current location:COMPANY>NEWS & EVENTS
News & Events
Venustech -the First Chinese Vendor Entered Gartner Magic Quadrant for SIEM

On December 5th,2017 (Beijing time), Gartner, the world’s leading research and advisory company, published MQ (Magic Quadrant) for SIEM Security Information and Event Management and Critical Capabilities for Security Information and Event Management . The Venusense security management platform product USM (Unified Security Management system) represents China entering Gartner SIEM MQ firstly. Moreover, it topped SIEM of many well-known international vendors in the evaluation of Critical Capabilities.

After the screening and analyzing with a high standard globally, there were 19 vendors entering Gartner MQ for SIEM. All of them reached the inclusion criteria that the 2016 revenue shall not less than $15 million. And 6 European Vendors are only nominated due to short of market share and competitiveness.

Gartner says, the global market of SIEM reached $2.17 billion in 2016, which is a high-speed development in all market segments especially in area of Asia-Pacific and Latin America. In general, it is a scene of prosperity. On a global scale,threat detection and management is the primary driver for marketing, and general monitoringand compliance remains secondary.An increasingly number of customers put forward to the needs of threat intelligence integration, behavior modeling and effective analysis. Gartner predicts that 75% SIEM products will enhance the detective capability by machine learning widely and adopts big data technique as kernel.

In the report of SIEM Critical Capabilities, Gartner scored and analyzed horizontally on the 19 vendors entered MQ by 8 indexes (real-time monitoring, incident response and management, business context and security intel, user monitoring, data and application monitoring, advanced analytics, deployment and support simplicity, advanced threat defense) and 3 use cases (basic security monitoring, advanced threat detection, incident investigation and response). And the score of Venusense USM was positioned at11th, which surpasses 8 well-known international vendors.

The two reports specially have an introduction and competitiveness analysis on Venusense USM. Reports say,the Venustech SIEM solution is composed of various components under the Venusense UnifedSecurity Management (USM) product, which includes modules for Security Analytics (SA), NetworkBehavior Analysis (NBA), Configuration Verification System (CVS) and Business SecurityManagement (BSM).

Venusense SA, as the core product of SIEM, provides log collection, normalization and storage, and an analytics engine for threat detection and compliance use cases. Purchaser can chose it from three data management structures: the first is the traditional relational database. The other two are based on a big data platform, with both Hadoop and Elasticsearch options available.The solution can be deployed via software, or as a virtual orphysical appliance.

USM has analysis function based on machine learning and provides NBA modules. NBA modules can conduct physical activity monitoring and have NetFlow and the ability to analyze of 7 protocol layers.USM also includes configuration checking system (CVS) and business security monitoring (BSM).CVS is a security configuration assessment system that checks weak configuration and error configurations of devices and systems; BSM can monitor the performance and availability of the IT infrastructure and conduct a relation analysis of alert information and security events.USM supports OT monitoring and analyzes specific protocols and events in an industrial control system (ICS) or SCADA environment.

In the analysis of the competitiveness of the Venusense USM, Gartner says that VenustechSIEM is a good solution for Chinese organizations, both midsize and enterprise-sized, andbuyers in the Asia/Pacific markets where Venustech's security solutions are used. Both Chineseand English are supported out of the box. Venustech's SIEM solution provides core SEM and SIM functionality that can be expanded to address a variety of network-based monitoring, as well as other security operations and riskmanagement capabilities. The Venustech SIEM architecture is straightforward and offersflexible and horizontal expansion capability.Venustech's SIEM solution provides a variety of data management tiers tofit different buyertypes (e.g., midsize versus large enterprises). It also has advanced analytics using ML for modeling network-based entity behavior is provided out of thebox.

Since 2005, Gartner has published 13 MQ reports for SIEM segment. Ye Peng, Venustech security management platform chief researcher, vice general manager of Venusense product and product director, said: " SIEM security management product, with a broad integration of a variety of single-point security technology, whose MQ evaluation criteria is the most difficult and complex of all security products’ . The evaluation indexes are more than 200, especially the coverage of technical is quite complete, and the correlation between each index is very careful. Venustech, which serves as the first Chinese Vendor entering the SIEM MQ, reflects technical strength of security management platform, also shows the world the strength of China's network security industry. It is the recognition of Venustech within the scope of international and Venusense technical team. Additional, it is a milestone event for me who has engaged in security management industry for 16 years ".

Through careful study competitive analysis of Venusense USM from Gartner, it can be seen that the score for critical capability is in middle stage stably and is higher than the relative position of MQ. This shows that Venusense security management technology has reached the international mainstream level. The product function and existing roadmap also accord with the international trend and products get success in the Chinese market and has gained international recognition. On the other hand, Gartner has looked at global markets at the beginning of its assessment, which evaluates technology, markets and businesses of all the participating companies from a global perspective. Since the market of Venusense products is mainly focused on the Chinese market, the development of international market is still in progress, so the position of MQ has been affected."We have already started to lay out international markets, especially in the markets of One Belt And One Road," Ye Peng said, "We believe that with the use of USM in the Gartner SIEM MQ, we will join hands with international vendors to open a wide range of cooperation modes."

As for SIEM, Security management platform and SOC

Generally speaking, the security management platform is a relatively broad concept and there is no standard definition. Gartner only did the MQ for the security management platform in 2004. However, it is certain that SIEM has always been its core functions, regardless of the connotation and extension of the platform. In addition, it can be divided into two dimensions from the way of delivery of the platform: product and service. Now, the SIEM market is usually equated with the market of the security management platform products (including supporting services). That external services carried out by the security management platform will be classified into MSS (managed security services) market. Gartner defines the SIEM market based on the needs to analyze event data in real time, as well as early detection of targeted attacks and data leakage; meanwhile, it collects, stores, analyzes, investigates and reports event data to achieve security incident response, verification and compliance.

There is also a word that often appears with the security management platform, which is the SOC (security operation center). SOC usually refers to the protected IT infrastructure and business system to conduct a comprehensive monitoring, operations, management, and cover the relevant security protection facilities, office facilities, personnel, organization, working process and technical support environment. In short, the SOC is the integration of a collection of people, processes and technologies. Therefore, the security management platform is not equal to SOC, but only a core technical support platform of SOC. Generally, the platform can be equated with the SOC platform.

As for Venustech USM

Venustech USM as a new generation of security operation center platform, supported by big data analysis framework, guided by the business security, builds up the safety management core ability driven by data, emphasizes more active, intelligently manages and operates network security of enterprise and organization. System based on IT assets takes business information system as the core, takes the user experience as the guide to establish a set of measurable business support platform from monitoring, auditing, risks, operations, which makes users available for monitoring business information system, performance and service, analyzing event, traffic and the configuration information, audit, alert and response, and risk measurement and evaluation, as well as the standardization, the routine, the normality of the security process control. Through the active of business-oriented and intelligent security management to fully implement the reasonable allocate of organization, process and technology, which helps users to realize the continuous safe operation of the business information system.

As for Venusense security management platform

Venustuch, the leading company of China's information security industry, has a complete information security technology, products, solutions and services, has become a brand favored by Chinese high-end customers such as the government, telecommunications, finance, energy, transportation, manufacturing, and other fields in Chinese brands of high-end customers.

In 2017, the Venusense security management platform became the first Chinese security management platform entered the Gartner MQ for SIEM. According to the Sadie report, the Venusense security management platform has ranked first in the Chinese market for nine consecutive years since 2008. According to IDC's report, it has ranked first in the Chinese market for two years since 2015.


< 上一条 下一条 >