Security Information and Event Management (SIEM) Reviews and Ratings

Splunk, it provides integration and visibility across the various tools in place, and it is widely recognized as a powerful and versatile tool for collecting, Analyzing, and visualizing large amount of data. Splunk enterprises is all in one tool for automation and log analysis, and it will perform real time analysis and reporting, and provide wide range of customization and integration options.in Splunk the security features such as access control and data encryption helps in securing sensitive data. Splunk can also be a powerful tool for identifying patterns and anomalies in the data which can be particularly useful for security and IT operations use cases. Splunk is an user friendly interface, real time monitoring, analytics, scalability and a vibrant user community, and it is trustworthy and web-based management solution that anyone with computer skills can use to navigate in real time.

My experience with LogRhythm has been nothing short of amazing. I know that time and time again their team will step up to the plate, and provide the best possible service and relationship they can to me. The price is legitimately 50%+ less than most and it provides more OOTB than any SIEM I have tried before. I have used most of the major SIEMs within the market and so many have turned into black boxes in which you have almost zero control of rules / parsing and other configurations that a mature business should be looking out for. This creates an expensive catch-all scenario in which you're stuck with the bill, and rules that are too broad. LogRhythms open type architecture has allow me to create flexible rules, stay up to date against threats and also reduce down my log ingestion an incredible amount which in turns saves me money.

QRadar has proven to be a consistently reliable Security Information and Event Management tool for our organization. It is literally the heart of our Security Operations Center and we have utilized since a day one of our inception.

I could not be happier. We needed a way to protect against malicious IT programs and increase our IT security. We use a lot of private information for work.

Splunk ES is a very robust and powerful security and event management SIEM platform that is designed to help organisations detect, investigate, and respond to security threats. It provides real-time threats detection. It provides real-time monitoring and detection of security threats across all our data sources in our organisation. This allows our security teams to quickly identify and respond to potential security incidents. I've seen a great improvement on our security posture over the time we've been using this tool.

After years of search of a good SIEM and testing some ones, we found LogPoint as a SIEM that our requirements fullfill.

This SIEM is providing a easy to access and understable GUI for single pane of glass monitoring, outstanding.It provide centralized log management, collecting and coorelating security event data from various sources across your IT infrastructure. This unifies view of logs can assist in detecting patterns, identifying security incidents and conducting forensic investigations.

Elastic has been an outstanding as a SIEM software for our company. The product is being updated constantly with new functionality, especially the EDR, security, and ingest/shipping solutions. Elastic has been responsive and flexible with us through the entire process.

I get what I expect to get, ,within the time I expect to get it. The product was well explained, simple to implement and does what they say it will

SolarWinds Security Event Manager is great tool to check the logs which is made on the Critical server in our environment.

We purchased the latest Exabeam Fusion cloud native SIEM, and ran a deployment PS engagement with the Exabeam team during the start of 2023. The deployment team were excellent, guiding us through the setup procedures for onboarding logs and initiating the analytics engine. This new platform is in active constant development, so we're constantly seeing new features come live into our view, and whilst there has been some issues occur from time to time, we are supported by an excellent account management team and technical support team to help solve any problems. We are looking forward to the future with Exabeam, at the forefront of SIEM and Analytics.

Situation awareness based Realtime correlation taking our security to next level

ADAudit Plus provide full visibility of your authentications

Splunk Cloud according to my user experience it has been very helpful and great tool that is very scalable and user friendly. It allows us to scale our deployment easily. Whether its to increase or decrease our data ingestion rates, storage capacity, or computing power, Splunk Cloud can accommodate our growing needs. It provides the flexibility to handle varying workloads without the hassle of managing and provisioning hardware resources. This tool reduce infrastructure management. It takes care of the hardware, software updates, security patches, and system maintenance allowing us to focus on analyzing our data and extracting insights.

excellent product wirh internal deployment for log parsing and pipeline

We were looking for a product to detect threats at organisational level in real time. That is when we came across ForiSIEM. The product is really ideal for real time infra and user awareness on account of threats. Further, it provides visibility and remediation at a scable level. Would highly recommend this product if security is a key concern to organisations.

It is Unified Security Management Anywhere providing many features Threat detection, Incident response, compliance management, vulnerability assessment, asset discovery, file integrity monitoring

it is easy to use and best SIEM tools. i am using eventlog analyzer last 2.5 year. dashboard is easy to explain to auditor and good tools to capture every event and incident logs.

We're using this product for almost 3 years now, i can say it works pretty well in our environment. though the interface and overall experience might not be as intuitive or user friendly as some other cybersecurity tools on the market but this platform with wide range of features requires a learning curve for users who are not familiar with its capabilities.

We've used Sumo Logic (both CIP and CSE) for security operations and observability for the last three years. I am continuously impressed by the new capabilities they are adding, including most recently some additions in the UEBA space. They say the "voice of the customer" drives their platform's development, and I can say that is wholeheartedly true. They have a powerful correlation engine that generates the level of visibility we're looking for without being too noisy or too quiet. Other platforms seem to rely too heavily on raw log data or on UEBA/user context, but Sumo Logic is able to leverage the two *together* in a powerful way. Security admins can generate insights on pretty much anything they want--whether that's a sequence of events that are suspicious when considered in combination, when a user deviates from their normal baseline (UEBA), or just a traditional match rule to generate an alert every time a certain event occurs. Many SIEM tools don't have this level of flexibility and are either strictly event-focused or strictly UEBA-focused. Moreover, CIP makes it incredibly easy to search and aggregate historical logs to get the data we need to make decisions. Log parsing and onboarding, historically a challenge with other vendors, is a breeze with Sumo due to all the parsers they create and maintain. As a SaaS platform, the tech debt to maintain it is very low & it's always been highly performant in our experience.