Coming October 25: PeerSpot Awards will be announced! Learn more
Rony_Sklar - PeerSpot reviewer
Community Manager at PeerSpot (formerly IT Central Station)
  • 1
  • 37

What is the best SIEM tool for a large financial services firm?

Do you have recommendations for the best SIEM tool to invest in for a large financial services provider? What particular features of your recommended tool make it the best choice?

PeerSpot user
2 Answers
Daniel Sichel - PeerSpot reviewer
User at a healthcare company with 5,001-10,000 employees
Real User
04 January 21

I would take a long hard look at IBM QRadar. The user behavior analytics will give you insight into insider activity. You will want to run CIS internals on your endpoints and get detailed logs using their Wincollect server functionality. Using that alongside of something like Varonis and a decent DLP solution will give you complete insight into what your users are doing, when they did it, and what information was involved. Installing it is easy configuring it is formidable but the results will give you attribution and specificity. In addition the capabilities of QRadar allow the development of specific use cases that will detect anomalous behavior and provide excellent IOAS and IOCs.

Abhishek RVRK Sharma - PeerSpot reviewer
Senior Technical Marketing Engineer at Securonix Solutions
Real User
24 August 20


First off, look for a SIEM that offers customized content for financial services. Use cases such as SWIFT fraud, insider threat and data exfiltration, trade surveillance are the sort of support you should be looking for. 

I work for Securonix, and our solution has content tailor-made for the financial services industry. Specific financial services firms may have different requirements, but our prebuilt content provides broad coverage. Needless to say, I would recommend Securonix, but one aspect to consider with any solution - for financial services, the creation of new threats is much faster than for other industries. Consider a SIEM tool with strong analytics (UEBA) pedigree and good data ingestion and scaling capabilities.

Find out what your peers are saying about Splunk, IBM, Microsoft and others in Security Information and Event Management (SIEM). Updated: September 2022.
633,572 professionals have used our research since 2012.
Related Questions
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Sep 11, 2022
Hi community,  I am a Service Delivery Manager at a medium-sized tech services company. I am researching PSIM (Physical Security Information Management). What are the main use cases and benefits of products that fall under this category? Thank you for your help.
Dan Feraru - PeerSpot reviewer
Owner at Infodava
Mar 23, 2021
Hi community, I'm the owner of a tech services company.  I'm looking for help with a template for a SIEM PoC (high-level, generic document). Can anyone help?  Thank you,  Dan
See 2 answers
Abhishek RVRK Sharma - PeerSpot reviewer
Senior Technical Marketing Engineer at Securonix Solutions
24 August 20
Hello Dan,  Most SIEM vendors have a PoC script that they will run you through, but it is typically customized for their architecture. Are you looking for a basic PoC script, or something tailored to a specific use case?  This might help - (Disclaimer: I work for Securonix. If you're looking to begin a SIEM purchase exercise, I advise incorporating next-gen SIEM requirements in your PoC.)
Jairo Willian Pereira - PeerSpot reviewer
Information Security Manager at a financial services firm with 5,001-10,000 employees
23 March 21
Hi, here you can download a vendor-neutral reference-document.Good luck with your decision (make it slowly).
Download Free Report
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Splunk, IBM, Microsoft, and more! Updated: September 2022.
633,572 professionals have used our research since 2012.