close
close

How major acquisitions are changing security operations

Posted on by darion

Forrester’s Allie Mellen on how Palo-QRadar and LogRhythm-Exabeam will reshape SIEM

Michael Novinson (Michael Novinson) •
May 24, 2024

Allie Mellen, Principal Analyst, Forrester (Image: Forrester)

Allie Mellen, Principal Analyst, Forrester (Image: Forrester)

The LogRhythm and Exabeam merger and Palo Alto Networks’ purchase of IBM QRadar’s SaaS assets were driven by both internal dynamics and competitive pressures.

See also: Webinar | We debunk MDR myths

Microsoft Sentinel’s rapid growth in the SIEM market has forced other vendors to reassess their positions and consider ways to grow faster, said Allie Mellen, principal analyst at Forrester. At the same time, Mellen said Cisco’s $28 billion acquisition of Splunk in March has created uncertainty among practitioners, with customers worried about integration and maintaining the same user experience (see: Nikesh Arora on why Palo Alto Networks is buying IBM QRadar).

“The SIEM market is diverse in that some vendors have very strong capabilities in one area, such as user behavior analytics, log management or SOAR, while they have manageable but not very strong capabilities in some areas in other aspects,” she said Mellen. “What we need at this point is consolidation so that we can have stronger products overall.”

In a video interview with Information Security Media Group, Mellen also discussed:

  • Impact of Cisco’s acquisition of Splunk on SIEM market dynamics;

  • Palo Alto Networks’ Strategy to Acquire IBM’s QRadar SaaS Assets;

  • Challenges and opportunities for smaller suppliers in the market.

Mellen supports managers and security professionals in building and refining threat detection and response strategies. Her responsibilities at Forrester include people, process and technology in security operations.