Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
Zabbix is a comprehensive monitoring solution that is widely used across various industries. Its primary use case is for monitoring infrastructure, including physical, virtual, and network aspects.
Zabbix helps organizations by providing valuable metrics for preventive maintenance and capacity planning, proactive monitoring and alerting, monitoring a wide range of hardware equipment, optimizing work processes, improving customer experiences, enabling remote appointments with visual communication, and providing an overview of bandwidth consumption.
With Zabbix, organizations can conveniently monitor network metrics in one place, saving time and improving efficiency.
It’s free of cost.
It is a true open-source solution, so there are no licensing costs.
It’s free of cost.
It is a true open-source solution, so there are no licensing costs.
Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Centreon is an all-in-one IT monitoring solution that is a network, system, applicative supervision, and monitoring tool. It is free and open source, and one of the most flexible and powerful monitoring softwares on the market.
The pricing is acceptable.
For more complex tasks, we use prepaid support days and ask Centreon to come onsite.
The pricing is acceptable.
For more complex tasks, we use prepaid support days and ask Centreon to come onsite.
SolarWinds NPM is a network monitoring solution that enables you to detect, diagnose, and resolve network performance issues and outages quickly and efficiently. The solution is a powerful tool that can help you increase service levels, reduce downtime with multi vendor network monitoring, simplify the management of complex network devices, improve operational efficiency, and much more.
Excluding the costs of running VMs and physical blade servers, our licensing costs run around US$200,000/year for over 60 polling engines.
I think that the cost has risen, but the functionality and versatility is way above other products.
Excluding the costs of running VMs and physical blade servers, our licensing costs run around US$200,000/year for over 60 polling engines.
I think that the cost has risen, but the functionality and versatility is way above other products.
PRTG Network Monitor runs on a Windows machine within your network, collecting various statistics from the machines, software, and devices which you designate. PRTG comes with an easy-to-use web interface with point-and-click configuration. You can easily share data from it with non-technical colleagues and customers, including via live graphs and custom reports. This will let you plan for network expansion, see what applications are using most of your connection, and make sure that no one is hogging the entire network just to torrent videos.
Licenses are very expensive, so I would like to see cheaper licensing.
If you're looking for a cost effective software I’d suggest this product.
Licenses are very expensive, so I would like to see cheaper licensing.
If you're looking for a cost effective software I’d suggest this product.
Nagios XI provides monitoring of all mission-critical infrastructure components, including applications, services, operating systems, network protocols, systems metrics, and network infrastructure. Third-party add-ons provide tools for monitoring virtually all in-house and external applications, services, and systems.
You can grow into the higher-priced scale as they learn how to utilize the features for Nagios XI.
The pricing is really cost efficient. The licensing is perpetual and can be renewed very easily.
You can grow into the higher-priced scale as they learn how to utilize the features for Nagios XI.
The pricing is really cost efficient. The licensing is perpetual and can be renewed very easily.
Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.
It is worth the cost.
Pricing is much higher compared to other solutions.
It is worth the cost.
Pricing is much higher compared to other solutions.
LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
ThousandEyes is a Network Intelligence platform that delivers visibility into every network an organization relies on, whether public or private. ThousandEyes enables users to optimize application delivery, end-user experience and ongoing infrastructure investments.
It is a quite expensive solution.
The solution is cheap.
It is a quite expensive solution.
The solution is cheap.
SCOM (System Center Operations Manager) is a cross-platform data center monitoring and reporting tool that checks the status of various objects defined within the environment, such as server hardware, system services, etc. The solution allows data center administrators to deploy, configure, manage, and monitor the operations, services, devices and applications of multiple enterprise IT systems via a single pane of glass. It is suitable for businesses of all sizes.
The pricing and licensing are fair.
Our licensing fees are approximately $30 per user, per month.
The pricing and licensing are fair.
Our licensing fees are approximately $30 per user, per month.
Sumo Logic empowers the people who power modern, digital business. Our cloud-native SaaS analytics platform powered by logs helps customers deliver reliable and secure cloud-native applications. With Sumo Logic, practitioners and developers can ensure application reliability, secure and protect against modern threats and gain insights into their cloud infrastructures. Customers worldwide rely on our scalable platform to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit: SUMOLOGIC.COM
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.
I do not have experience with the licensing of the product.
In terms of cost, this is a good choice for our needs.
I do not have experience with the licensing of the product.
In terms of cost, this is a good choice for our needs.
LogicMonitor, a unified observability platform, brings together comprehensive monitoring capabilities and enables observability across data centers, public/private clouds, and applications. LogicMonitor provides correlation, context, and clarity to understand the business impact and causes of complex IT incidents.
I know we are saving at least several hundred thousand dollars in that we're not buying Cisco Prime.
We pay for the enterprise tech support.
