Finance & Banking , Industry Specific , Security Information & Event Management (SIEM)

How Major Acquisitions Are Transforming Security Operations

Forrester's Allie Mellen on How Palo-QRadar and LogRhythm-Exabeam Will Reshape SIEM
Allie Mellen, principal analyst, Forrester (Image: Forrester)

The LogRhythm-Exabeam merger and purchase of IBM QRadar's SaaS assets by Palo Alto Networks were driven both by internal dynamics as well as competitive pressures.

See Also: Building Better Security Operations Centers With AI/ML

The rapid growth of Microsoft Sentinel in the SIEM market has pushed other vendors to reassess their positions and consider ways to get bigger faster, said Forrester Principal Analyst Allie Mellen. At the same time, Mellen said, Cisco's $28 billion acquisition of Splunk in March has created uncertainty for practitioners, and customers are worried about the integration and maintaining the same user experience (see: Nikesh Arora on Why Palo Alto Networks Is Buying IBM QRadar).

"The SIEM market has been disparate in that you've had some vendors who have very strong capabilities in one area like user behavior analytics, log management or SOAR, while they've had manageable but not-as-strong capabilities in some of the other aspects," Mellen said. "So, at this point, we need that consolidation to happen, so that we can have stronger overall products."

In this video interview with Information Security Media Group, Mellen also discussed:

  • The impact of Cisco's acquisition of Splunk on SIEM market dynamics;
  • Palo Alto Networks' strategy in acquiring IBM's QRadar SaaS assets;
  • Challenges and opportunities for smaller providers in the market.

Mellen supports security executives and professionals in building and maturing their threat detection and response strategies. Her coverage at Forrester includes people, processes and technology in security operations.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.