On May 8th, the global IT consulting firm Gartner released the 2024 Magic Quadrant for Security Information and Event Management (SIEM) report, commonly known as the "touchstone" for SIEM products in the industry. QAX's inclusion in the Magic Quadrant this time signifies that its NGSOC has entered the internationally leading ranks.

It is reported that this year's report was not officially released until May, marking a gap of one year and seven months since the previous SIEM Magic Quadrant report. Amid intense competition, QAX's prominent listing not only reflects its accumulated strength but also serves as a milestone in its global leadership strategy for NGSOC.

The Magic Quadrant is an analytical report by Gartner that uses a visual quadrant chart, in-depth analysis, and actionable recommendations to describe market direction, maturity, and participants. The four quadrants of the Gartner SIEM Magic Quadrant are Leaders, Challengers, Visionaries, and Niche Players.

For this report, Gartner conducted nearly 200 granular, in-depth evaluations of global SIEM vendors across multiple dimensions, including market presence, product roadmaps, data collection, security monitoring, advanced threat analysis, threat intelligence, incident investigation and forensics, automation orchestration and response, product deployment and integration, and user interfaces. Simultaneously, Gartner performed detailed demo assessments of over 20 key capabilities and core functionalities of SIEM products.

Analysts believe that QAX's inclusion in the Gartner SIEM Magic Quadrant indicates its NGSOC's key capabilities have reached mainstream international standards, with its existing features and roadmap aligning with global trends. This achievement also signifies international recognition of its success in the global market. Previously, QAX Group announced its goal of "Establishing As China's Leader And Advancing Toward Global Leadership" during the release of a new NGSOC version at World Internet Conference Wuzhen Summit, and this vision is now being realized step by step.

In recent years, QAX has continuously enhanced the core competitiveness of NGSOC through innovative technologies, striving to become a globally leading security operations platform. Currently, QAX NGSOC offers bilingual support (Chinese and English) and excels in areas such as alert noise reduction, intellectualization, incident investigation and response, and forensic analysis.

✭ Alert Noise Reduction: QAX pioneered intelligent alert triage, driven by expert experience models and AI models. It automatically filters false positives, identifies precise alerts, distinguishes critical alerts, merges duplicate alerts, and handles invalid alerts, while also reclassifying and reprioritizing alerts. Pre-configured triage models can eliminate over 98% of alert noise.

✭ Intellectualization: NGSOC provides an AI Assistant, developed using local AI models and the QAX-GPT security robot. This assistant enables security operators to perform tasks effortlessly through simple dialogue, assisting analysts with basic tasks such as data queries, task assignments, and intelligence lookups, significantly improving efficiency. Additionally, it offers general knowledge Q&A and professional security knowledge services, providing insights into attacker characteristics, attack principles, alert analysis approaches, risks, and mitigation suggestions. With the dual support of the AI Assistant and QAX’s Managed Detection and Response (MDR) services, NGSOC delivers an efficient and user-friendly intelligent operations experience.

✭ Incident Investigation and Response: NGSOC achieves 1-minute incident categorization and 5-minute impact assessment, highly praised capabilities. It automatically aggregates related alerts into comprehensive incident dossiers, supplements contextual evidence, maps MITRE ATT&CK tactics and techniques, interprets attacker intent, identifies key attack traces, evaluates impact scope, and calculates response targets. Even for complex incidents, users can easily understand the full context.

✭ Forensic Analysis: QAX Self-developed Security Data Analysis Language (QAL) allows security analysts to perform traceability analysis with zero coding knowledge, lowering the learning cost. This is the result of years of R&D by the NGSOC team, providing rapid scenario expansion at low cost while improving the efficiency of security analysis and threat hunting.

Additionally, NGSOC offers comprehensive threat visibility across six dimensions: endpoints, identities, applications, data, networks, and cloud. It covers 363/626 MITRE ATT&CK techniques and ranks first in the industry, with a 94% coverage rate (136/144) for prevalent ATT&CK techniques. It comes pre-configured with 2,400+ parsing rules, 1,200+ correlation rules, and 100+ triage models, along with dashboards, reports, and quick-search queries for immediate use. It supports automated parsing for 1,000+ data sources without manual configuration. NGSOC can also be upgraded independently online without the need for product upgrades, continuously and uninterruptedly enhancing security monitoring.

In terms of operational services, as the exclusive cybersecurity provider for the Beijing 2022 Winter Olympics, QAX boasts China’s most comprehensive security service system. It provides 24/7 professional local and remote NGSOC security operations services, including asset management, vulnerability management, threat analysis, correlation rule optimization, and centralized security incident management. QAX has established a team of security operations experts and a mature training system, along with specialized threat intelligence mining and production capabilities to track global APT group activities. Furthermore, its technical analysis team covers expertise in operating systems, reverse engineering, vulnerability research, penetration testing, and other security domains, collaborating seamlessly with NGSOC operations teams to deliver efficient security services, especially during high-intensity scenarios like emergencies and major events.

QAX NGSOC served as the core security monitoring platform for the Beijing 2022 Winter Olympics SOC. It has ranked first in market share for four consecutive years in the Situational Awareness and Security Operations sector, with thousands of government and enterprise organizations adopting it as their security operations platform. Its clientele includes 74 Fortune 500 companies and central government ministries, and it has contributed to 10 national/industry standards for situational awareness and security operations.

Moving forward, the QAX NGSOC team will continue developing AI-driven analysis models and response systems tailored to user needs, integrating personnel and processes into a standardized security operations framework. Driven by compliance and digital transformation, NGSOC will deepen its alignment with customer business scenarios, safeguarding high-quality digital development.

Source: Gartner, Inc. "Magic Quadrant for Security Information and Event Management" : Andrew Davies, Mitchell Schneider, Rustam Malik, Eric Ahlm, May 08, 2024.

Gartner Disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications,and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.