Many cybersecurity professionals recognize that the Security Information and Event Management (SIEM) space is undergoing major transformation — but opinions differ on where it’s headed.
About 40% believe SIEM capabilities should be integrated into broader platforms like Extended Detection and Response (XDR) or Endpoint Detection and Response (EDR). In contrast, 35% still see value in SIEM systems, especially as they evolve through artificial intelligence and newer technologies.
However, skepticism remains: 15% of participants believe the traditional SIEM is on its way out, while 10% report not using a SIEM at all. With the explosion of security data and the influence of generative AI, it’s no surprise that the industry is divided on whether SIEMs can continue as standalone solutions.
This shift is reflected in recent market moves. IBM, for instance, exited the SIEM sector last year by selling its QRadar SaaS business to Palo Alto Networks. Meanwhile, Exabeam and LogRhythm merged to combine their analytics and SIEM capabilities.
At the same time, XDR vendors like CrowdStrike and SentinelOne are embedding SIEM features directly into their platforms. Major tech firms are expanding as well — Microsoft, for example, just introduced data lake integration for its Sentinel SIEM, allowing customers to store massive volumes of security data such as logs.
