CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent.
I do not have experience with the cost or licensing of the product.
The pricing will depend upon your volume of usage.
I do not have experience with the cost or licensing of the product.
The pricing will depend upon your volume of usage.
Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
Datadog is a cloud monitoring solution that is designed to assist administrators, IT teams, and other members of an organization who are charged with keeping a close eye on their networks. Administrators can use Datadog to set real-time alerts and schedule automated report generation. They can deal with issues as they arise and keep up to date with the overall health of their network while still being able to focus on other tasks. Users can also track the historical performance of their networks and ensure that they operate at the highest possible level.
It has always scaled for us. Cost scales up too, but that is not necessarily a bad thing. It's reasonable for what they're providing.
It costs the same amount it would if we were hosting it ourselves, so we are incredibly happy with the cost.
It has always scaled for us. Cost scales up too, but that is not necessarily a bad thing. It's reasonable for what they're providing.
It costs the same amount it would if we were hosting it ourselves, so we are incredibly happy with the cost.
Zabbix is an open-source monitoring software that provides real-time monitoring and alerting for servers, networks, applications, and services.
It’s free of cost.
It is a true open-source solution, so there are no licensing costs.
It’s free of cost.
It is a true open-source solution, so there are no licensing costs.
Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
Graylog is purpose-built to deliver the best log collection, storage, enrichment, and analysis. Graylog is:
Having paid official support is wise for projects.
I am using a community edition. I have not looked at the enterprise offering from Graylog.
Having paid official support is wise for projects.
I am using a community edition. I have not looked at the enterprise offering from Graylog.
AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
Sumo Logic empowers the people who power modern, digital business. Our cloud-native SaaS analytics platform powered by logs helps customers deliver reliable and secure cloud-native applications. With Sumo Logic, practitioners and developers can ensure application reliability, secure and protect against modern threats and gain insights into their cloud infrastructures. Customers worldwide rely on our scalable platform to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit: SUMOLOGIC.COM
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.
Please be cheaper and more simplified.
We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that.
Please be cheaper and more simplified.
We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that.
Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.
I do not have experience with the licensing of the product.
In terms of cost, this is a good choice for our needs.
I do not have experience with the licensing of the product.
In terms of cost, this is a good choice for our needs.
Fortinet FortiAnalyzer is a powerful platform used for log management, analytics, and reporting. The solution is designed to provide organizations with automation, single-pane orchestration, and response for simplified security operations, as well as proactive identification and remediation of risks and complete visibility of the entire attack surface.
Its worth spending on FortiAnalyzer if you have multiple firewalls in your network.
The hardware cost and services contract are fair.
Its worth spending on FortiAnalyzer if you have multiple firewalls in your network.
The hardware cost and services contract are fair.
Real-time log management and analysis
The cost of using Stackdriver depends on usage.
The cost could be lower.
The cost of using Stackdriver depends on usage.
The cost could be lower.
Recorded Future is a powerful and effective cyber threat intelligence (CTI) platform that aims to empower administrators to protect their organizations from threats, both known and unknown. The machine learning engine that Recorded Future utilizes can process the same amount of data that 9,000 analysts working five days a week, eight hours a day for an entire year can process. It simplifies threat detection and remediation so that organizations can focus on other tasks.
There appear to be up to five different levels, with the most expensive version costing around $95,000 to $105,000 a year for subscription services.
The price of the solution is worth it. The overall performance of the solution outweighs the cost.
There appear to be up to five different levels, with the most expensive version costing around $95,000 to $105,000 a year for subscription services.
The price of the solution is worth it. The overall performance of the solution outweighs the cost.
Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
Securonix Security Analytics SNYPR is a next-generation security analytics platform that transforms big data into actionable security intelligence, enabling you to take care of so much more than simply your SIEM (security information and event management) needs. In addition, it contains all of the tools that you may need to enable your organization to successfully handle both log management as well as UEBA (user and entity behavior analytics)-related tasks. The SNYPR management platform gives users the ability to combine security orchestration, automation, and response, security information and event management, network traffic analysis, and user and entity behavior analytics. This single technical environment does away with your need for multiple security, management, and analytics solutions.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.
The solution is open source, so it's free to use.
The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.
The solution is open source, so it's free to use.
The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.
Pricing could always be lower. If it were free, I would be more satisfied.
The license cost for any other monitoring tool is too high compared to this product.
Pricing could always be lower. If it were free, I would be more satisfied.
The license cost for any other monitoring tool is too high compared to this product.
The IBM® SevOne Network Performance Management (IBM SevOne NPM) solution helps you spot, address, and prevent network performance issues early with machine learning-powered analytics from a single source. Boost network performance and improve your user application experience by proactively monitoring your multivendor end-to-end network across enterprise, communication, and managed service provider networks.
