Coming October 25: PeerSpot Awards will be announced! Learn more
2018-02-05T13:51:00Z
Nurit Sherman - PeerSpot reviewer
Content Operations Manager at PeerSpot (formerly IT Central Station)
  • 24
  • 2

Was your research of SIEM products on our site for a purchase? If not, what was it for?

I'm a community manager here at IT Central Station and I'm doing some research to try to make our platform even better. I'd really appreciate it if you could answer a few quick questions.

Was your research of SIEM products on our site for a purchase? If not, what was it for?

Which product did you end up choosing and when did you finalize the purchase?

Was IT Central Station content helpful in helping you make a decision?

What other content or data could we have offered that would have helped you make a quicker/better decision?

I really appreciate your help! Rhea

25
PeerSpot user
25 Answers
it_user801180 - PeerSpot reviewer
Mobile Expert with 201-500 employees
User
2018-02-12T15:23:20Z
12 February 18

Was your research of SIEM products on our site for a purchase? If not, what was it for?

* Yes I'm a Cyber Security Consultant and I was comparing between Qradar and Splunk for a customer that is a health care provider.

Which product did you end up choosing and when did you finalize the purchase?

* The customer choose Splunk because it was more customizable.

Was IT Central Station content helpful in helping you make a decision?

* Yes, was a nice information source.

What other content or data could we have offered that would have helped you make a quicker/better decision?

* Technical facts comparison and screenshot of each technical capabilities for each product.

Ali Tamimi - PeerSpot reviewer
Managing Director at Hayyan Horizons
Real User
Top 20Leaderboard
2018-02-07T14:39:24Z
07 February 18

I appreciate the services and knowledge offered by itcentralstation.com, answering your questions:

1- I researched SIEM because we are a security systems integrator and I wanted to know which solution would best meet customer needs.

2- We ended up focusing on Splunk for security and IT ops use cases. We would consider LogRhythm for SIEM/SOC use case only.

3- The content from IT Central Station is very helpful all the time and I sue your site to evaluate other technologies and solutions as well.

4- If you can include 3rd party analyst reports as well then it would add value.

it_user719283 - PeerSpot reviewer
User at PwC
Real User
2018-02-07T12:45:28Z
07 February 18

The research was purely for self-education.

JK
Technology and Information Systems Manager at a construction company with 501-1,000 employees
Real User
2018-02-07T12:24:29Z
07 February 18

It was just for research purposes

PeerSpot user
Project Manager at a religious institution with 51-200 employees
Vendor
2018-02-07T08:55:44Z
07 February 18

Research only, to determine how the market is changing and what components various vendors and reference sites are including within this term.

it_user792534 - PeerSpot reviewer
Technology Trainer with 11-50 employees
User
2018-02-07T04:06:58Z
07 February 18

Was your research of SIEM products on our site for a purchase? If not, what was it for?
No. It was for understanding how current scale up to customer needs.

Which product did you end up choosing and when did you finalize the purchase?
Leaning towards AllenVault ot developing our own.

Was IT Central Station content helpful in helping you make a decision?
Yes.

What other content or data could we have offered that would have helped you make a quicker/better decision?
What are various customer setups and field deployments where these products are used.

Find out what your peers are saying about Splunk, IBM, Microsoft and others in Security Information and Event Management (SIEM). Updated: September 2022.
633,572 professionals have used our research since 2012.
BT
Assistant IT Manager at a insurance company with 1,001-5,000 employees
Real User
Top 5
2018-02-07T03:46:54Z
07 February 18

Here is my answer to the first question: I'm deploying IBM Qradar. Thanks

it_user740232 - PeerSpot reviewer
IT Manager with 11-50 employees
User
2018-02-07T03:09:41Z
07 February 18

Was your research of SIEM products on our site for a purchase? -- Yes

Which product did you end up choosing and when did you finalize the purchase? -- Not yet finalised, the project is delayed a few months.

Was IT Central Station content helpful in helping you make a decision? -- Yes

What other content or data could we have offered that would have helped you make a quicker/better decision?

