Source URL: https://cloud.google.com/blog/products/identity-security/google-named-a-leader-in-the-idc-marketscape-worldwide-siem-for-enterprise-2024-vendor-assessment/
Source: Cloud Blog
Title: Google named a Leader in IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment
Feedly Summary: Security information and event management (SIEM) systems are the backbone of most security operations centers and security teams rely on them for effective threat detection, investigation, and response.
We’re thrilled to share that Google has been named a Leader in the IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment. We believe this recognition is a reflection of our significant investments in Google Security Operations over the past three years. Our efforts include the acquisition and integration of Mandiant, the world’s leading threat intelligence and incident response provider, and Siemplify, a leading security orchestration, automation and response (SOAR) provider.
The IDC MarketScape noted, “Google Security Operations is a cloud-native SIEM that is integrating previous point products such as SOAR and ASM, enriching all alerts with Google Threat Intelligence, and offering a gen AI assistant to alleviate mundane security analyst tasks. It is built on the search, data visualization, and storage services of Google Cloud.”
Google named a Leader in the IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment.
Our drive to evolve security operations
Google Security Operations continues to drive innovation in the ability to effectively detect, investigate, and respond to threats. Recent advancements include:
Unlocking deeper threat hunting and investigation workflows with Applied Threat Intelligence, enabling security teams to spend less time on monitoring activities, and helps them use deep insights from Mandiant experts and crowd-sourced insights from VirusTotal for better decision making.
Working smarter, not harder, with Gemini in Security Operations to more easily perform natural language searches across your data, event summarization, detection creation, and playbook building.
Mandiant Hunt, which integrates Mandian’t frontline intelligence and expertise with Google Security Operations to help defenders proactively search for undetected attacks.
Customers are driving innovation at their own organizations
Google Security Operations customers such as Etsy, Pfizer, and Apex FinTech Solutions are making significant changes in both the technology they use and the way they think about SecOps with Google Security Operations.
“This is our chance to reset, [have a] clean slate,” said Manan Doshi, senior security engineer, Etsy. “We have the chance to evaluate all the detections we had, data sources we weren’t using, save money, and make sure our SIEM is not inundated with content.”
Etsy and the art of SIEM Migration
“We’re using Google Security Operations as the central point of all of our data. It’s very nice with [security telemetry and threat intelligence] stitched together into this one single pane of glass. When you run a search, all of the data just pops up from a contextual enrichment perspective and now we’re using the Gemini investigation assistant that pulls it all together right away. I think it’s going to uplift our talent to get to the threat more quickly,” said Mark Ruiz, head of cybersecurity analytics, Pfizer.
New Way Now: Pfizer is reshaping its security DNA with Google Cloud
“No longer do we have our analysts having to write regular expressions that could take anywhere from 30 minutes to an hour — Gemini can do it within a matter of seconds,” said Hector Peña, senior information security director, Apex Fintech Solutions.
New Way Now: Apex Fintech Solutions transforms security operations with Google Cloud
Download a complimentary excerpt of the IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment today.
AI Summary and Description: Yes
Summary: The text details Google’s recognition as a Leader in the IDC MarketScape for its Security Information and Event Management (SIEM) offerings, highlighting their integrations and innovations in threat intelligence and automation. This is particularly relevant to professionals in security operations, cloud security, and information security, showcasing advancements in leveraging AI to enhance threat detection and response.
Detailed Description:
– **Recognition**: Google has been named a Leader in the IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment, indicating its strong positioning in the security operations market.
– **Investments**: The recognition is attributed to significant investments made in Google Security Operations over three years, including the acquisitions of Mandiant and Siemplify. These acquisitions enhance Google’s threat intelligence capabilities and security orchestration functions.
– **Cloud-Native SIEM**: Google Security Operations is described as a cloud-native SIEM. Its integration of various previous point products—including SOAR (Security Orchestration, Automation, and Response) and ASM (Application Security Management)—positions it uniquely in the market.
– **AI Integration**: The text notes the inclusion of a generative AI assistant to reduce the workload on security analysts by simplifying tasks such as event summarization and detection creation.
– **Threat Intelligence Utilization**: Enhanced threat hunting capabilities are enabled through Applied Threat Intelligence, which helps security teams make informed decisions by utilizing insights from Mandiant and VirusTotal.
– **Customer Use Cases**:
– **Etsy**: Utilizes Google Security Operations to streamline detections and improve data sources, aiming for efficiency and cost-effectiveness.
– **Pfizer**: Benefits from enhanced investigative capabilities through a unified data view that facilitates quicker threat identification.
– **Apex FinTech Solutions**: Reports a significant reduction in time needed for analysts to write regular expressions, leveraging Gemini for faster results.
– **Overall Impact**: The advancements in Google Security Operations are designed to optimize security teams’ workflows, enhance threat detection and response capabilities, and ultimately help organizations improve their security posture.
This information is crucial for security and compliance professionals seeking to understand the latest advancements in SIEM solutions and evaluate potential improvements in their own security operations.