Prices per license are not huge, but they exist.
Have a bank of licenses, because it is about the number of objects (RAM, ports, CPU, etc.).
Prices per license are not huge, but they exist.
Have a bank of licenses, because it is about the number of objects (RAM, ports, CPU, etc.).
Keep ahead of the latest threats and protect your critical data with ongoing threat prevention and analysis.
TippingPoint is not as expensive as Palo Alto but it's not as cheap as Fortigate.
It's an expensive product.
TippingPoint is not as expensive as Palo Alto but it's not as cheap as Fortigate.
It's an expensive product.
Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer and ADAudit Plus into a single console to help you manage your Active Directory auditing and network security easily.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
Your organizations IT infrastructure generate huge amount of logs every day and these machine generated logs have vital information that can provide powerful insights and network security intelligence into user behaviors, network anomalies, system downtime, policy violations, internal threats, regulatory compliance, etc. However, the task of analyzing these event logs and syslogs without automated log analyzer tools can be both time-consuming and painful if done manually.
There is a yearly subscription for the solution.
ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license.
There is a yearly subscription for the solution.
ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license.
ThreatConnect Threat Intelligence Platform (TIP) is a comprehensive solution designed to help organizations effectively manage and analyze threat intelligence data.
The price of this product is in the mid-range, not too expensive, nor inexpensive.
The price could be better.
The price of this product is in the mid-range, not too expensive, nor inexpensive.
The price could be better.
NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.
You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points.
We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees.
You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points.
We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees.
The pricing is quite harsh.
It's not cheap at all as it's a big product and has been in the market for quite some time now.
The pricing is quite harsh.
It's not cheap at all as it's a big product and has been in the market for quite some time now.
Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs.
Our licensing fees are about $10,000 USD per month, which I think is fair.
It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value.
Our licensing fees are about $10,000 USD per month, which I think is fair.
It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value.
When TriGeo was acquired by SolarWinds, TriGeo SIM became known as SolarWinds Log & Event Manager. This product is a leading Security Information and Event Management (SIEM) product and log management solution, which provides log collection, analysis, and real-time correlation.
Licensing is on devices, so if you have many, then this may be high.
We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee.
Licensing is on devices, so if you have many, then this may be high.
We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee.
Check Point Security Management is an advanced security management platform for enterprises. The platform integrates all aspects of security. A single platform manages the entire infrastructure, from data centers to private/public cloud deployments.
Do the homework because Check Point is rather expensive.
This product can be used for 25 security gateways on a basic license.
Do the homework because Check Point is rather expensive.
This product can be used for 25 security gateways on a basic license.
Trellix Helix is a cutting-edge product that revolutionizes the way businesses manage their data and streamline their operations. With its advanced features and user-friendly interface, Trellix Helix offers a comprehensive solution for businesses of all sizes. One of the key features of Trellix Helix is its powerful data management capabilities.
It could be cheaper, but that applies to every product.
FireEye Helix is a little expensive.
It could be cheaper, but that applies to every product.
FireEye Helix is a little expensive.
Nagios Enterprises delivers official products, services, and solutions for and around Nagios – the industry standard in enterprise-grade IT infrastructure monitoring. With millions of users worldwide, Nagios is the undisputed champion in the IT monitoring space. Our team of dedicated professionals works to ensure total customer satisfaction with all the services we provide. Our extensive network of partners helps extend Nagios services and solutions to new organizations and markets worldwide to meet a variety of business needs. Nagios Enterprises was founded in 2007 by Ethan Galstad. Ethan created what would later become known as Nagios in 1999, and currently serves as the President of Nagios Enterprises.
We found the pricing to be quite affordable.
For a single instance, the price is around $4,000.
We found the pricing to be quite affordable.
For a single instance, the price is around $4,000.
Logz.io is a leading cloud-native observability platform that enables engineers to use the best open source tools in the market without the complexity of operating, managing, and scaling them. Logz.io offers four products: Log Management built on ELK, Infrastructure Monitoring based on Prometheus, Distributed Tracing based on Jaeger, and an ELK-based Cloud SIEM. These are offered as fully managed, integrated cloud services designed to help engineers monitor, troubleshoot and secure their distributed cloud workloads more effectively. Engineering driven companies like Siemens, Unity and ZipRecruiter use Logz.io to simplify monitoring and security workflows, increasing developer productivity, reducing time to resolve issues, and increasing the performance and security of their mission-critical applications.
The tool is an open source product.
The product's pricing is cheaper than other solutions.
The tool is an open source product.
The product's pricing is cheaper than other solutions.
