Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.
Please be cheaper and more simplified.
We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that.
Please be cheaper and more simplified.
We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that.
AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.
The solution is open source, so it's free to use.
The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.
The solution is open source, so it's free to use.
The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.
Securonix Security Analytics SNYPR is a next-generation security analytics platform that transforms big data into actionable security intelligence, enabling you to take care of so much more than simply your SIEM (security information and event management) needs. In addition, it contains all of the tools that you may need to enable your organization to successfully handle both log management as well as UEBA (user and entity behavior analytics)-related tasks. The SNYPR management platform gives users the ability to combine security orchestration, automation, and response, security information and event management, network traffic analysis, and user and entity behavior analytics. This single technical environment does away with your need for multiple security, management, and analytics solutions.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer and ADAudit Plus into a single console to help you manage your Active Directory auditing and network security easily.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
DNIF HYPERCLOUD is a cloud native platform that brings the functionality of SIEM, UEBA and SOAR into a single continuous workflow to solve cybersecurity challenges at scale. DNIF HYPERCLOUD is the flagship SaaS platform from NETMONASTERY that delivers key detection functionality using big data analytics and machine learning. NETMONASTERY aims to deliver a platform that helps customers in ingesting machine data and automatically identify anomalies in these data streams using machine learning and outlier detection algorithms. The objective is to make it easy for untrained engineers and analysts to use the platform and extract benefit reliably and efficiently.
The pricing is based on the log size.
The solution requires a huge infrastructure and that is costly.
The pricing is based on the log size.
The solution requires a huge infrastructure and that is costly.