It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
Organizations use Datadog for monitoring cloud applications and infrastructure, including AWS, Azure, and Kubernetes. Datadog assists with performance monitoring, log aggregation, and alerting. Key functionalities include APM, synthetic testing, security monitoring, and RUM. Datadog needs improved metrics, better integration, deeper insights, and customizable alerts. Users find it complex and report occasional stability issues.
It has always scaled for us. Cost scales up too, but that is not necessarily a bad thing. It's reasonable for what they're providing.
It costs the same amount it would if we were hosting it ourselves, so we are incredibly happy with the cost.
It has always scaled for us. Cost scales up too, but that is not necessarily a bad thing. It's reasonable for what they're providing.
It costs the same amount it would if we were hosting it ourselves, so we are incredibly happy with the cost.
Zabbix is a comprehensive monitoring solution that is widely used across various industries. Its primary use case is for monitoring infrastructure, including physical, virtual, and network aspects.
Zabbix helps organizations by providing valuable metrics for preventive maintenance and capacity planning, proactive monitoring and alerting, monitoring a wide range of hardware equipment, optimizing work processes, improving customer experiences, enabling remote appointments with visual communication, and providing an overview of bandwidth consumption.
With Zabbix, organizations can conveniently monitor network metrics in one place, saving time and improving efficiency.
It’s free of cost.
It is a true open-source solution, so there are no licensing costs.
It’s free of cost.
It is a true open-source solution, so there are no licensing costs.
Microsoft Defender XDR is a comprehensive security solution that helps organizations manage devices and vendor security compliance.
Its primary use case includes email filtering, vulnerability management, and detecting threats launched via emails. The solution offers advanced threat-hunting capabilities, integration with other Microsoft products, centralized management, automation features, and comprehensive threat protection.
It improves visibility, automates routine tasks, and provides threat intelligence and compliance management. Microsoft Defender XDR is praised for its advanced capabilities, ease of use, and integration with other Microsoft products.
It has proven to be a comprehensive and effective security solution for organizations.
The solutions price is fair for what they offer.
The price of the solution is high compared to others and we have lost some customers because of it.
The solutions price is fair for what they offer.
The price of the solution is high compared to others and we have lost some customers because of it.
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
Palo Alto Networks delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence. More than 100+ integrations enable security orchestration workflows for incident management and other critical security operation tasks.
There is a perception that it is priced very high compared to other solutions.
From the cost perspective, I have heard that its price is a bit high as compared to other similar products.
There is a perception that it is priced very high compared to other solutions.
From the cost perspective, I have heard that its price is a bit high as compared to other similar products.
AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.
Please be cheaper and more simplified.
We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that.
Please be cheaper and more simplified.
We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that.
I know we are saving at least several hundred thousand dollars in that we're not buying Cisco Prime.
We pay for the enterprise tech support.
I know we are saving at least several hundred thousand dollars in that we're not buying Cisco Prime.
We pay for the enterprise tech support.
Fortinet FortiAnalyzer is a powerful platform used for log management, analytics, and reporting. The solution is designed to provide organizations with automation, single-pane orchestration, and response for simplified security operations, as well as proactive identification and remediation of risks and complete visibility of the entire attack surface.
Its worth spending on FortiAnalyzer if you have multiple firewalls in your network.
The hardware cost and services contract are fair.
Its worth spending on FortiAnalyzer if you have multiple firewalls in your network.
The hardware cost and services contract are fair.
Grafana Loki is a powerful log aggregation and analysis tool designed for cloud-native environments. Its primary use case is to collect, store, and search logs efficiently, enabling organizations to gain valuable insights from their log data.
You can use the free version of Grafana Loki on-premises.
My company doesn't need to pay for the licensing cost of the solution.
You can use the free version of Grafana Loki on-premises.
My company doesn't need to pay for the licensing cost of the solution.
ScienceLogic is used for monitoring infrastructure, networks, servers, cloud environments, and services like Citrix. It offers integration with CMDB and ticketing systems. Deployed on-premises or in the cloud from vendors like Amazon AWS, Microsoft Azure, or Google Cloud. Valued attributes include ease of configuration, agentless technology, customizable dashboards, AI features, and strong scalability.
Pricing between the two is quiet large therefore you can save some money if you don't require to collect all info on each device.
Decide what you want to monitor and only monitor those items. Absorb other elements as you grow.
Pricing between the two is quiet large therefore you can save some money if you don't require to collect all info on each device.
Decide what you want to monitor and only monitor those items. Absorb other elements as you grow.
Securonix Next-Gen SIEM excels in advanced threat detection and response with its powerful analytics and machine learning capabilities. Users value its comprehensive security monitoring, user-friendly interface, and scalability. It enhances operational efficiency, compliance, collaboration, and decision-making, boosting organizational security posture.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
Real-time log management and analysis
The cost of using Stackdriver depends on usage.
