Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.
The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing.
I wish the pricing was more transparent.
The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing.
I wish the pricing was more transparent.
Datadog excels in real-time data monitoring and automated detection, making it ideal for businesses needing quick setup and efficient log management. In comparison, New Relic provides in-depth transaction tracking and robust analytics, suitable for those requiring detailed performance analysis and extensive data insights.
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
SolarWinds NPM is a network monitoring solution that enables you to detect, diagnose, and resolve network performance issues and outages quickly and efficiently. The solution is a powerful tool that can help you increase service levels, reduce downtime with multi vendor network monitoring, simplify the management of complex network devices, improve operational efficiency, and much more.
Excluding the costs of running VMs and physical blade servers, our licensing costs run around US$200,000/year for over 60 polling engines.
I think that the cost has risen, but the functionality and versatility is way above other products.
Excluding the costs of running VMs and physical blade servers, our licensing costs run around US$200,000/year for over 60 polling engines.
I think that the cost has risen, but the functionality and versatility is way above other products.
PRTG Network Monitor runs on a Windows machine within your network, collecting various statistics from the machines, software, and devices which you designate. PRTG comes with an easy-to-use web interface with point-and-click configuration. You can easily share data from it with non-technical colleagues and customers, including via live graphs and custom reports. This will let you plan for network expansion, see what applications are using most of your connection, and make sure that no one is hogging the entire network just to torrent videos.
Licenses are very expensive, so I would like to see cheaper licensing.
If you're looking for a cost effective software I’d suggest this product.
Licenses are very expensive, so I would like to see cheaper licensing.
If you're looking for a cost effective software I’d suggest this product.
LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
Graylog is purpose-built to deliver the best log collection, storage, enrichment, and analysis. Graylog is:
Having paid official support is wise for projects.
I am using a community edition. I have not looked at the enterprise offering from Graylog.
Having paid official support is wise for projects.
I am using a community edition. I have not looked at the enterprise offering from Graylog.
Nagios XI provides monitoring of all mission-critical infrastructure components, including applications, services, operating systems, network protocols, systems metrics, and network infrastructure. Third-party add-ons provide tools for monitoring virtually all in-house and external applications, services, and systems.
You can grow into the higher-priced scale as they learn how to utilize the features for Nagios XI.
The pricing is really cost efficient. The licensing is perpetual and can be renewed very easily.
You can grow into the higher-priced scale as they learn how to utilize the features for Nagios XI.
The pricing is really cost efficient. The licensing is perpetual and can be renewed very easily.
ThousandEyes is a Network Intelligence platform that delivers visibility into every network an organization relies on, whether public or private. ThousandEyes enables users to optimize application delivery, end-user experience and ongoing infrastructure investments.
It is a quite expensive solution.
The solution is cheap.
It is a quite expensive solution.
The solution is cheap.
Sumo Logic
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
SCOM (System Center Operations Manager) is a cross-platform data center monitoring and reporting tool that checks the status of various objects defined within the environment, such as server hardware, system services, etc. The solution allows data center administrators to deploy, configure, manage, and monitor the operations, services, devices and applications of multiple enterprise IT systems via a single pane of glass. It is suitable for businesses of all sizes.
The pricing and licensing are fair.
Our licensing fees are approximately $30 per user, per month.
The pricing and licensing are fair.
Our licensing fees are approximately $30 per user, per month.
LogicMonitor, a unified observability platform, brings together comprehensive monitoring capabilities and enables observability across data centers, public/private clouds, and applications. LogicMonitor provides correlation, context, and clarity to understand the business impact and causes of complex IT incidents.
I know we are saving at least several hundred thousand dollars in that we're not buying Cisco Prime.
We pay for the enterprise tech support.
I know we are saving at least several hundred thousand dollars in that we're not buying Cisco Prime.
We pay for the enterprise tech support.
Fortinet FortiAnalyzer is a powerful platform used for log management, analytics, and reporting. The solution is designed to provide organizations with automation, single-pane orchestration, and response for simplified security operations, as well as proactive identification and remediation of risks and complete visibility of the entire attack surface.
Its worth spending on FortiAnalyzer if you have multiple firewalls in your network.
The hardware cost and services contract are fair.
Its worth spending on FortiAnalyzer if you have multiple firewalls in your network.
The hardware cost and services contract are fair.
Centreon is an all-in-one IT monitoring solution that is a network, system, applicative supervision, and monitoring tool. It is free and open source, and one of the most flexible and powerful monitoring softwares on the market.
The pricing is acceptable.
For more complex tasks, we use prepaid support days and ask Centreon to come onsite.
The pricing is acceptable.
For more complex tasks, we use prepaid support days and ask Centreon to come onsite.
This is IT infrastructure monitoring's industry-standard, open-source core. Free without professional support services.
It's free.
The Nagios Core (PNP4Nagios + Core) is free and can be setup by Netadmin within a few hours. The only additional cost is the cloud server.
It's free.
The Nagios Core (PNP4Nagios + Core) is free and can be setup by Netadmin within a few hours. The only additional cost is the cloud server.
ServiceNow IT Operations Management (ITOM) is a cloud management and infrastructure tool that facilitates the administrative and development process of creating, planning, and operating digital services, technology, application requirements, and components for organizations. Service Now ensures effectiveness, performance, and availability throughout an organization's processes and services.
The pricing is high and may be excluding the small to medium-sized enterprise businesses.
It has different subscription models.
The pricing is high and may be excluding the small to medium-sized enterprise businesses.
It has different subscription models.
