Security operations is changing, driven by a wave of diverse data types, analytics tools, and new operational requirements. These changes are initiating an evolution from monolithic security technologies to a more comprehensive event-driven software architecture (along the lines of SOA 2.0) where disparate security technologies connect via enterprise-class middleware for things like data exchange, message queueing, and risk-driven trigger conditions. ESG refers to this as a Security Operations and Analytics platform architecture or SOAPA.
When speaking, or writing about SOAPA, I often compare this evolution to an analogous IT trend in the 1990s. Way back then, large organizations abandoned standalone departmental applications in favor of a more integrated software architecture, ERP. This transition resulted in a new generation of business applications acting as a foundation for greater automation, efficiency, and profitability.