Try our new research platform with insights from 80,000+ expert users

SIEM Roundup: AWS, Elastic, Splunk, and More

Russell Rothstein - PeerSpot reviewer
Russell Rothstein
CEO at PeerSpot
  • 10
Published:Sep 10, 2019

Here are the week’s top briefs about the SIEM market.

 

Elastic launches free SIEM

Elastic, known for Elasticsearch and other tools, has beta launched a free SIEM solution.

 

AWS new Security Hub offers SIEM-like capabilities

Customers pay only for the compliance checks performed and security findings ingested, with no charge for the first 10,000 security finding events each month. Read more.

 

The best way to trial a SIEM solution

Check out the latest advice from the community about how to trial SIEM. Our favorite tips: “I recommend NOT trialing SIEM solutions in a bake-off. You will be comparing several unbaked cakes.” And: “Check if a cloud version of the tool is available. Some SIEM's offer a free trial period for their cloud-based solutions.” And: “Understand your retention requirements: Storage cost!!! You’re capturing events per minute, and it gets expensive.” Read more tips.

 

Splunk: Logging solution or SIEM?

A Director of Information Security told us in this review: “Before Splunk, I’ve used AlienVault, LogRhthym, ArcSight, and IBM QRadar. As a logging solution, I would say Splunk is probably an eight or nine. If you're talking about SIEM I'd say it's probably about a five.” Agree? Disagree? Post a comment on the review and share your opinion with the community.

 

That's all for now!

What topics would you like us to include in the next update? Add a comment.

 

Explore related topics
Security Information and Event Management (SIEM)
Product comparison that may be of interest to you
Splunk Enterprise Security
  • 381 Reviews
USM Anywhere
  • 115 Reviews
Share
PeerSpot user
PeerSpot user
Buyer's Guide
Security Information and Event Management (SIEM)
March 2026
Download Free Report
Find out what your peers are saying about Splunk, Wazuh, IBM and others in Security Information and Event Management (SIEM). Updated: March 2026.
DOWNLOAD NOW
884,696 professionals have used our research since 2012.
Related Questions
Liam Brandt - PeerSpot reviewer
Liam Brandt
Works at Catalyic Consulting (Pvt.) Ltd
Mar 22, 2023
Mar 22, 2023
Why do most companies prefer IBM QRadar?
I´m not sure about this affirmation. There are a lot of other tools used.
See 2 answers
VS
Valter Sav
Works at RAS Unipers
Mar 14, 2023
Hi, in my opinion, because it is still the best at giving you visibility of what's happening in your IT infrastructure, and at detecting threats. Visibility and detection may seem simple tasks. but actually, they require a lot of capabilities in understanding, integrating, logging, and alarms from a huge multitude of devices. Such tasks go under the line of log ingestion, normalization, etc., and that is far from easy. QRadar has done a lot of work in that direction. Another aspect is event correlation. And here, either you write the correlation rules yourself, spending $$$$ of professional services, and by the way, it'll take forever to test, implement and maintain up to date, or your access to a very long list of preset correlation rules, that are already available and waiting to be activated. Finally, visibility and threat detection is just the beginning of a journey pointed at becoming aware of what's happening in your IT and taking relevant and effective action. There are several other technologies that have to be used to minimize exposure, and contain, and remediate relations to an attack. I believe IBM has a few of those, that can be integrated. But whichever you use at the end of this journey, if the original feed is not correct, not relevant, or not complete, you missed your goal in the first place.My 5 cents :)VS
Read full answer
Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian Pereira
Information Security Manager at a retailer with 10,001+ employees
Mar 22, 2023
I´m not sure about this affirmation. There are a lot of other tools used.
Read full answer
Miriam Tover - PeerSpot reviewer
Miriam Tover
Service Delivery Manager at PeerSpot
Oct 18, 2022
Oct 18, 2022
What is your primary use case for IBM QRadar Advisor with Watson?
The primary use case of this solution is to help customize the workflows and dashboards for our clients in a secure manner.
2 out of 4 answers
reviewer1136397 - PeerSpot reviewer
reviewer1136397
Team Lead - Information Security at a computer software company with 10,001+ employees
Feb 6, 2022
The use cases that are widely used across the globe are related to ransomware phishing, lateral movement, et cetera.
Read full answer
reviewer1846212 - PeerSpot reviewer
reviewer1846212
IM Operations Manager at a tech services company with 1,001-5,000 employees
Apr 25, 2022
IBM QRadar Advisor with Watson is aligned with regards to what's happening in the public space in terms of the Phishing attacks that we are seeing prevalent in the market. In the campaigns that which hackers are trying to obtain information, the use cases are very practical. The solution offers quite a bit of protection.
Read full answer
See all 4 answers
Product Comparisons
Go!
Related Categories
Security Information and Event Management (SIEM)
Top rated products
Splunk Enterprise Security
  • 381 Reviews
USM Anywhere
  • 115 Reviews
LogRhythm SIEM
  • 176 Reviews
OpenText Enterprise Security Manager
  • 98 Reviews
IBM Security QRadar
  • 217 Reviews
See all products
Related Questions
Mar 22, 2023
Why do most companies prefer IBM QRadar?
Oct 18, 2022
What is your primary use case for IBM QRadar Advisor with Watson?
Download Free Report
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Splunk, IBM, Exabeam, and more! Updated: March 2026.
DOWNLOAD NOW
884,696 professionals have used our research since 2012.