Top 8 Security Information and Event Management (SIEM)
SplunkMicrosoft SentinelIBM QRadarSecuronix Next-Gen SIEMLogRhythm SIEMDevoElastic SecurityAT&T AlienVault USM
Popular Comparisons It is the best tool if you have a complex environment or if data ingestion is too huge.
The indexing and data collection are valuable.
Popular Comparisons Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment.
Popular Comparisons The simplicity of the solution is the best feature.
The event collector, flow collector, PCAP and SOAR are valuable.
Popular Comparisons The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it.
Popular Comparisons Its ease of use is valuable.
I like LogRhythm's ease of use. The solution has improved compared to previous versions. It had many issues before, like integration, the console, creating reports, false positives, etc. The AI engine has made it stronger in the latest version.
Popular Comparisons The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is.
The most useful feature for us, because of some of the issues we had previously, was the simplicity of log integrations. It's much easier with this platform to integrate log sources that might not have standard logging and things like that.
Popular Comparisons The most valuable features of Elastic Security are it is open-source and provides a high level of security.
It's very stable and reliable.
Popular Comparisons Having everything in a central place has been helpful.
Every activity on the firewall is recorded, and notifications are sent with this solution.
Buyer's Guide
Security Information and Event Management (SIEM)
January 2023
Find out what your peers are saying about Splunk, Microsoft, IBM and others in Security Information and Event Management (SIEM). Updated: January 2023.
672,785 professionals have used our research since 2012.
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
672,785 professionals have used our research since 2012.
See all 51 solutions in Security Information and Event Management (SIEM)
Advice From The Community
Read answers to top Security Information and Event Management (SIEM) questions. 672,785 professionals have gotten help from our community of experts.
Rony_Sklar
Community Manager at a tech services company with 51-200 employees
Are event correlation and aggregation both needed for effective event monitoring and SIEM?
Rony_Sklar
Community Manager at a tech services company with 51-200 employees
Dec 21 2022
SIEM and SOAR have a lot of components in common. How do they differ in the role they play in Cyber Security?
If you've been working in cybersecurity, you've likely come across SOAR and SIEM technologies. There are differences between their capabilities, although they have a fair amount of commo... Read More »
Malola Varadhan
User at First Abu Dhabi Bank P.j.s.c
I work at mid-sized enterprise bank. I am researching SIEM solutions. Which is the best tool for security information and event management: Arcsight or Securonix?
Rony_Sklar
Community Manager at a tech services company with 51-200 employees
Jan 24 2023
There are many cybersecurity tools available, but some aren't doing the job that they should be doing.
What are some of the threats that may be associated with using 'fake' cybersecurity tools?
What can people do to ensure that they're using a tool that actually does what it says it does?
Read More »
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Dec 21 2022
Hi SOC analysts and other infosec professionals,
Which standard/custom method do you use to decide about the alert severity in your SOC?
Is it possible to avoid being too subjective? How do you fight the "alert fatigue"?
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Dec 21 2022
Hi dear professionals,
Can you share with the community 2-3 top pain points you've been experiencing during the Security Information and Event Management (SIEM) solution purchase?
How have you been able to overcome them, if at all?
Thanks for sharing your knowledge with other peers. Read More »
Shibu Babuchandran
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Dec 15 2022
Hi community,
What are your top 5 (or less) cyber security trends in 2022?
Thanks in advance!
Security Information and Event Management (SIEM) Articles
Ertugrul Akbas
Manager at ANET
Jan 24 2023
It is important to retain logs for a significant amount of time in order to be able to investigate and analyze past attacks. This allows security teams to identify patterns and trends that can aid in the detection and prevention of future attacks. The retention period will vary depending on the... Read More »
Tjeerd Saijoen
CEO at Rufusforyou
Dec 15 2022
Security and protecting your IT environment is the biggest challenge now.
How to prevent ransomware attacks?
Part 1 described our approach to proactively protect your environment. The first step is to scan your environment from server to endpoint and check your complete environment on several ... Read More »
Ertugrul Akbas
Manager at ANET
Nov 11 2022
The right SIEM tool varies based on a business’ security posture, its budget and other factors. However, the top SIEM tools usually offer the following capabilities:
Scalability — Ensure the solution has the capability to accommodate the current and the projected growth.
Log compatibility — E... Read More »
Andrés Batista
Executive Account Manager
Nov 10 2022
Cybersecurity is a massive issue for small and medium-sized businesses, and a lack of knowledge worsens its process. According to the National Cyber Security Alliance, 60% of SMBs that experience a severe cyber-attack go out of business within six months. However, you as an owner must protect you... Read More »
Navcharan Singh
Senior Seo Executive at Ace Cloud Hosting
Oct 07 2022
Security Information and Event Management (SIEM) solutions differ significantly from firewalls. While both security solutions are integral components of cybersecurity infrastructure, they have different capabilities, functions, and roles.
