AIOps platforms analyze telemetry and events, and identify meaningful patterns that provide insights to support proactive responses. AIOps platforms have five characteristics: Cross-domain data ingestion and analytics Topology assembly from implicit and explicit sources of asset relationship and dependency Correlation between related or redundant events associated with an incident Pattern recognition to detect incidents, their leading indicators or probable root cause Association of probable remediation
Cloud Investigation and Response Automation (CIRA) is a technology that leverages advanced analytics, artificial intelligence (AI), and automation to enhance the detection, investigation, and response to security incidents within cloud environments. It provides real-time insights into potential threats, automates the collection and analysis of forensic data, and uses machine learning (ML) algorithms for proactive threat detection. CIRA tools integrate seamlessly with existing Security Operations (SecOps) technologies to improve an organization’s overall security posture.
Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed endpoints — including desktop PCs, laptop PCs, mobile devices and, in some cases, server endpoints — against known and unknown malicious attacks. EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents, deployed to endpoints, and connected to centralized security analytics and management consoles. EPPs provide a defensive security control to protect end-user endpoints against known and unknown malware infections using a combination of security techniques (such as static and behavioral analysis) and system controls (such as device control and host firewall management). EPP prevention and protection capabilities are deployed as a part of a defense-in-depth strategy to help reduce the attack surface and minimize the risk of endpoint compromise. EPP detection and response capabilities are used to uncover, investigate, and respond to endpoint threats that evade security prevention, often as a part of broader security operations platforms.
An enterprise search engine is a specialized search tool designed to help organizations index, search, and retrieve information stored within their internal data repositories. Unlike general web search engines that index and search the entire internet, enterprise search engines focus on the internal data of an organization, which can include documents, emails, databases, intranet sites, and other digital assets or data sources. Modern enterprise search engines often incorporate Natural Language Processing (NLP) and Machine Learning (ML) and AI-powered technologies to enhance their capabilities and improve the search experience. This type of search engine is adept at handling both structured and unstructured data, making it invaluable for diverse use cases such as knowledge management, customer support, and business intelligence. By integrating these enterprise search software capabilities, organizations can ensure that employees have quick and relevant access to the information they need, thereby improving productivity and decision-making.
Generative AI (GenAI) apps use generative AI capabilities for user experience and task augmentation to accelerate and assist the completion of a user’s desired outcomes. Generative AI refers to technologies that can generate new derived versions of content, strategies, designs and methods by learning from large repositories of original source content. When embedded in the experience, generative AI offers richer contextualization for singular tasks such as generating and editing text, code, images and other multimodal output. As an emerging capability, process-aware generative AI agents can be prompted by users to accelerate workflows that tie multiple tasks together. Apart from helping save time and money, generative AI apps help improve branding of businesses by creating more engaging and effective content while also creating more engaging and immersive experiences for customers. Please note that this market is based on Beta research and is continuously evolving. We will be making changes as and when there are new updates.
Generative AI (GenAI) engineering refers to the field of engineering that focuses on the development, implementation and optimization of generative AI models. Generative AI refers to technologies that can generate new derived versions of content, strategies, designs and methods by learning from large repositories of original source content. By developing GenAI models, engineers can create new and innovative ways to generate content. The vendors in this segment are made up by incumbent and startup vendors covering full-model life cycle management, specifically adjusted to and catering to development, refinement and deployment of generative models (e.g., LLMs) and other GenAI artifacts in production applications. Please note that this market is based on Beta research and is continuously evolving. We will be making changes as and when there are new updates.
Gartner defines Insight Engines as follows: Insight engines apply relevancy methods to discover, analyze, describe and organize content and data. They enable the interactive or proactive delivery or synthesis of information to people, and data to machines, in the context of their respective business moments. Insight engines should be viewed as platforms on which applications are provided, developed or augmented by applying the capabilities listed above to specific employee and customer experience use cases. Such applications are provided out of the box by vendors (e.g., intranet or site search), developed through technical partnerships (e.g., search within third-party applications), developed with customers in-house (e.g., expert finder), or developed through integration with third-party applications (e.g., extracting data from documents to support RPA).
Gartner defines observability platforms as products that ingest telemetry (operational data) from a variety of sources including, but not limited to, logs, metrics, events and traces. They are used to understand the health, performance and behavior of applications, services and infrastructure. Observability platforms enable an analysis of the telemetry, either via human operator or machine intelligence, to determine changes in system behavior that impact end-user experience such as outages or performance degradation. This allows for early, and even preemptive, problem remediation. Observability solutions are used by IT operations, site reliability engineers, cloud and platform teams, application developers, and product owners. Observability platforms are used by organizations to understand and improve the availability, performance and resilience of these critical applications and services. Investment in and successful deployment of observability platforms leads to revenue loss avoidance and enables faster product development cycles and improvements in brand perception.
Gartner defines Search and Product Discovery as applications that augment digital commerce solutions to facilitate navigation, filtering, comparisons, and ultimately selection of products. They provide search (keyword, natural language and visual), merchandising (automation, configuration, and curation of business rules to make a product discoverable based on business needs), product recommendations, catalog navigation (and SEO keyword automation), personalization and analytics capabilities through SaaS to enable customers (B2C and B2B) to transact. They also enable providers (merchandisers, content managers, and search specialists) to support customer experiences. With the emergence of generative AI, conversational search interfaces are now appearing. Search and Product Discovery applications use product data to facilitate navigation, filtering, comparisons and ultimately product selection. Search results can be highly visual, using engaging layouts and multimedia. Content other than product information, such as educational information, compliance materials and related news may also be included in search results to engage customers and further support buying decisions.
SIEM is a configurable security system of record that aggregates and analyzes security event data from on-premises and cloud environments. SIEM assists with response actions to mitigate issues that cause harm to the organization and satisfy compliance and reporting requirements. The security information and event management (SIEM) system must assist with: 1. Aggregating and normalizing data from various IT and operational technology (OT) environments 2. Identifying and investigating security events of interest 3. Supporting manual and automated response actions 4. Maintaining and reporting on current and historical security events