights."

In the case of Splunk Gartner points out that this product can be leveraged not just for SIEM, but also for wider Operational Analytics use cases making more efficient use of an organisation's investment.

Ian continues, "At Accumuli we define IT Risk as being not just a question of protecting your business against security breaches, but also against the exposure caused if you do not make the most effective use of the data available to enhance business and technical performance. There are potentially profitable business insights and performance efficiencies to be derived from the rich stew of big data that can be captured by Splunk. Having collected data for a SIEM process, that same data can be recycled for other potentially valuable use cases, making for a much more effective and enduring investment."

To view the report, go to: www.splunk.com/goto/SIEM_MQ_2014

*What is a "Leader"?

Gartner defines the SIEM Leaders quadrant as being, "composed of vendors that provide products that are a good functional match to general market requirements, have been the most successful in building an installed base and revenue stream within the SIEM market, and have a relatively high viability rating (due to SIEM revenue or SIEM revenue in combination with revenue from other sources).

In addition to providing technology that is a good match to current customer requirements, Leaders also show evidence of superior vision and execution for anticipated requirements. They typically have relatively high market share and/or strong revenue growth, and have demonstrated positive customer feedback for effective SIEM capabilities and related service and support."