MI
Manager, Business Planning & Coordination Section with 10,001+ employees
User
2018-02-06T23:17:47Z
06 February 18

1) Was your research of SIEM products on our site for a purchase? If not, what was it for?
Answer: Yes, it to purcahse. But not for my use, but for to make a recommendation for our customer.

2) Which product did you end up choosing and when did you finalize the purchase?
Answer: We have recommended ArcSight, Qlader and Splunk.

3) Was IT Central Station content helpful in helping you make a decision?
Answer: Yes

4) What other content or data could we have offered that would have helped you make a quicker/better decision?
Answer: Use case in various field of industry.

it_user814209 - PeerSpot reviewer
Director of IT with 201-500 employees
User
2018-02-06T22:57:56Z
06 February 18

We are actively looking for a SIEM product to be installed in the next two months.

it_user714324 - PeerSpot reviewer
Information Security Officer with 51-200 employees
User
2018-02-06T22:28:32Z
06 February 18

I was/am researching a new cloud based SIEM solution for our organization.

We are doing a POC with EventTracker starting next week.

I wish I could tell you if your site was helpful, but I stumbled across them while they were trying to sell something else to me. I told them what I needed and they said ‘well, yes, we do that too.’

I don’t have a suggestion for you as to how to improve, this particular search was done on multiple sites as well as google and bing, and most everyone was at least a little helpful.

it_user608313 - PeerSpot reviewer
Sales Engineer 3 at Windstream Holdings, Inc.
Vendor
2018-02-06T22:12:00Z
06 February 18

1) Was your research of SIEM products on our site for a purchase? If not, what was it for?
Answer: Yes it was vendor research specific.
2) Which product did you end up choosing and when did you finalize the purchase?
Answer: other priorities but still on our radar for this year
3) Was IT Central Station content helpful in helping you make a decision?
Answer: Very much so, Thank You!
4) What other content or data could we have offered that would have helped you make a quicker/better decision?
Answer: Pros & cons of each product - generally based on utility, market share, & price

MS
Security Consultant at Verizon Communications
Real User
2018-02-06T20:54:07Z
06 February 18

We are using ArcSight and there are discussions with upper-management to use Splunk in a short future thus I would like to find information that compares ArcSight and Splunk technically.

I am an expert in ArcSight thus I know that ArcSight is very complex to build something but it is very flexible.
I don't know what propose Splunk SIEM solution.

I would like to have a real comparison because if you check them individually, they say that they are the best choice but when you are expert you know that it is wrong or it is in a specific situation.

I would like to know how to size the Splunk infra if I want to do the same as ArcSight.

Currently, I have not found the answers to my questions on your website but I continue to search.

ArcSight has been already bought thus I need more info on Splunk, the limitation of the product, how to size it, what I couldn't do with it compare to ArcSight.

If you could help me on these points, it will be very nice because I am currently very busy.

Vendor
2018-02-06T19:41:51Z
06 February 18

I am researching SIEM products in order to add one of them to our company security portfolio.
I am interested in SPLUNK.

it_user706146 - PeerSpot reviewer
Technical Director at CIPHER
Vendor
2018-02-06T19:12:49Z
06 February 18

Was your research of SIEM products on our site for a purchase? If not, what was it for?

If I remember correctly, it was Splunk vs. LogRhythm review scores. We were interested in OEMing LR.

Which product did you end up choosing and when did you finalize the purchase?

That client went with Splunk.

Was IT Central Station content helpful in helping you make a decision?

It was at least moderately useful.

What other content or data could we have offered that would have helped you make a quicker/better decision?

it_user777756 - PeerSpot reviewer
Senior Regional Sales Director with 51-200 employees
User
2018-02-06T19:00:09Z
06 February 18

Was your research of SIEM products on our site for a purchase? If not, what was it for?
Answer: No, it was for market and product comparisons and research, of reviews on the various SIEM technologies.

Which product did you end up choosing and when did you finalize the purchase?
Answer: We finalized a purchase and decided to go with FortiSIEM. We were partial to AlienVault solution as well, however some cost saving led us to go with FortiSIEM, considering we already have some Fortinet solutions in place within our environment).