The cost could be lower.
The cost of using Stackdriver depends on usage.
The cost could be lower.
Organizations use Amazon CloudWatch for monitoring AWS instances, tracking logs, organizing metrics, detecting anomalies, setting dynamic alarms, managing infrastructure, and troubleshooting Lambda functions. They value its real-time data, system-wide visibility, detailed analytics, and integration with AWS services like S3, EC2, and EKS. Improvements needed include better drill-down capabilities, enhanced machine learning, and lower costs.
We have monthly licensing costs. The licenses are probably in the vicinity of about $300 - $350/month.
Its pricing is reasonable. It is sometimes tricky, but it is reasonable as compared to others.
We have monthly licensing costs. The licenses are probably in the vicinity of about $300 - $350/month.
Its pricing is reasonable. It is sometimes tricky, but it is reasonable as compared to others.
Exabeam Fusion is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
VMware Tanzu Observability by Wavefront is a powerful solution primarily used for consulting and helping company DevOps teams. It offers native Kubernetes support, open-source technology support, and excellent technical support.
With easy third-party integration and scalability, it provides stability and good visibility. It enhances container platform support and security, enabling organizations to enhance compatibility with various technologies.
Tanzu allows for easy deployment and provides insights for monitoring applications, making it a valuable tool for organizations using VMware's tech solutions.
Educational pricing is available for this solution.
We were given a year's worth of service. It was included within our ELA. We were trying to do a proof of concept, which is almost over now.
Educational pricing is available for this solution.
We were given a year's worth of service. It was included within our ELA. We were trying to do a proof of concept, which is almost over now.
Pricing could always be lower. If it were free, I would be more satisfied.
The license cost for any other monitoring tool is too high compared to this product.
Pricing could always be lower. If it were free, I would be more satisfied.
The license cost for any other monitoring tool is too high compared to this product.
Your organizations IT infrastructure generate huge amount of logs every day and these machine generated logs have vital information that can provide powerful insights and network security intelligence into user behaviors, network anomalies, system downtime, policy violations, internal threats, regulatory compliance, etc. However, the task of analyzing these event logs and syslogs without automated log analyzer tools can be both time-consuming and painful if done manually.
There is a yearly subscription for the solution.
ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license.
There is a yearly subscription for the solution.
ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license.
ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
The Security Operations suite for the modern SOC - detect, investigate, and respond to cyber threats with speed, scale, and precision.
The solution's pricing is dependent on the data amount.
We have to pay extra charges for the amount of data transfer and technical support services.
The solution's pricing is dependent on the data amount.
We have to pay extra charges for the amount of data transfer and technical support services.
It’s a single license platform.
It’s a single license platform.
Our open XDR platform unifies your existing security telemetry to deliver wider attack surface coverage and deeper threat analytics resulting in greater security visibility. Our SOC does the heavy lifting for you of proactive threat hunting, event correlation and analysis, and provides you with guided remediation. The result is a force multiplier that allows your IT team to be confident and in control again while also maximizing all of your cybersecurity investments.
Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good.
The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same.
Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good.
The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same.
DNIF HYPERCLOUD is a cloud native platform that brings the functionality of SIEM, UEBA and SOAR into a single continuous workflow to solve cybersecurity challenges at scale. DNIF HYPERCLOUD is the flagship SaaS platform from NETMONASTERY that delivers key detection functionality using big data analytics and machine learning. NETMONASTERY aims to deliver a platform that helps customers in ingesting machine data and automatically identify anomalies in these data streams using machine learning and outlier detection algorithms. The objective is to make it easy for untrained engineers and analysts to use the platform and extract benefit reliably and efficiently.
The pricing is based on the log size.
The solution requires a huge infrastructure and that is costly.
The pricing is based on the log size.
The solution requires a huge infrastructure and that is costly.
Falcon LogScale is your one-stop shop to address security, IT, and DevOps logging requirements. With its high scale and affordable price, Falcon LogScale extends super-fast search, analysis, and visualization to all of your data. A powerful, index-free architecture and advanced compression technology lets you store all of the data you need for months or years.
SolarWinds® Loggly® is a cost-effective, hosted, and scalable full-stack, multi-source log management solution combining powerful search and analytics with comprehensive alerting, dashboarding, and reporting to proactively identify problems and significantly reduce Mean Time to Repair (MTTR).
Anvilogic breaks the SIEM lock-in that drives detection gaps and high costs for enterprise SOCs. It enables detection engineers and threat hunters to keep using their existing SIEM while seamlessly adopting a scalable and cost-effective data lake for high-volume data sources and advanced analytics use cases.
Anvilogic's pricing has been highly competitive.
Anvilogic's pricing has been highly competitive.