dcsimg

Top 10 SIEM Products

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Linked in  
Email  

Security Information and Event Management (SIEM) is a key enterprise security technology, with the ability to tie systems together for a comprehensive view of IT security.

While each vendor has its own take on SIEM, Gartner lists the primary features for enterprise SIEM as: Ingestion of data from multiple sources; interpretation of data; incorporation of threat intelligence feeds; alert correlation; analytics; profiling; automation; and summation of potential threats.

SIEM products are differentiated by cost, features, and ease of use. Generally, the more you pay, the greater the sophistication and management complexity, so buyers must weigh their needs, budget and expertise as they decide on a SIEM system.

Despite its relative maturity, the SIEM market is still growing at double-digit rates. A major trend is the growing use of behavioral analytics and automation to filter out less urgent alerts so security teams can focus on the biggest threats. Analysts see the cloud as a growing means of delivery for SIEM services, both for SMBs and for hybrid organizations seeking easier ways to keep track of their complex environments.

Below is a brief summary of the top SIEM vendors, followed by a chart rating key features such as security, performance, value and support. Each summary links to an in-depth look at each SIEM product, including features, intelligence, analysis, pricing and more. Read more about our top security vendor methodology.

Here then are our picks for top SIEM products.

Jump ahead:

SolarWinds Log & Event Manager

SolarWinds may lack the full security suite of competitors, but it scores well in ease of deployment, cost, performance, and support. Its virtual appliance format makes it a good choice for SMEs and larger organizations with limited IT resources.

DOWNLOAD FREE TRIAL IN-DEPTH LOOK READ USER REVIEWS 

ManageEngine EventLog Analyzer

ManageEngine is best suited for midsize organizations with Windows-centric and AWS/Azure environments looking for basic threat detection and IT operations monitoring.

DOWNLOAD FREE TRIAL GET A QUOTE READ USER REVIEWS SCHEDULE LIVE DEMO DATA SHEET 

Sumo Logic SIEM

Sumo Logic is a new entrant to the SIEM market, offering a solution the company says is purpose-built for cloud, hybrid and DevSecOps environments, and machine learning surfaces recommendations for security teams to address.

Splunk Enterprise Security (ES)

Splunk's SIEM system is highly rated and popular, but licensing costs may push it beyond the reach of some SMEs. It is best fit for larger, well staffed IT organizations that are willing to pay the price for high security effectiveness.

DOWNLOAD FREE TRIAL PRICING CONTACT SALES IN-DEPTH LOOK READ USER REVIEWS 

LogRhythm SIEM

LogRhythm is another SIEM vendor with high ratings and popularity. It is easier to deploy than some of the other top-of-the-line SIEM products, but may not scale to support very high event volume environments. It is best for small and mid-sized organizations that already possess some kind of threat intelligence and analytics functionality.

IN-DEPTH LOOK READ USER REVIEWS VIDEO DEMO SCHEDULE LIVE DEMO REQUEST INFO 

AlienVault Unified Security Management (USM)

AlienVault offers a low-cost entry with surprisingly robust features for small and mid-sized companies. It may not offer all the advanced capabilities that enterprises seek, but for small and mid-sized organizations looking for their first SIEM product, AlienVault is hard to beat.

DOWNLOAD FREE TRIAL GET A QUOTE IN-DEPTH LOOK READ USER REVIEWS ONLINE DEMO 

Micro Focus ArcSight

ArcSight is in a transitional period as Micro Focus integrates the SIEM solution with its products after acquiring HPE's security software products. ArcSight is strongest in organizations with large, complex SOC environments and for basic log collection use cases.

GET A QUOTE IN-DEPTH LOOK READ USER REVIEWS ONLINE DEMO DATA SHEET 

Micro Focus Sentinel Enterprise

Large enterprises may not be the best fit for Micro Focus Sentinel Enterprise, which lags behind some competitors in enterprise functionality and completeness of vision. But it should definitely be considered by small and mid-sized organizations that do not have a high-maturity SOC and do not have requirements for full incident case management, as well as by MSSPs.

