The most commonly asked for advancement of features is the ability to analyze data in multiple ways and for non-standard data analysis, named by 62 percent of respondents.
When they initially started their deployments, only 47 percent of organizations used SIEM for real-time monitoring and 55 percent used it for risk management.
Now that they’ve had time to settle in with their SIEM solutions, 82 percent use it for real-time monitoring and 78 percent for risk management.
Even more striking, only 27 percent of organizations used SIEM for operational visibility and intelligence upon deployment, but now 62 percent use it to improve operations.
From a security standpoint, 83 percent of organizations that use SIEM reported using data warehousing tools to store event data.
80 percent said they use data integration tools to create consistency between all of the event data types.
Nearly three-quarters of enterprises using SIEM use business intelligence tools in conjunction with them to provide users with self-serve access to the event data.