Zen 2.0

So I got a question for everyone. Why hasn’t the SIM or log analysis market consolidated?

The SIM market is about 5 years old now. There are many players in this field, both pure SIM players and players expanding into the SIM space.

Some of the pure players include

• ArcSight
• netForensics
• Open Service
• e-Security
• GuardedNet
• Network Intelligence
• TriGeo
• Protego
• LogLogic
• Consul Risk Management
• High Tower Software
• SenSage

Other non-pure players that are either getting into or already in the SIM space include

• Aelita (acquired by Quest Software)
• Symantec (acquired Riptech, Mountain Wave and Recourse)
• MicroMuse
• Computer Associates eTrust

I was expecting the wave of buyouts to begin when Symantec acquired the 3 companies, but nothing has happened.

I can think of a couple reasons

1. SIM vendors haven’t proved their value. There’s a lot of good technologies out there, but most of them are very high priced. I think the SIM vendors have a tough time justifying the ROI.
2. Most SIM vendors have gotten several rounds of funding now, probably anywhere from $15 to $60 million. Most companies don’t want to spend a whole lot of money buying these vendors. Symantec bought Mountain Wave for $20 million, Riptech for $145 million and Recourse for $135. Both Riptech and Recourse brought more than just log analysis products.

What do you think? I would love to hear your thoughts on this issue.

Last Modified: Wednesday, November 10th, 2004 @ 23:10

This entry was posted on Saturday, October 30th, 2004 at 8:08 am and is filed under Companies, Market. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.