Was IT Central Station content helpful in helping you make a decision?
Answer: Yes ITCS has plenty of useful information, the Buyer's Guide was helpful with our market research.

What other content or data could we have offered that would have helped you make a quicker/better decision?
Answer: More side-by-side comparisons between all vendors within this space. Also more real time feedback pertaining to operational input would be very helpful. Labs, are handy however they really don't necessarily relate/mimic the real SOC world.

it_user240681 - PeerSpot reviewer
Director Corporate Security at a media company with 10,001+ employees
User
2018-02-06T18:19:10Z
06 February 18

Was your research of SIEM products on our site for a purchase? If not, what was it for?
Answer: No, this was more research to get an cross comparison of reviews on the various SIEM technologies.

Which product did you end up choosing and when did you finalize the purchase?
Answer: We haven't finalized a purchase. However we did narrow our POC scope to 2 vendors (Spunk and AlienVault).

Was IT Central Station content helpful in helping you make a decision?
Answer: Yes, the Buyer's Guide was helpful.

What other content or data could we have offered that would have helped you make a quicker/better decision?
Answer: More side-by-side comparisons between the vendors. Also more real-world operational input. While you created a testing lab, it doesn't necessarily relate to a real world SOC.

it_user618366 - PeerSpot reviewer
Managing Consultant at IBM UK Ltd
MSP
2018-02-06T17:08:48Z
06 February 18

This is my view, not IBM's view:
If you could answer a few quick questions.
Was your research of SIEM products on our site for a purchase? If not, what was it for?
So, I provide Solution Guidance to many of the corporate SalesForce and their support staffs for given projects and deals. In this case, for a
situation where there was some form of global merger going on. Parts of the customer company had ArcSight, other parts other tools, and some parts QRadar. Could all of these live together and form part of a Global Immune System was sort of the question. [IBM Immune System -
https://ibm.biz/Bdignb and http://www-03.ibm.com/security/infographics/immune-system/ ] I wanted to check that what I had been told internally and from Corporate marketing (based on IDC, Forrester, Gartner) with an independent source such as yourselves with hands-on experience. Your info confirmed what I thought I
knew; particularly about :
a) ArcSight having a quite steep learning curve - requires staff with expertise and certainly SME for ArcSight
b) ArcSight ESM works well on physical hardware but not yet aligned for Cloud and needs a lot of extra work to tune it even to a Virtual
Hypervisor. Without proper tuning, running ESM on VMware does not work well.
Which product did you end up choosing and when did you finalize the purchase?
As this Global Corporation needs to streamline and integrate all of their
Mergers and Acquisitions security operations this will take some time;
throughout which they will want to run the same as-is until they migrate to their evolving ww new secured infrastructure based on Hybrid Cloud.
They were seeking a Solution and Systems Integrator and also a Strategic
Security Partner for the year of WW Regulatory Change (GDPR, NIS, etc...)
My corporation will be able to provide all of that whilst initially still continuing to run the ArcSight until contract renewal and perhaps even after that. We will build on the QRadar SIEM they have within one part of their organization whilst coexisting with ArcSight in another.
Core Contract was signed in January.
Was IT Central Station content helpful in helping you make a decision?
I didn't have to make a decision as such but was able to clarify they could co-exist and what the ramifications would be for there to be streamlined organization and the overall Systems Integration, Transition and Transformation and core enterprise security. Your information clarified and confirmed as per the answer above.
What other content or data could we have offered that would have helped you make a quicker/better decision?
It is all there yet perhaps there should be some overview that puts all such products against an ISO / ISF, CoBit or Cloud Security Alliance or indeed the NIST Security Framework 800-53; it's not much use to have a SIEM product that isn't truly integrated with your entire Security Monitoring Framework and particular the Analytics and User Behaviour in readiness for some sort of Threat Reduction capability that all CxO's would love. So a mapping against a Standard Security Framework and the bigger picture would help considerably for such a purchase moving forward and catering for the ever complex Regulatory Framework.
I hope that helps

it_user324942 - PeerSpot reviewer
Network admin/security at a government with 1,001-5,000 employees
Real User
2018-02-06T14:58:51Z
06 February 18

I seem to recall someone from your end reached out to me for comment on our SIEM experience and purchase.

it_user744111 - PeerSpot reviewer
Regional Manager IBM with 1,001-5,000 employees
User
2018-02-06T14:47:07Z
06 February 18

Was your research of SIEM products on our site for a purchase? If not, what was it for?