DOWNLOAD FREE TRIAL GET A QUOTE IN-DEPTH LOOK READ USER REVIEWS 

McAfee Enterprise Security Manager (ESM)

McAfee might be behind IBM, Splunk and LogRhythm in overall SIEM completeness, but its turnkey appliances and ease of deployment, as well as integration with other McAfee tools, make it a strong contender on many SIEM shortlists.

DOWNLOAD FREE TRIAL IN-DEPTH LOOK READ USER REVIEWS DATA SHEET 

Trustwave SIEM Enterprise and Log Management Enterprise

Trustwave SIEM is aimed at mid-market and enterprise users. It is particularly attractive to current users of other Trustwave tools as well as buyers with diverse IT environments. One downside is a lack of threat intelligence feeds out of the box, forcing users to buy or incorporate additional threat intelligence tools.

GET A QUOTE IN-DEPTH LOOK 

IBM Security QRadar

QRadar is rated highly by most analyst firms. Implementation complexity may limit its appeal to midsize and large enterprises that require core SIEM capabilities and those looking for a unified platform that covers a wide range of security monitoring and operational technologies.

DOWNLOAD FREE TRIAL IN-DEPTH LOOK READ USER REVIEWS DATA SHEET 

RSA NetWitness Suite

RSA NetWitness is popular in larger enterprises with well-trained, veteran IT security teams, particularly in financial, government, energy and telecom organizations. It may lack some of the features of SIEM leaders such as Splunk, LogRhythm and IBM, but has a definite edge in existing RSA, Dell and EMC shops.

GET A QUOTE IN-DEPTH LOOK READ USER REVIEWS ONLINE DEMO DATA SHEET 

SIEM Product Comparisons

See these pages that compare two SIEM products against each other:

Honorable Mentions

In addition to our top SIEM picks, there are a number of other promising SIEM solutions out there. Here are some others to consider.

Exabeam

Exabeam SMP's advanced analytics, threat hunting and incident response make it a good choice for enterprises with behavioral use cases and those seeking integrated orchestration and response capabilities.

GET A QUOTE READ USER REVIEWS SCHEDULE LIVE DEMO 

Securonix

Securonix offers SaaS and on-premises versions, advanced analytics and incident response, along with modules aimed at fraud, patient data and trade surveillance, making it an attractive option for large enterprises with sensitive data and a need for advanced features.

READ USER REVIEWS SCHEDULE LIVE DEMO DATA SHEET 

Rapid7

Rapid7 works best for small and midsize organizations looking for SIEM as a service with the option to outsource monitoring and response to the vendor.

DOWNLOAD FREE TRIAL READ USER REVIEWS 

Fortinet

Organizations and managed service providers already using Fortinet network technologies should consider FortiSIEM, as the solution is part of Fortinet's Security Fabric framework.

GET A QUOTE READ USER REVIEWS SCHEDULE LIVE DEMO DATA SHEET 

Netsurion

SMBs with compliance needs looking for basic threat detection with the option of vendor co-management should consider EventTracker.

DOWNLOAD FREE TRIAL READ USER REVIEWS 

LogPoint

Ideal for midsize organizations with monitoring requirements in Europe and those seeking to include SAP in their security and compliance monitoring.

DOWNLOAD FREE TRIAL PRICING READ USER REVIEWS PRODUCT BRIEF 

Venustech

Venustech is best suited for organizations in the Asia/Pacific region seeking a SIEM solution with analytics and network monitoring capabilities.

BlackStratus

BlackStratus is best for midsize organizations seeking a cloud-based SIEM solution with optional managed services, and MSSPs seeking a multitenant SIEM to deliver monitoring services.

GET A QUOTE SCHEDULE LIVE DEMO 

SIEM Features Compared

SIEM vendor comparison