Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
Cisco ISE is an all-in-one solution that streamlines security policy management and reduces operating costs. Cisco ISE delivers visibility and access control over users and devices across wired, wireless, and VPN connections.
There are three levels of pricing: basic, plus, and apex. Basic satisfied our needs.
If you go directly with Cisco for the implementation it's very, very expensive.
There are three levels of pricing: basic, plus, and apex. Basic satisfied our needs.
If you go directly with Cisco for the implementation it's very, very expensive.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.
Pricing and licensing depend on the environment.
It is not a cheap solution. It is expensive as compared with other solutions. However, it is one of the best solutions in their domain.
Pricing and licensing depend on the environment.
It is not a cheap solution. It is expensive as compared with other solutions. However, it is one of the best solutions in their domain.
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
SailPoint is the leader in identity security for the cloud enterprise. We’re committed to protecting businesses from the inherent risk that comes with providing technology access across today’s diverse and remote workforce. Our identity security solutions secure and enable thousands of companies worldwide, giving our customers unmatched visibility into the entirety of their digital workforce, and ensuring that each worker has the right access to do their job, no more, no less. With SailPoint at the foundation of their business, our customers can provision access with confidence, protect business assets at scale and ensure compliance with certainty.
SailPoint IIQ is the best of best. That is reflected in the pricing of the solution. The pricing is based on the number of identities.
They are expensive.
SailPoint IIQ is the best of best. That is reflected in the pricing of the solution. The pricing is based on the number of identities.
They are expensive.
Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.
The price of the solution is less than the competitors.
I do not have experience with the pricing of the solution.
The price of the solution is less than the competitors.
I do not have experience with the pricing of the solution.
LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
Cynet has pioneered the security industry’s first all-in-one security platform purposely built for organizations that need the ability to effortlessly identify, block and respond to all types of attacks inside the perimeter - defending endpoints, network, files and users - without the heavy burden of deep cyber expertise and the overhead of integrating and managing multiple products. Our approach converges and brings synergy with technology: endpoint protection, EDR, vulnerability management, deception, threat intelligence and network and end-user analytics, and expertise: a 24/7 cyber SWAT team for incident response, malware analysis, threat hunting and forensics. Cynet deploys in hours and simplifies management with automated monitoring to complement any sized staff.
It gives you a high level of protection at a very good price.
Everything is included in this one solution and the pricing is pretty competitive.
It gives you a high level of protection at a very good price.
Everything is included in this one solution and the pricing is pretty competitive.
Sumo Logic empowers the people who power modern, digital business. Our cloud-native SaaS analytics platform powered by logs helps customers deliver reliable and secure cloud-native applications. With Sumo Logic, practitioners and developers can ensure application reliability, secure and protect against modern threats and gain insights into their cloud infrastructures. Customers worldwide rely on our scalable platform to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit: SUMOLOGIC.COM
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.
Please be cheaper and more simplified.
We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that.
Please be cheaper and more simplified.
We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that.
Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.
I do not have experience with the licensing of the product.
In terms of cost, this is a good choice for our needs.
I do not have experience with the licensing of the product.
In terms of cost, this is a good choice for our needs.
Fortinet FortiAnalyzer is a powerful platform used for log management, analytics, and reporting. The solution is designed to provide organizations with automation, single-pane orchestration, and response for simplified security operations, as well as proactive identification and remediation of risks and complete visibility of the entire attack surface.
Its worth spending on FortiAnalyzer if you have multiple firewalls in your network.
The hardware cost and services contract are fair.
Its worth spending on FortiAnalyzer if you have multiple firewalls in your network.
The hardware cost and services contract are fair.
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
Saviynt is an intelligent, cloud-first identity governance & access management solution. The solution is designed to help organizations quickly scale cloud initiatives and solve security and compliance challenges. Saviynt offers identity governance, granular application access, cloud security, and privileged access to secure your company’s ecosystem and provide a seamless user experience.
If you need to make any changes then there are additional fees.
The price of the license for this product is quite expensive.
If you need to make any changes then there are additional fees.
The price of the license for this product is quite expensive.
