Magic Quadrant for Security Information and Event Management
Vendors or products added in this year’s report may indicate a change in the market, change in evaluation criteria, or change of focus by the vendor.
Vendors or products dropped from one year to the next may indicate a change in the market, change in evaluation criteria, or change of focus by the vendor.
No vendors were dropped in this report.
The SIEM market continues to add more functionality and shift architecture strategies to meet client demands. This Magic Quadrant emphasizes global SaaS architecture availability and multifaceted platform features like SOAR, UEBA, TIP, self-service analytics creation, continuous threat content creation, and incident management features. Organizations continuing to seek self-deployed and managed architectures will increasingly find their options limited as more SIEM vendors move to either predominate or exclusive SaaS architecture offerings. The SIEM market has been disrupted by external forces including the client journey to cloud service providers, the growing appetite for more security data (cost bloat), and the need for overall simplicity in their detection stack. SIEM conversations with clients often may include other technologies such as cloud-native security suites, data lake solutions, and XDR offerings.
A: We review and adjust our inclusion criteria for Magic Quadrants as markets change. As a result of these adjustments, the mix of vendors in any Magic Quadrant may change over time. A vendor's appearance in a Magic Quadrant one year and not the next does not necessarily indicate that we have changed our opinion of that vendor. It may be a reflection of a change in the market and, therefore, changed evaluation criteria, or of a change of focus by that vendor.