« Log Guru Joins LogLogic… | Main | LogLogic LX/ST Score High Points with InfoWorld »
Redmonk Recognizes LMI Market
"Log management and analysis is not a subset of security incident management (SIM). In fact SIM is a subset of log management."
That's the word from Redmonk. In the latest in several pieces from Redmonk on log management and intelligence, James Govenor provides lucid perspectives on the log managment and intelligence market. It's evolution has been an interesting one - from a market based on homegrown solutions, to one of start-ups providing niche solutions, to now, enterprise class players.
Somewhere along the way the LMI got all tangled up in security event management. There is no question that logs are useful in undertaking security event management but that doesnt mean the markets are the same. What makes them different? Simple. Use cases.
SIEM solves a very distinct problem - correlating a narrow range of security events well - principally to reduce false positives from IDS/IPS systems (OK - I know this is a pretty narrow definition). Log data in the broadest context is used across a much broader range of use cases. What a SIEM dashboard might be to the CSO, an LMI dashboard based on COBIT might be to the CIO or Compliance Officer. LMI is as much about application logs - both homegrown and commercial - as it is about security events.
Redmonk is right to view LMI through the lens of a compliance orientated architecture. Compliance is a major market driver right now. Underpinning that is a desire to automate business and IT processes. For instance, to achieve SOX compliance you might deploy COBIT. Log data can be used to report, alert, evidence and enforce around 50% of COBIT controls. That's a pretty significant degree of process automation. Same goes for PCI.
As an aside, it's also amusing to watch the SIEM vendors suddenly embracing log management messaging. Arsight today hosted a web cast titled "Logs to Logic: Turning Log Piles into Log Intelligence". To which we say, imitation is the best form of flattery. Thanks guys!
Welcome to the LMI market.
Posted March 24, 2006 in Log Management & Intelligence | Permalink
TrackBack
TrackBack URL for this entry:
http://www.loglogic.com/mt/mt-tb.cgi/40
June 2008
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 |
Categories
Archives
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005