Top 8 Security Information and Event Management (SIEM)
SplunkMicrosoft SentinelIBM QRadarSecuronix Next-Gen SIEMLogRhythm SIEMDevoElastic SecurityAT&T AlienVault USM
Popular Comparisons It is the best tool if you have a complex environment or if data ingestion is too huge.
The indexing and data collection are valuable.
Popular Comparisons Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment.
Popular Comparisons The simplicity of the solution is the best feature.
The event collector, flow collector, PCAP and SOAR are valuable.
Popular Comparisons The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it.
Popular Comparisons Its ease of use is valuable.
I like LogRhythm's ease of use. The solution has improved compared to previous versions. It had many issues before, like integration, the console, creating reports, false positives, etc. The AI engine has made it stronger in the latest version.
Popular Comparisons The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is.
The most useful feature for us, because of some of the issues we had previously, was the simplicity of log integrations. It's much easier with this platform to integrate log sources that might not have standard logging and things like that.
Popular Comparisons The most valuable features of Elastic Security are it is open-source and provides a high level of security.
It's very stable and reliable.
Popular Comparisons Having everything in a central place has been helpful.
Every activity on the firewall is recorded, and notifications are sent with this solution.
Buyer's Guide
Security Information and Event Management (SIEM)
January 2023

Find out what your peers are saying about Splunk, Microsoft, IBM and others in Security Information and Event Management (SIEM). Updated: January 2023.
672,785 professionals have used our research since 2012.
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
672,785 professionals have used our research since 2012.
See all 51 solutions in Security Information and Event Management (SIEM)
Advice From The Community
Read answers to top Security Information and Event Management (SIEM) questions. 672,785 professionals have gotten help from our community of experts.Security Information and Event Management (SIEM) Articles
Security Information and Event Management (SIEM) Topics
Tips for choosing the right SIEM solution
As with any enterprise tech solution, it’s important to spend time doing your research and POC, so that you know that you’re spending on the right product. We sifted through some of our users’ answers to summarize some of the best tips.
- Define your goal
Before starting to evaluate solutions, It’s important to define what you want to accomplish with a SIEM. Marty Baron says, “Every SIEM has different strengths and weaknesses so you need to know what is most important to you in terms of goals, so you don’t waste time looking at something that can’t do the thing you need it to do.”
- Limit your options
As one of your users says, “Review a finite number of products, otherwise you’ll never finish”. Although it’s important to spend time doing due diligence, you need to get to the point of implementation. If you have too many options, it will take too long to make a decision. Users suggest making a shortlist of options that meet your technical requirements, speak to your goal, and match your budget
- Create a framework for your POC
Once you’ve narrowed down your options, it’s time to trial the shortlisted products. Users recommend putting a framework in place to guide the POC. This way, you can evaluate your options systematically.
One user, DAX Paulino, suggests “creat[ing] a checklist of features that you need, from the basic (i.e. interactive dashboards, ease of integration, Threat Intelligence), to the more advanced (i.e. Automated response, Behavior Analytics, etc.). Give each item on your checklist a score so that you can weigh in on each item as a measure of your decision. Don’t forget to factor in usability and support.”
Buyer's Guide
Security Information and Event Management (SIEM)
January 2023

Find out what your peers are saying about Splunk, Microsoft, IBM and others in Security Information and Event Management (SIEM). Updated: January 2023.
672,785 professionals have used our research since 2012.