Based on public certifications, alignment, or stated intent to pursue ISO 42001.
| Grade | Criteria |
|---|---|
| A | Actively certified or publicly pursuing ISO 42001. |
| B | Partially aligned or structurally prepared. |
| C | Announced roadmap or intent to pursue ISO 42001. |
| D | General security certifications (e.g., SOC2) but no ISO alignment. |
| F | No visible ISO 42001 or ISO 27001 initiative. |
Measures adoption or planned support for the Model Context Protocol standard.
| Grade | Criteria |
|---|---|
| A | Published MCP interface. |
| B | Implemented but not published MCP interface. |
| C | Announced intent to support MCP. |
| D | Agentic-like architecture, but not MCP compliant. |
| F | No MCP support or alignment. |
Evaluates how integrated and structured GenAI workflows are within the platform.
| Grade | Criteria |
|---|---|
| A | Full workflow using MCP and performing actions. |
| B | Workflow using MCP, results routed to analyst. |
| C | Workflow exists, but uses internal/local standards. |
| D | Atomic AI queries sent stateless to LLMs. |
| F | No autonomous AI decision support. |
Assesses the level of AI-driven remediation or action capability.
| Grade | Criteria |
|---|---|
| A | AI directly modifies the security posture. |
| B | AI closes or updates tickets. |
| C | AI recommends specific playbooks. |
| D | AI provides general advice or suggestions. |
| F | No AI-powered recommendations. |
Judged by public commitment to AI maturity across multiple dimensions.
| Grade | Criteria |
|---|---|
| A | Public roadmap includes all: ISO 42001, MCP, workflows, actions, and feedback/self-improvement. |
| B | Public roadmap includes four of the above. |
| C | Public roadmap includes three of the above. |
| D | Only one or two elements are publicly committed. |
| F | No clear roadmap or commitment to AI maturity. |
We evaluated leading SIEMs and security platforms against our AI grading criteria. Here’s how they stack up.
It’s important to note that this is a rapidly evolving space. As vendors race to add AI capabilities, announcements often outpace real-world implementations. Our grading focuses not just on what’s promised—but on what’s operational, public, and structurally aligned to long-term AI maturity. These evaluations are current as of today, but we expect the landscape to shift dramatically over the next 12 to 18 months.
| SIEM | ISO 42001 | MCP | GenAI Workflow | AI Remediation | Roadmap | Final Grade |
|---|---|---|---|---|---|---|
| Fluency Security | B | B | B | B | A | B |
| Microsoft Sentinel | B | C | D | C | C | C |
| Securonix EON | F | C | C | C | C | D+ |
| CrowdStrike Falcon SIEM | F | C | D | C | C | D+ |
| Splunk Enterprise Sec. | F | D | F | C | D | D |
| IBM QRadar | F | F | F | C | D | D- |
| Exabeam | D | C | C | D | C | C- |
| Devo | D | D | C | D | D | D+ |
| Hunters | F | D | D | D | D | D |
| LogScale (Humio) | F | F | F | D | D | F |
| Google Chronicle | D | F | D | D | D | D |
| Wiz | D | D | D | F | C | D+ |