We are an IT provider, I was about to get better understanding positioning various products of similar profile. I compared IBM QRadar, SPLUNK, LOGRHYTHM

Which product did you end up choosing and when did you finalize the purchase? My company favorites IBM´s QRADAR

Was IT Central Station content helpful in helping you make a decision? YES, Thank You. I received through IT Central Station very nice and helpful contact who helped to gain transparency about the different SIEM products

What other content or data could we have offered that would have helped you make a quicker/better decision? I am satisfied with the fast response and got all the info needed.

I

it_user593820 - PeerSpot reviewer
Marketing Director with 51-200 employees
User
2018-02-06T14:37:47Z
06 February 18

Was your research of SIEM products on our site for a purchase? If not, what was it for?
ME: No. For market/product research.

Which product did you end up choosing and when did you finalize the purchase?
ME: I am partial to AlienVault.

Was IT Central Station content helpful in helping you make a decision?
ME: ITCS has a lot of useful information in helping me with my market research.

What other content or data could we have offered that would have helped you make a quicker/better decision?
ME: The more side by side comparisons you have "AlienVault vs LogRythm", "AlienVault vs Splunk" on your site, the better.

I really appreciate your help! Chaya
ME: No problem! Take care.

2018-02-06T14:03:11Z
06 February 18

Simply Splunk.

it_user758406 - PeerSpot reviewer
Principal Analyst - IT Security with 201-500 employees
User
2018-02-06T13:33:51Z
06 February 18

Research only

it_user389292 - PeerSpot reviewer
Senior Manager Information Technology at Xilinx, Inc.
MSP
2018-02-06T13:19:57Z
06 February 18

Hi, I might have searched endpoint patching tool for Linux systems .. I am not actively looking for any changes in our current tool systems... will let you know if anything required

it_user609066 - PeerSpot reviewer
User at a tech company with 51-200 employees
User
2018-02-06T13:09:14Z
06 February 18

Mostly I looked at your site to get information about other SIEM solutions.

We are McAfee partners and we are selling McAfee SIEM, but we are also looking for solutions for smaller clients.

Thank you for reminding of your site. I have to look what kind of information there is about AlienVault solutions.

Related Questions
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Sep 11, 2022
Hi community,  I am a Service Delivery Manager at a medium-sized tech services company. I am researching PSIM (Physical Security Information Management). What are the main use cases and benefits of products that fall under this category? Thank you for your help.
PeerSpot user
Senior Consultant-Information Security at a tech services company with 51-200 employees
Aug 22, 2017
I would like to know the evaluation parameters and reviews for SIEM-Alien Vault and LogRhythm to implement in a banking environment in Gulf region.
2 out of 14 answers
PeerSpot user
Enterprise Security Architect at a tech services company with 51-200 employees
24 July 17
AlienVault should be the way to go here I think! You can integrate ANY custom log source to the siem and comes with over 3000+ pre-built correlation rules Having a good partner to assist with integration and implementation is also key. ... and well, I work with a partner firm who sells and deploy both siem solutions, hence, my candid input on subject matter Regards Ibukun
PeerSpot user
SOC- Lead, Citrix Inc at Wipro Technologies
24 July 17
personally, I never worked on Alien-Vault or LogRhythm, but if you have the third vendor name in mind, can consider Splunk as well.
Download Free Report
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Splunk, IBM, Microsoft, and more! Updated: September 2022.
DOWNLOAD NOW
633,572 professionals have used our research since 2012.