I know we are saving at least several hundred thousand dollars in that we're not buying Cisco Prime.
We pay for the enterprise tech support.
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
ScienceLogic is a hybrid IT infrastructure monitoring tool that is designed to help organizations digitally transform their companies by making the management of complex, distributed IT services easier. Using the solution’s discovery techniques, users can find everything they need in a network, gaining visibility across all vendors and technologies that are run in the cloud or data centers. In addition, the ScienceLogic solution can help users seamlessly monitor and manage cloud environments, monitor network resources, manage storage, and monitor app health and performance.
Pricing between the two is quiet large therefore you can save some money if you don't require to collect all info on each device.
Decide what you want to monitor and only monitor those items. Absorb other elements as you grow.
Pricing between the two is quiet large therefore you can save some money if you don't require to collect all info on each device.
Decide what you want to monitor and only monitor those items. Absorb other elements as you grow.
Securonix Security Analytics SNYPR is a next-generation security analytics platform that transforms big data into actionable security intelligence, enabling you to take care of so much more than simply your SIEM (security information and event management) needs. In addition, it contains all of the tools that you may need to enable your organization to successfully handle both log management as well as UEBA (user and entity behavior analytics)-related tasks. The SNYPR management platform gives users the ability to combine security orchestration, automation, and response, security information and event management, network traffic analysis, and user and entity behavior analytics. This single technical environment does away with your need for multiple security, management, and analytics solutions.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
Meraki Dashboard is a comprehensive cloud-based platform that offers centralized management and control for all Meraki networking and security products. It provides a user-friendly interface, allowing administrators to easily monitor and configure their network infrastructure from anywhere. With real-time visibility, troubleshooting becomes effortless, ensuring optimal performance and minimizing downtime.
From a pricing perspective, they are still expensive.
The licensing fees are $180 USD, per AP, for three years.
From a pricing perspective, they are still expensive.
The licensing fees are $180 USD, per AP, for three years.
For our environment, we pay approximately $25,000 USD yearly.
The licensing for this solution is based on the number of nodes.
For our environment, we pay approximately $25,000 USD yearly.
The licensing for this solution is based on the number of nodes.
AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.
The solution is open source, so it's free to use.
The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.
The solution is open source, so it's free to use.
The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.
The product is inexpensive compared to other DBM products.
This is an open-source solution with paid support.
The product is inexpensive compared to other DBM products.
This is an open-source solution with paid support.
ManageEngine OpManager is a network, server, and virtualization monitoring software that helps SMEs, large enterprises and service providers manage their data centers and IT infrastructure efficiently and cost effectively. Automated workflows, intelligent alerting engines, configurable discovery rules, and extendable templates enable IT teams to setup a 24x7 monitoring system within hours of installation.
The licensing costs depend on the number of devices and accounts that are being monitored by the solution.
The initial cost is low and the add-ons are reasonable.
The licensing costs depend on the number of devices and accounts that are being monitored by the solution.
The initial cost is low and the add-ons are reasonable.
It is very expensive, but it's well worth the money.
The biggest problem we have with this product is the expense.
It is very expensive, but it's well worth the money.
The biggest problem we have with this product is the expense.
Pricing is reasonable compared to other products.
I'm not sure, but it's expensive. We don't pay any additional fees.
Pricing is reasonable compared to other products.
I'm not sure, but it's expensive. We don't pay any additional fees.
Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer and ADAudit Plus into a single console to help you manage your Active Directory auditing and network security easily.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
Claroty Secure Remote Access minimizes the risks remote users, including employees and 3rd parties, introduce to OT networks. It provides a single, manageable interface that all external users connect through, prior to performing software upgrades, periodic maintenance, and other support activities on assets within industrial control system networks.
ConnectWise Automate is an IT management tool that helps deliver IT services at the speed of business. Our remote monitoring and management (RMM) platform provides powerful automation to discover & manage devices, monitor for problems, and automate action. Deliver streamlined reactive and proactive managed services, stop putting out fires, and start focusing on what matters most. See why over 5,500 partners worldwide chose ConnectWise Automate by visiting ConnectWise.com or calling 877-522-8323.
Pricing and licensing are reasonable.
From what I've overheard, it is pretty comparable to other solutions in terms of price.
Pricing and licensing are reasonable.
From what I've overheard, it is pretty comparable to other solutions in terms of price.
Your organizations IT infrastructure generate huge amount of logs every day and these machine generated logs have vital information that can provide powerful insights and network security intelligence into user behaviors, network anomalies, system downtime, policy violations, internal threats, regulatory compliance, etc. However, the task of analyzing these event logs and syslogs without automated log analyzer tools can be both time-consuming and painful if done manually.
There is a yearly subscription for the solution.
ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license.
There is a yearly subscription for the solution.
ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license.
It's an expensive product because we have a lot of nodes.