ForgeRock is a comprehensive open-source identity and access management solution designed to meet the unique needs of your users and workforce. With ForgeRock you can orchestrate, manage, and secure the complete lifecycle of identities in any cloud or hybrid environment. ForgeRock allows you to set up bot detection, identity proofing, and risk-based authentication.
It's a bit pricey and could be more competitive.
Its price is comparable to other products in the market.
It's a bit pricey and could be more competitive.
Its price is comparable to other products in the market.
Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
Microsoft Defender for Identity is a comprehensive security solution that helps organizations protect their identities and detect potential threats. It leverages advanced analytics and machine learning to provide real-time visibility into user activities, enabling proactive identification of suspicious behavior.
Defender for Identity is a little more expensive than other Microsoft products. Identity and Microsoft Defender for Cloud are both a bit costly.
It is very affordable considering that other SIEM solutions are much more expensive and have many more licensing restrictions and fees.
Defender for Identity is a little more expensive than other Microsoft products. Identity and Microsoft Defender for Cloud are both a bit costly.
It is very affordable considering that other SIEM solutions are much more expensive and have many more licensing restrictions and fees.
There are additional costs associated with the integrator.
The licensing costs is around 10,000 dollars.
There are additional costs associated with the integrator.
The licensing costs is around 10,000 dollars.
Keeper Security is transforming the way businesses and individuals protect their passwords and sensitive digital assets to significantly reduce cyber theft. As the leading password manager and digital vault, Keeper helps millions of people and thousands of businesses substantially mitigate the risk of a data breach. Keeper is SOC 2 Certified and utilizes best-in-class encryption to safeguard its customers. Keeper protects industry-leading companies including Sony, Chipotle, and The University of Alabama at Birmingham. Keeper partners with global OEMs and mobile operators to preload Keeper on smartphones and tablets. Learn more at https://keepersecurity.com.
Free works unless the paid is absolutely necessary.
The more users, the better the price. Always opt for the live support.
Free works unless the paid is absolutely necessary.
The more users, the better the price. Always opt for the live support.
AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.
The solution is open source, so it's free to use.
The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.
The solution is open source, so it's free to use.
The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.
ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
One Identity Safeguard is an integrated system that combines a secure, toughened password safe and a session management and monitoring solution with threat detection and analytics into one integrated solution. It stores, manages, records, and analyzes privileged access in a secure manner.
Setup cost, pricing and licensing are all very expensive.
The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible.
Setup cost, pricing and licensing are all very expensive.
The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible.
NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.
You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points.
We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees.
You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points.
We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees.
LogRhythm UEBA enables your security team to quickly and effectively detect, respond to, and neutralize both known and unknown threats. Providing evidence-based starting points for investigation, it employs a combination of scenario analytics techniques (e.g., statistical analysis, rate analysis, trend analysis, advanced correlation), and both supervised and unsupervised machine learning (ML).
Licensing is on a yearly basis. It's not expensive compared to its competitors.
The pricing is nice when compared to other products in the industry.
Licensing is on a yearly basis. It's not expensive compared to its competitors.
The pricing is nice when compared to other products in the industry.
Our open XDR platform unifies your existing security telemetry to deliver wider attack surface coverage and deeper threat analytics resulting in greater security visibility. Our SOC does the heavy lifting for you of proactive threat hunting, event correlation and analysis, and provides you with guided remediation. The result is a force multiplier that allows your IT team to be confident and in control again while also maximizing all of your cybersecurity investments.
Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good.
The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same.
Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good.
The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same.
Sentinel is a full-featured Security Information and Event Management (SIEM) solution that simplifies the deployment, management and day-to-day use of SIEM, readily adapts to dynamic enterprise environments and delivers the true "actionable intelligence" security professionals need to quickly understand their threat posture and prioritize response.
We inquired about getting support from the vendor, Micro Focus, but the cost was very high.
We receive a pricing discount because of our ongoing partnership with Micro Focus.
We inquired about getting support from the vendor, Micro Focus, but the cost was very high.
We receive a pricing discount because of our ongoing partnership with Micro Focus.
The biggest security problem today is people. Insiders are responsible for 90% of security incidents, per the 2015 Verizon DBIR Report. Organizations need to manage security risk from vendors, privileged users and high-risk users. ObserveIT captures video playback of policy violations and comprehensive metadata related to what people are doing, with this information, you can easily search and see what happened without translating logs or investigating across multiple systems.