The PagerDuty Operations Cloud is the platform for mission-critical, time-critical operations work in the modern enterprise. Through the power of AI and automation, it detects and diagnoses disruptive events, mobilizes the right team members to respond, and streamlines infrastructure and workflows across your digital operations. The Operations Cloud is essential infrastructure for revolutionizing digital operations to compete and win as a modern digital business.
Licensing costs are around $700 a month, and the only additional costs, are phone costs in some instances.
The cost is quite high. But if you want to get a full-featured application and you have a big team...
Licensing costs are around $700 a month, and the only additional costs, are phone costs in some instances.
The cost is quite high. But if you want to get a full-featured application and you have a big team...
ScienceLogic is a hybrid IT infrastructure monitoring tool that is designed to help organizations digitally transform their companies by making the management of complex, distributed IT services easier. Using the solution’s discovery techniques, users can find everything they need in a network, gaining visibility across all vendors and technologies that are run in the cloud or data centers. In addition, the ScienceLogic solution can help users seamlessly monitor and manage cloud environments, monitor network resources, manage storage, and monitor app health and performance.
Pricing between the two is quiet large therefore you can save some money if you don't require to collect all info on each device.
Decide what you want to monitor and only monitor those items. Absorb other elements as you grow.
Pricing between the two is quiet large therefore you can save some money if you don't require to collect all info on each device.
Decide what you want to monitor and only monitor those items. Absorb other elements as you grow.
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
Cisco Intersight is Cisco’s systems management platform that delivers intuitive computing through cloud-powered intelligence. This platform offers a more intelligent level of management that enables IT organizations to analyze, simplify, and automate their environments in ways that were not possible with prior generations of tools. This capability empowers organizations to achieve significant savings in Total Cost of Ownership (TCO) and to deliver applications faster, so they can support new business initiates. The advantages of the model-based management of the Cisco UCS platform plus Cisco Intersight are extended to Cisco UCS servers and Cisco HyperFlex and Cisco HyperFlex Edge systems. Cisco HyperFlex Edge is optimized for remote sites, branch offices, and edge environments.
Cisco Intersight is not cheap, but it's not the most expensive product either.
It's just the standard licensing cost. There are no additional fees.
Cisco Intersight is not cheap, but it's not the most expensive product either.
It's just the standard licensing cost. There are no additional fees.
Grafana Loki is a powerful log aggregation and analysis tool designed for cloud-native environments. Its primary use case is to collect, store, and search logs efficiently, enabling organizations to gain valuable insights from their log data.
You can use the free version of Grafana Loki on-premises.
My company doesn't need to pay for the licensing cost of the solution.
You can use the free version of Grafana Loki on-premises.
My company doesn't need to pay for the licensing cost of the solution.
Exabeam Fusion is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
Auvik is a network management software that provides real-time visibility and control over network infrastructure.
They charge for switches and some networking hardware, but everything else is free.
The billing is excellent. The way they bill it, in most environments, it's not that expensive. The billing is very cost-effective.
They charge for switches and some networking hardware, but everything else is free.
The billing is excellent. The way they bill it, in most environments, it's not that expensive. The billing is very cost-effective.
Amazon CloudWatch is a monitoring and observability service provided by Amazon Web Services (AWS). It allows users to collect and track metrics, collect and monitor log files, and set alarms. With CloudWatch, users can gain insights into their applications, infrastructure, and services, enabling them to make informed decisions and take necessary actions.
We have monthly licensing costs. The licenses are probably in the vicinity of about $300 - $350/month.
Its pricing is reasonable. It is sometimes tricky, but it is reasonable as compared to others.
We have monthly licensing costs. The licenses are probably in the vicinity of about $300 - $350/month.
Its pricing is reasonable. It is sometimes tricky, but it is reasonable as compared to others.
Optimizing SIEM
syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM.
Syslog-ng is a free open-source solution.
Syslog-ng is open-source.
Syslog-ng is a free open-source solution.
Syslog-ng is open-source.
The product is inexpensive compared to other DBM products.
This is an open-source solution with paid support.
The product is inexpensive compared to other DBM products.
This is an open-source solution with paid support.
InfluxDB is open-source software that helps developers and enterprises alike to collect, store, process, and visualize time series data and to build next-generation applications. InfluxDB provides monitoring and insight on IoT, application, system, container, and infrastructure quickly and easily without complexities or compromises in scale, speed, or productivity.
We are using the open-source version of InfluxDB.
InfluxDB is open-source, but there are additional costs for scaling.
We are using the open-source version of InfluxDB.
InfluxDB is open-source, but there are additional costs for scaling.
It is very expensive, but it's well worth the money.
The biggest problem we have with this product is the expense.
It is very expensive, but it's well worth the money.
The biggest problem we have with this product is the expense.
Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer and ADAudit Plus into a single console to help you manage your Active Directory auditing and network security easily.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
Quickly gain a complete view of your IT infrastructure, no matter how complex. Checkmk provides powerful monitoring of networks, servers, clouds, containers and applications. Fast. Effective.
The product is affordable.
The price of Checkmk is cheaper compared to other enterprise products.
The product is affordable.
The price of Checkmk is cheaper compared to other enterprise products.
A syslog server is a logging server that allows for the centralized collection of syslog messages, known as events, from a variety of networking devices such as routers, switches, and firewalls, in addition to servers running a variety of operating systems.
We subscribe and pay directly on the website.
The price of SolarWinds Kiwi Syslog Server could improve.
We subscribe and pay directly on the website.
The price of SolarWinds Kiwi Syslog Server could improve.
