Select and Implement a SIEM Solution

Vendor Evaluation


This content requires an active subscription.

Access this content by logging in with your Info-Tech Research Group membership or contacting one of our representatives for assistance.

Speak With A Representative Sign In
or Call: 1-888-670-8889 (US) or 1-844-618-3192 (CAN)

Your Challenge

  • In the face of increasing regulatory pressures and headline-grabbing hacking activities, enterprises are deploying an ever increasing volume of dedicated security tools. As a result, they are drowning in log and alert data to the point where the tools inhibit their own value.
  • Implementing Security Information & Event Management (SIEM) allows enterprises to manage and respond to an ever-widening range of threats and compliance requirements by consolidating, aggregating, correlating, and reporting on security events. Taking action based on correlated data is accelerated, and detailed reporting supports obligations to demonstrate the specific measures the enterprise is taking to be compliant.
  • Getting a strong product evaluation allows organizations to enhance enterprise security at a manageable cost. Making the wrong choice could mean higher costs, lower security, or both.

Our Advice

Critical Insight

  • The SIEM market is undergoing rapid developments. In existence for just over a decade, the market is still maturing and product sets continue to be rationalized. Market consolidation is constantly occurring with large security vendors purchasing smaller dedicated SIEM vendors. The threat and regulatory landscape is making SIEM a more and more attractive technology for security firms and customers. Major leaps are being made in advanced capabilities as specialized correlation and analytic features are commercialized.
  • At first glance a SIEM may cause a panic attack. It will highlight various threats, risks, and vulnerabilities you may have not known about. Stay calm and realize the technology is providing a greater visibility into your organization’s security standing.
  • Various deployment and management options are making SIEM technology available to all levels of security organizations. Near full out-of-the-box solutions are being used by smaller organizations. Managed security service provider (MSSP) offerings are appearing, and can reduce the ongoing costs to a manageable level. High-demand organizations command with as many as five full-time equivalents (FTEs) monitoring and managing the system to respond to threats in real time.

Impact and Result

  • Understand what’s new in the SIEM market and where it’s heading.
  • Develop a strong understanding of the top SIEM vendors and their offerings to identify a best-fit product for your organization.
  • Create a selection and implementation strategy that allows you to choose the right-sized vendor, and receive the greatest value for your organization.


  • Sofiane Chtioui, Experienced IT Architect and Information Security Consultant, Hypratek Solutions Inc.
  • Christopher (Kriss) Warner, President/Chief Security Consultant, Cyberdine

Want to Participate in Our Research?

  • Analyst Interviews: Share your best practices, opinions, tools or templates with your peers.
  • Webinars: Interactive session to keep us focused on topics you want to tackle.
  • Upcoming Workshops: Accelerate your project with an onsite, expert analyst to facilitate a workshop for you. Contact us for more details.

Become a Participant

Get the Complete Storyboard

See how all the steps you need to take come together, with tools and advice to help with each task on your list.

Download Now

Get to Action

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should select and implement a SIEM solution, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

  1. Launch the SIEM selection project and collect requirements

    Assess the value of and identify the organization’s fit for SIEM technology, structure the SIEM selection project, and gather and analyze SIEM requirements.

  2. Select a SIEM solution

    Produce a vendor shortlist based on requirements, create and evaluate RFPs, conduct vendor demonstrations, and select a SIEM solution.

  3. Plan the SIEM implementation

    Create an implementation plan that sets up the organization’s SIEM capabilities and allows for handover to Operations.

Guided Implementation icon Guided Implementation

This guided implementation is a nine call advisory process.

    Guided Implementation #1 - Launch the SIEM selection project and collect requirements

  • Call #1: Identify the organization's fit for a SIEM solution

  • Call #2: Identify staffing needs and build a project plan

  • Call #3: Gather business, security, and IT requirements

  • Guided Implementation #2 - Select a SIEM solution

  • Call #1: Create a shortlist based on the organization's needs

  • Call #2: Review findings with an analyst and create an RFP

  • Call #3: Conduct a contract review and select a SIEM solution

  • Guided Implementation #3 - Plan the SIEM implementation

  • Call #1: Create an implementation plan

  • Call #2: Set up the organization's SIEM capabilities

  • Call #3: Hand over the SIEM solution to Security Operations

Onsite Workshop

Module 1: Launch the SIEM selection project and analyze SIEM requirements

The Purpose

  • Identification of the drivers behind the SIEM procurement.
  • Identification of the scope and purpose of the project.
  • Discussion of the current state of the SIEM market. 

Key Benefits Achieved

  • Launch of your SIEM selection project.
  • Aligned requirements between IT and the business. 

Activities: Outputs:
1.1 Identify the drivers behind SIEM
  • Identified drivers behind SIEM
1.2 Assess fit of SIEM to your organization
1.3 Complete procurement project charter
  • Procurement Project Charter
1.4 Collect business requirements and review use cases
  • Collected requirements and identified use cases

Module 2: Shortlist SIEM vendors and plan the procurement process

The Purpose

  • Creation of a shortlist based on needs.
  • Creation of an RFP for your solution and evaluation of completed RFPs.
  • Completion of a contract review to select your SIEM solution. 

Key Benefits Achieved

  • Shortlist of your vendors based on your requirements.
  • Selection of a vendor after writing a successful RFP and reviewing the contract. 

Activities: Outputs:
2.1 Review of the SIEM Vendor Landscape and shortlisting of vendors
2.2 Creation of an RFP
  • Completed SIEM RFP
2.3 Evaluation and scoring of sample RFPs
  • Evaluated RFPs
2.4 Review of final contracts

Module 3: Plan the SIEM implementation

The Purpose

  • Creation of metrics needed to assess the final SIEM product.
  • Optimization of the SIEM solution design.
  • Implementation of unique SIEM capabilities. 

Key Benefits Achieved

  • Plan of the implementation of the SIEM solution.
  • Determination of the evaluation of the final SIEM solution.
  • Defined next steps for passing SIEM handling to Operations.

Activities: Outputs:
3.1 Creation of an implementation plan
  • Completed implementation plan
3.2 Design of the SIEM architecture
3.3 Implementation of a pilot process

Workshop Icon Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Book Now
GET HELP Contact Us
VL Methodology