2021-05-18T12:31:00Z

The Math of SIEM Comparison

Ertugrul Akbas - PeerSpot reviewer
  • 848
Updated:
Product comparison that may be of interest to you
PeerSpot user
3

3 Comments

Real User
2021-10-09T13:15:10Z
Oct 9, 2021
Ertugrul Akbas - PeerSpot reviewer
Real User
Top 10
Oct 11, 2021

@Seckin Demir If my comments do not satisfy you about the McAfee SIEM, you can check comments from Gartner.
Limited advanced features and add-ons: McAfee lags behind competing SIEM vendors that offer cloud-native SIEM options, ML powered UEBA and SOAR add-on solutions.Requirement for add-ons for a range of cloud environments: Native monitoring of popular SaaS solutions and CIPS by McAfee ESMis limited to Microsoft Office 365, AWS and Microsoft Azure. Other SaaS apps and CIPS require use of MVISION Cloud or an integration with a third-party CASB.Potential impact from sale of enterprise business: In March 2021, McAfee announced the sale of its enterprise business to Symphony Technology Group. This sale may introduce uncertainty for existing customers and potential buyers. Those considering McAfee for SIEM should check its roadmap and future support for McAfee ESM.
Also, you can also look at how the McAfee SIEM product's status in the Gartner Magic Quadrant has changed over the past three years.

PeerSpot user
Ertugrul Akbas - PeerSpot reviewer
Real User
Top 10
2021-07-12T12:18:15Z
Jul 12, 2021
CH
User
Jul 13, 2021

@Ertugrul Akbas Much appreciated, thank you.

PeerSpot user
Vendor
2021-07-14T18:27:05Z
Jul 14, 2021
Ertugrul Akbas - PeerSpot reviewer
Real User
Top 10
Jul 14, 2021

@Augusto Barros my sentence is: "Exabeam and Securonix are UEBA tools. They are not correlation-based solutions". It does not mean that Exabeam and Securonix do not provide the ability to build correlation based rules. I tried to emphasize their UEBA capability.

PeerSpot user
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: July 2024.
792,905 professionals have used our research since 2012.
Related Questions
Liam Brandt - PeerSpot reviewer
Mar 22, 2023
Mar 22, 2023
I´m not sure about this affirmation. There are a lot of other tools used.
See 2 answers
VS
Mar 14, 2023
Hi, in my opinion, because it is still the best at giving you visibility of what's happening in your IT infrastructure, and at detecting threats. Visibility and detection may seem simple tasks. but actually, they require a lot of capabilities in understanding, integrating, logging, and alarms from a huge multitude of devices. Such tasks go under the line of log ingestion, normalization, etc., and that is far from easy. QRadar has done a lot of work in that direction. Another aspect is event correlation. And here, either you write the correlation rules yourself, spending $$$$ of professional services, and by the way, it'll take forever to test, implement and maintain up to date, or your access to a very long list of preset correlation rules, that are already available and waiting to be activated. Finally, visibility and threat detection is just the beginning of a journey pointed at becoming aware of what's happening in your IT and taking relevant and effective action. There are several other technologies that have to be used to minimize exposure, and contain, and remediate relations to an attack. I believe IBM has a few of those, that can be integrated. But whichever you use at the end of this journey, if the original feed is not correct, not relevant, or not complete, you missed your goal in the first place.My 5 cents :)VS
Jairo Willian Pereira - PeerSpot reviewer
Mar 22, 2023
I´m not sure about this affirmation. There are a lot of other tools used.
Miriam Tover - PeerSpot reviewer
Oct 18, 2022
Oct 18, 2022
The primary use case of this solution is to help customize the workflows and dashboards for our clients in a secure manner.
2 out of 4 answers
SU
Feb 6, 2022
The use cases that are widely used across the globe are related to ransomware phishing, lateral movement, et cetera.
SD
Apr 25, 2022
IBM QRadar Advisor with Watson is aligned with regards to what's happening in the public space in terms of the Phishing attacks that we are seeing prevalent in the market. In the campaigns that which hackers are trying to obtain information, the use cases are very practical. The solution offers quite a bit of protection.
Related Articles
Julia Miller - PeerSpot reviewer
Mar 19, 2024
Mar 19, 2024
Today, Security Information and Event Management (SIEM) solutions play a pivotal role in bolstering organizational defenses against an array of cybersecurity threats. Through the lens of real-world success stories and an evaluation of top SIEM technologies, this comprehensive article illustrates the transformative impact of SIEM systems across industries and highlights leading solutions, includ...
Ertugrul Akbas - PeerSpot reviewer
Jan 24, 2023
Jan 24, 2023
It is important to retain logs for a significant amount of time in order to be able to investigate and analyze past attacks. This allows security teams to identify patterns and trends that can aid in the detection and prevention of future attacks. The retention period will vary depending on the organization's specific requirements and regulations, but it is generally recommended to keep logs f...
Navcharan Singh - PeerSpot reviewer
Oct 7, 2022
Oct 7, 2022
Security Information and Event Management (SIEM) solutions differ significantly from firewalls. While both security solutions are integral components of cybersecurity infrastructure, they have different capabilities, functions, and roles. Do you need SIEM if you already have a firewall? If you have questions about the difference between SIEM and firewall, you have come to the right place. T...
Product Comparisons
Related Articles
Julia Miller - PeerSpot reviewer
Mar 19, 2024
Top SIEM Solutions & Success Stories: Strengthening Cybersecurity in Diverse Industries
Today, Security Information and Event Management (SIEM) solutions play a pivotal role in bolsteri...
Ertugrul Akbas - PeerSpot reviewer
Jan 24, 2023
Features of Today's SIEMs – Requirements for Today’s Attacks and Breaches
It is important to retain logs for a significant amount of time in order to be able to investiga...
Download Free Report
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Exabeam, Splunk, Securonix Solutions, and more! Updated: July 2024.
DOWNLOAD NOW
792,905 professionals have used our research since 2012.