What’s Inside?
"Threat detection, investigation and response products are challenging to deploy, maintain and operate. Co-managed security monitoring services aid security and risk management leaders in the operation, configuration and maintenance of these products with a lower SOC staffing overhead."
Key Findings
- TDIR-capable products that require customisation and maintenance, such as security information and event management (SIEM), are often directly purchased by organizations with low to moderate security maturity. This combination of locally owned complex security tools and lower security maturity are a good fit for co-managed security monitoring services.
- Security operations teams have a wide range of complex responsibilities. Outsourcing certain elements of security delivery eases the workload of the security operations center (SOC) and provides resources that can be focused on operational requirements.
- Buyers often invest in TDIR-capable products without fully staffing its daily operations and maintenance. Using co-managed security monitoring services enables them to derive more value from complex areas such as architecture, maintenance and content development while retaining ownership and access to technology investments.
Send me the Report!
Gartner, Market Guide for Co-Managed Security Monitoring Services , Pete Shoard, Mitchell Schneider, Andrew Davies, Angel Berrios, 4 March 2024
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.