They should include the product in NSX because it's important to have it for deployment.
It's an expensive product because we have a lot of nodes.
They should include the product in NSX because it's important to have it for deployment.
NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
Managing today’s networks with yesterday’s manual processes is no longer a viable solution. NetBrain’s network automation platform provides actionable insights into your network to help you make better and faster decisions - particularly when you’re troubleshooting, securing, and making changes to the network.
The product is expensive, but less expensive than some of the competition and worth the price.
Licensing is based on a per-device basis, which means that it can get very expensive if you have a large number of devices.
The product is expensive, but less expensive than some of the competition and worth the price.
Licensing is based on a per-device basis, which means that it can get very expensive if you have a large number of devices.
Pandora FMS is a monitoring as a service (MaaS) solution that is ideal for companies with at least 100 or more devices. Instead of multiple, difficult-to-integrate monitoring systems, Pandora FMS is an all-in-one solution that is easy to use. The software is able to untangle complicated technology infrastructures to easily identify the root cause of issues in order to find the most efficient solution. It does so by analyzing everything in your system, from databases and applications to services and desktops, as well as communications.
Only one payment and it includes support, updates, new versions, and access to the complete library of plugins except for SAP and z/OS.
A very reasonable cost, understandable pricing and licensing, and a lower implementation cost.
Only one payment and it includes support, updates, new versions, and access to the complete library of plugins except for SAP and z/OS.
A very reasonable cost, understandable pricing and licensing, and a lower implementation cost.
Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.
You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points.
We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees.
You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points.
We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees.
RMM software designed for next-level protection
It's expensive and out of our budget.
There is a license required for this solution.
It's expensive and out of our budget.
There is a license required for this solution.
Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs.
Our licensing fees are about $10,000 USD per month, which I think is fair.
It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value.
Our licensing fees are about $10,000 USD per month, which I think is fair.
It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value.
When TriGeo was acquired by SolarWinds, TriGeo SIM became known as SolarWinds Log & Event Manager. This product is a leading Security Information and Event Management (SIEM) product and log management solution, which provides log collection, analysis, and real-time correlation.
Licensing is on devices, so if you have many, then this may be high.
We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee.
Licensing is on devices, so if you have many, then this may be high.
We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee.
The ExtraHop Application Performance Management Solution Delivers Unified Visibility Across the IT Environment w/ Proactive Alerts & Accelerated Troubleshooting
The pricing is fair considering the value provided.
The pricing is higher than other solutions, but with such good features, I think it's worth it.
The pricing is fair considering the value provided.
The pricing is higher than other solutions, but with such good features, I think it's worth it.
Flowmon is a professional tool for effective network troubleshooting, performance monitoring, capacity planning, encrypted traffic analysis and cloud monitoring. Instead of just the red/green infrastructure status, it helps NetOps teams to understand user experience while keeping the amount of data noise and analytical work to a minimum. Flowmon is a part of the Kemp product portfolio.
The licensing fee accrues only once, but that of support is annual.
It works with a permanent license, and then you can pay for the support. For the gold support, you need to pay yearly.
The licensing fee accrues only once, but that of support is annual.
It works with a permanent license, and then you can pay for the support. For the gold support, you need to pay yearly.
Trellix Helix is a cutting-edge product that revolutionizes the way businesses manage their data and streamline their operations. With its advanced features and user-friendly interface, Trellix Helix offers a comprehensive solution for businesses of all sizes. One of the key features of Trellix Helix is its powerful data management capabilities.
It could be cheaper, but that applies to every product.
FireEye Helix is a little expensive.
It could be cheaper, but that applies to every product.
FireEye Helix is a little expensive.
Oracle Security Monitoring and Analytics Cloud Service is a comprehensive solution designed to provide organizations with advanced threat detection and response capabilities. This cloud-based service leverages machine learning and artificial intelligence to analyze vast amounts of security data in real time, enabling proactive identification and mitigation of potential threats.
The solution is not expensive for the data security measure you receive, it is reasonable.
The solution is not expensive for the data security measure you receive, it is reasonable.
Sentinel is a full-featured Security Information and Event Management (SIEM) solution that simplifies the deployment, management and day-to-day use of SIEM, readily adapts to dynamic enterprise environments and delivers the true "actionable intelligence" security professionals need to quickly understand their threat posture and prioritize response.
We inquired about getting support from the vendor, Micro Focus, but the cost was very high.
We receive a pricing discount because of our ongoing partnership with Micro Focus.
We inquired about getting support from the vendor, Micro Focus, but the cost was very high.
We receive a pricing discount because of our ongoing partnership with Micro Focus.
Anomali ThreatStream is a Threat Intelligence Management Platform that automates the collection and processing of raw data and transforms it into actionable threat intelligence for security teams.