Do you need SIEM if you already have a firewall?
If ... Read More »
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Dear PeerSpot community members,
This is our latest Community Spotlight for YOU. Here we've summarized and selected the latest posts (professional questions, articles and discussions) contributed by PeerSpot community members.
Check them out!
Trending
See what your peers are discussing a... Read More »
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi peers,
This is our new Community Spotlight that includes recent contributions (questions, articles and discussions) by the PeerSpot community members.
Trending
Is RPA beneficial for a healthcare organization?
With the increasing risk of cyber attacks in the west, due to the war in Ukra... Read More »
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi community members,
Here we go with a new Community Spotlight. We publish it to help YOU catch up on recent contributions by community members.
Trending
What open-source HCI solution do you recommend?
How much time does SSO save?
What are the main technical differences between Microso... Read More »
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi community members,
Here is our new Community Spotlight for YOU. We publish it to help you catch up on recent contributions by community members.
Do you find it useful? Please comment below!
Trending
Top HCI in 2022
What are the main differences between XDR and SIEM?
Articles
Top ... Read More »
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi peers,
Spotlight #6 is our fresh bi-weekly community digest. It helps you catch up on recent contributions by community members. Please comment below with your feedback about our new brand name and this Spotlight!
Trending
Top RPA trends and forecasts that will help boost the techn... Read More »
Ertugrul Akbas
Manager at ANET
There are many comparisons and scoring reports like Gartner. But a small part of their scoring is technical capacity. Other comparisons available on the web or magazines are marketing, sales, and presales documents. They do not include extensive technical analysis.
In today’s ever-evolving cy... Read More »
Netanya Carmi
Content Manager at PeerSpot (formerly IT Central Station)
We receive alerts all day long - alerts about emails, incoming Whatsapps and SMSes, posts on social media, etc. At some point we become desensitized to these alerts and stop noticing them anymore - a phenomenon known as “alert fatigue.” Seventy percent of a SOC analyst’s workday is spent dealing ... Read More »
Giusel
IT Engineer at UTMStack
What is HIDS in Cybersecurity?
A HIDS (Host Intrusion Detection System) is software that detects malicious behavior on the host. It monitors all the operating system operations, tracks user behavior, and operates independently without human assistance.
How does a Host-based Intrusion Detectio... Read More »
Netanya Carmi
Content Manager at PeerSpot (formerly IT Central Station)
Security Incident and Event Management (SIEM) has been widely adopted and used to manage cybersecurity events. As a result, the SIEM market is expected to grow by approximately 25% over the next five years as the need for cybersecurity automation increases. Even though the market is expanding, th... Read More »
Ertugrul Akbas
Manager at ANET
Part of the SIEM problems enterprises face is failing to maintain it with the proper correlation rules.
SIEM use cases or rules are 80% of the value of the product. All SIEM solutions have a correlation feature, but they are not the same. Before choosing a SIEM, you must check correlation c... Read More »
Netanya Carmi
Content Manager at PeerSpot (formerly IT Central Station)
Security information and event management (SIEM) is a multipurpose security management protocol that combines security information management (SIM) and security event management (SEM). SIEM has recently emerged as the gold standard approach to network security. It uses historical as well as real... Read More »
Security Information and Event Management (SIEM) Topics
Tips for choosing the right SIEM solution
As with any enterprise tech solution, it’s important to spend time doing your research and POC, so that you know that you’re spending on the right product. We sifted through some of our users’ answers to summarize some of the best tips.
- Define your goal
Before starting to evaluate solutions, It’s important to define what you want to accomplish with a SIEM. Marty Baron says, “Every SIEM has different strengths and weaknesses so you need to know what is most important to you in terms of goals, so you don’t waste time looking at something that can’t do the thing you need it to do.”
- Limit your options
As one of your users says, “Review a finite number of products, otherwise you’ll never finish”. Although it’s important to spend time doing due diligence, you need to get to the point of implementation. If you have too many options, it will take too long to make a decision. Users suggest making a shortlist of options that meet your technical requirements, speak to your goal, and match your budget
- Create a framework for your POC
Once you’ve narrowed down your options, it’s time to trial the shortlisted products. Users recommend putting a framework in place to guide the POC. This way, you can evaluate your options systematically.
One user, DAX Paulino, suggests “creat[ing] a checklist of features that you need, from the basic (i.e. interactive dashboards, ease of integration, Threat Intelligence), to the more advanced (i.e. Automated response, Behavior Analytics, etc.). Give each item on your checklist a score so that you can weigh in on each item as a measure of your decision. Don’t forget to factor in usability and support.”
Buyer's Guide
Security Information and Event Management (SIEM)
January 2023
Find out what your peers are saying about Splunk, Microsoft, IBM and others in Security Information and Event Management (SIEM). Updated: January 2023.
672,785 professionals have used our research since 2012.