Oracle Security Monitoring and Analytics Cloud Service is a comprehensive solution designed to provide organizations with advanced threat detection and response capabilities. This cloud-based service leverages machine learning and artificial intelligence to analyze vast amounts of security data in real time, enabling proactive identification and mitigation of potential threats.
The solution is not expensive for the data security measure you receive, it is reasonable.
The solution is not expensive for the data security measure you receive, it is reasonable.
Cost is clearly a consideration, but the important thing is what we do with the data and how we protect it.
One of the fastest ways to cut costs is reducing staff, and this product can reduce staff by 70 percent.
Cost is clearly a consideration, but the important thing is what we do with the data and how we protect it.
One of the fastest ways to cut costs is reducing staff, and this product can reduce staff by 70 percent.
Our open XDR platform unifies your existing security telemetry to deliver wider attack surface coverage and deeper threat analytics resulting in greater security visibility. Our SOC does the heavy lifting for you of proactive threat hunting, event correlation and analysis, and provides you with guided remediation. The result is a force multiplier that allows your IT team to be confident and in control again while also maximizing all of your cybersecurity investments.
Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good.
The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same.
Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good.
The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same.
Sentinel is a full-featured Security Information and Event Management (SIEM) solution that simplifies the deployment, management and day-to-day use of SIEM, readily adapts to dynamic enterprise environments and delivers the true "actionable intelligence" security professionals need to quickly understand their threat posture and prioritize response.
We inquired about getting support from the vendor, Micro Focus, but the cost was very high.
We receive a pricing discount because of our ongoing partnership with Micro Focus.
We inquired about getting support from the vendor, Micro Focus, but the cost was very high.
We receive a pricing discount because of our ongoing partnership with Micro Focus.
Anomali ThreatStream is a Threat Intelligence Management Platform that automates the collection and processing of raw data and transforms it into actionable threat intelligence for security teams.
AutoFocus contextual threat intelligence service accelerates analysis, correlation and prevention workflows. Unique, targeted attacks are automatically prioritized with full context, allowing security teams to respond to critical attacks faster, without additional IT security resources.
It is expensive.
The solution is reasonably priced.
It is expensive.
The solution is reasonably priced.
Group-IB Threat Intelligence is an extremely potent threat intelligence platform that is trusted by everyone from law enforcement organizations like Interpol to the threat analysts that rely on it. It helps users gain a deep understanding of the threat landscape that they face. Organizations that choose to use Threat Intelligence gain insights into how threat actors think so that they can counter them as effectively as possible.
Threat Intelligence is costly, but it gives value for money.
Group-IB Threat Intelligence's pricing is reasonable.
Threat Intelligence is costly, but it gives value for money.
Group-IB Threat Intelligence's pricing is reasonable.
ReversingLabs is the trusted authority in software and file security. We provide the modern cybersecurity platform to verify and deliver safe binaries. Trusted by the Fortune 500 and leading cybersecurity vendors, the ReversingLabs Titanium Platform® powers the software supply chain and file security insights, tracking over 35 billion files daily with the ability to deconstruct full software binaries in seconds to minutes. Only ReversingLabs provides that final exam to determine whether a single file or full software binary presents a risk to your organization and your customers.
We have a yearly contract based on the number of queries and malicious programs which can be processed.
We have a yearly contract based on the number of queries and malicious programs which can be processed.
Rapid7 InsightOps is the next evolution of the Logentries log management technology, combining cloud-based log centralization with IT asset search to make log management fast and easy.
The product is cheap.
The product is cheap.
Cisco Threat Grid crowd-sources malware from a closed community and analyzes all samples using proprietary, highly secure techniques that include static and dynamic (sandboxing) analysis. It correlates the results with hundreds of millions of other analyzed malware artifacts to provide a global view of malware attacks, campaigns, and their distribution. Security teams can quickly correlate a single samples of observed activity and characteristics against millions of other samples to fully understand its behaviors in a historical and global context. This ability helps analysts effectively defend against both targeted attacks and the broader threats from advanced malware. Threat Grid’s detailed reports, including the identification of important behavioral indicators and the assignment of threat scores, let you quickly prioritize and recover from advanced attacks.
If I remember correctly, the licensing cost is a little bit higher than that of the competitor.
If I remember correctly, the licensing cost is a little bit higher than that of the competitor.
NNT Log Tracker Enterprise is a comprehensive and easy-to-use Security Information and Event Management (SIEM) solution for any compliance mandate providing:
Consider both their on-premises solution and their hosted solution. Both are reasonably priced.
We have selected a perpetual license along with support.
Consider both their on-premises solution and their hosted solution. Both are reasonably priced.
We have selected a perpetual license along with support.
