SIEM solution purchases are primarily driven by threat detection use cases. Security and risk management leaders buying a SIEM solution should leverage this research to evaluate their use cases and requirements against an increasingly complex vendor landscape with varying degrees of capabilities.