SIEM started as a central repository for event correlation for perimeter security devices. It then morphed into a reporting engine for governance and compliance. SIEM platforms are being outfitted with the latest machine learning technologies. As a security data hub, its only natural that SIEM would have a big role in investigations and remediation. Some SIEM vendors are moving beyond analysis alone and are building in tools for IR workflow. IBM acquired Resilient for this purpose, but LogRhythm and Splunk (Adaptive Response) are also onboard.”]
Source: https://www.csoonline.com/article/3122392/siem-market-dynamics-in-play.html