Anomali ThreatStream is a Threat Intelligence Management Platform that automates the collection and processing of raw data and transforms it into actionable threat intelligence for security teams.
DNIF HYPERCLOUD is a cloud native platform that brings the functionality of SIEM, UEBA and SOAR into a single continuous workflow to solve cybersecurity challenges at scale. DNIF HYPERCLOUD is the flagship SaaS platform from NETMONASTERY that delivers key detection functionality using big data analytics and machine learning. NETMONASTERY aims to deliver a platform that helps customers in ingesting machine data and automatically identify anomalies in these data streams using machine learning and outlier detection algorithms. The objective is to make it easy for untrained engineers and analysts to use the platform and extract benefit reliably and efficiently.
The pricing is based on the log size.
The solution requires a huge infrastructure and that is costly.
The pricing is based on the log size.
The solution requires a huge infrastructure and that is costly.
Threats are a moving target. Determined and persistent threat actors purposely stretch out their activity across weeks or even months, especially when most SIEM and XDR solutions are incapable of piecing together events across time. Even worse, is that these solutions primarily use rule-based Machine Learning, which is essentially pattern matching. This makes them especially ineffective in detecting new attacks and/or variants, which are highly successful in breaching organizations. Discover how Gurucul UEBA security can help your enterprise.
The price is fair. In fact, I believe it was on the cheaper side when compared to the competition.
The price of Gurucul is competitive.
The price is fair. In fact, I believe it was on the cheaper side when compared to the competition.
The price of Gurucul is competitive.
Seceon Open Threat Management Platform is a comprehensive cybersecurity solution that offers real-time threat detection, analysis, and response capabilities. It leverages advanced AI and machine learning algorithms to provide proactive threat hunting and automated incident response.
Seceon Open Threat Management Platform is cost-effective because it's a comprehensive platform that offers high availability.
The solution is cheap and very competitive. It offers good tuning in terms of the pricing. Other solutions like Palo Alto and IBM are more expensive.
Seceon Open Threat Management Platform is cost-effective because it's a comprehensive platform that offers high availability.
The solution is cheap and very competitive. It offers good tuning in terms of the pricing. Other solutions like Palo Alto and IBM are more expensive.
RSA enVision is a comprehensive security information and event management (SIEM) solution offered by RSA, a leading provider of cybersecurity solutions. It enables organizations to collect, analyze, and manage security event data from various sources, providing real-time visibility into their IT infrastructure. With RSA enVision, organizations can proactively detect and respond to security incidents, ensuring the protection of critical assets and sensitive data.
We no longer pay a licensing fee because it is out of date and don't pay for support.
On a scale of one to ten, where one is low, and ten is high price, I rate the pricing a six.
We no longer pay a licensing fee because it is out of date and don't pay for support.
On a scale of one to ten, where one is low, and ten is high price, I rate the pricing a six.
Microsoft Purview Insider Risk Management utilizes more than 100 ready-to-use indicators and machine learning models to effectively detect critical security risks originating from insiders, including IP theft, data leakage, and security violations. The solution enables organizations to expedite risk mitigation through enriched investigation tools and Adaptive Protection, which automatically enforces protection controls. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Securonix User and Entity Behavior Analytics (UEBA) leverages sophisticated machine learning and behavior analytics to analyze and correlate interactions between users, systems, applications, IP addresses, and data. Light, nimble, and quick to deploy, Securonix UEBA detects advanced insider threats, cyber threats, fraud, cloud data compromise, and non-compliance. Built-in automated response playbooks and customizable case management work flows allow your security team to respond to threats quickly, accurately, and efficiently
Their pricing is pretty comfortable. They will work with you on the cost.
When compared to other solutions, it is less expensive.
Their pricing is pretty comfortable. They will work with you on the cost.
When compared to other solutions, it is less expensive.
Dtex includes advanced user behavior intelligence. This intelligence automatically baselines normal user activity and identifies anomalies. This allows Dtex to detect and alert on the "unknown unknowns" - never-before-seen suspicious behavior.
