Ad Image

Security Information and Event Management Solutions Directory

Below is a SIEM Solutions Directory of the Top 25 Security Information and Event Management Solutions and SIEM software vendors including a solutions overview, More Details supported and links to social media. If you would like an easy to reference printed version of this SIEM Solutions Directory page including complete solutions profiles and a list of the top questions to ask in an RFP – Request for Proposal, click here for a Free PDF.

AT&T Cybersecurity
Solutions Overview

The AT&T Cybersecurity solution—the AlienVault® Unified Security Management® (USM) solution—combines SIEM and log management capabilities with other essential security tools—including asset discovery, vulnerability as...

The AT&T Cybersecurity solution—the AlienVault® Unified Security Management® (USM) solution—combines SIEM and log management capabilities with other essential security tools—including asset discovery, vulnerability assessment, and intrusion detection (NIDS and HIDS)—to provide centralized security monitoring of networks and endpoints across cloud and on-premises environments– from a single pane of glass.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

The ease-of-use and speed-to-deployment of the AlienVault Unified Security Management (USM) platform provided by AT&T Cybersecurity makes it a good fit for enterprises with a smaller staff and limited security budget. Many of their enterprise-level features are also competitively priced.

Solutions Overview

Blumira is a leading cybersecurity provider of automated threat detection and response technology. Founded in 2018, Blumira’s cloud-delivered security platform helps organizations of all sizes with limited security resour...

Blumira is a leading cybersecurity provider of automated threat detection and response technology. Founded in 2018, Blumira’s cloud-delivered security platform helps organizations of all sizes with limited security resources or expertise to detect and respond to cybersecurity threats faster to stop ransomware and data breaches. The all-in-one solution is quick to deploy, easy to implement, and integrates broadly across cloud and on-premises technology to provide coverage for hybrid environments.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Blumira’s detection and response platform enables faster resolution of threats to help you stop ransomware attacks and prevent data breaches. The company surfaces real threats, providing meaningful findings so security teams can prioritize events. Users can automatically block known threats, use playbooks for easy remediation, or contact Blumira’s security team for additional guidance. Blumira helps with onboarding, triage, and ongoing consultations to continuously help your organization improve your security coverage.

Solutions Overview

CYBERShark, powered by BlackStratus, is a SIEM technology and service-focused solution provider headquartered in New Jersey, provides reliable and innovative security event correlation, compliance, and log management capa...

CYBERShark, powered by BlackStratus, is a SIEM technology and service-focused solution provider headquartered in New Jersey, provides reliable and innovative security event correlation, compliance, and log management capabilities. CYBERShark offers a huge portfolio of solutions with offerings including LogStorm, SIEMStorm, and SOC-As-A-Service. CYBERShark is a cloud-based SIEM-as-a-service designed for digital transformations. CYBERShark is built on a multi-tiered, distributed architecture to diminish the chance of missing a threatening event, saving downtime and information loss. It offers a simplified licensing model flexible for scale and deployment.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

CYBERShark has been expanding its features and its integration, and aims to fit businesses of all sizes. It is a good fit for service providers requiring a customizable SIEM platform, and for service-centric end-user organizations looking for well-formed multi-tenancy support. BlackStratus constantly innovates its support for IAM solutions. Additionally, CYBERShark offers 24/7 monitoring and alerting.

Solutions Overview

Cysiv operates in the field of security operations center-as-a-service (SOCaaS)—an alternative to a traditional SIEM solution. It works with enterprises to reduce the risk of a damaging cyber-attack or data breach by prov...

Cysiv operates in the field of security operations center-as-a-service (SOCaaS)—an alternative to a traditional SIEM solution. It works with enterprises to reduce the risk of a damaging cyber-attack or data breach by providing 24/7 threat detection and response. Using Cysiv Command—a cloud-native, co-managed next-gen SIEM platform—its team of experts operates as a seamless extension to your IT security team to accelerate and improve the process of detecting, investigating, hunting for, and responding to actionable threats across the complete IT environment, including on-premises, multi-cloud and SaaS applications. All of this is delivered with simple, predictable monthly billing, and can be operational in days.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Cysiv SOCaaS is well-suited to organizations with limited budgets that need a SIEM or SOC, businesses frustrated with their current SIEM or MSSP, and enterprises seeking to improve their SOC effectiveness. Because it supports multi-tenancy, it is also ideal for MSPs and MSSPs that want a cost-effective and flexible approach to providing threat detection and response to clients. Cysiv SOCaaS includes predictable, all-inclusive, pay-as-you-go monthly billing that covers the use of the next-gen SIEM platform, 24/7 monitoring with human-led threat hunting, and access to Cysiv experts.

empow
Solutions Overview

empow is the developer of an SIEM system that detects cyberattacks and automatically orchestrates adaptive investigation and mitigation actions in real time, without the need for human-written rules. empow’s i-SIEM platfo...

empow is the developer of an SIEM system that detects cyberattacks and automatically orchestrates adaptive investigation and mitigation actions in real time, without the need for human-written rules. empow’s i-SIEM platform automatically understands the fundamental nature or intent of threats, finds the actual attacks hidden in the “noise,” and marshals the right security tools to respond when those attacks occur. empow’s unique technology allows for management by a very small team of even one security analyst. The i-SIEM empow features a strategic and commercial OEM partnership with Elastic, a leading data search company, and offers a high ROI joint solution.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

empow’s i-SIEM offers organizations a mature and highly effective SIEM security platform. The i-SIEM allows security analysts to bypass the process of writing correlation rules, focusing their time on only high-risk entities and security events. This – together with empow’s built in UEBA, NTA and Elastic search integration – makes i-SIEM a platform that delivers effective and cost-effective next generation SIEM at machine speeds.

Exabeam
Solutions Overview

Exabeam offers their Security Intelligence Platform as a collection of components—built on several big data platforms—that be selected and deployed separately. Their Log Manager component handles the data management, incl...

Exabeam offers their Security Intelligence Platform as a collection of components—built on several big data platforms—that be selected and deployed separately. Their Log Manager component handles the data management, including collection and storage, and can collect from both local endpoints and cloud-based applications.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Exabeam was named to Gartner’s 2018 SIEM Magic Quadrant as a Leader, which singled out their granular role-based data and workflow capabilities. Their licensing approach—based on the number of users in an enterprise—and their customization options due to their deployment-based model have also received praise.

Solutions Overview

Also based out of California, Fortinet offers their platform FortiSIEM. FortiSIEM provides SIEM, file integrity monitoring (FIM), configuration management database (CMDB), and availability and performance capabilities. An...

Also based out of California, Fortinet offers their platform FortiSIEM. FortiSIEM provides SIEM, file integrity monitoring (FIM), configuration management database (CMDB), and availability and performance capabilities. Analytics-driven IT operations and cloud management are provided, helping companies manage and monitor network performance, security, and compliance requirements.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Fortinet provides top-rated network and content security, as well as secure access products that share intelligence and work together to form a cooperative fabric. Our unique security fabric combines Security Processors, an intuitive operating system, and applied threat intelligence to give you proven security, exceptional performance, and better visibility and control–while providing easier administration.

Solutions Overview

IBM Security’s QRadar Platform offers log and risk management that can be deployed as an appliance, a virtual appliance, or a SaaS infrastructure as a service (IaaS); this makes them well-suited to different IT environmen...

IBM Security’s QRadar Platform offers log and risk management that can be deployed as an appliance, a virtual appliance, or a SaaS infrastructure as a service (IaaS); this makes them well-suited to different IT environments. They also deliver a hybrid option, with on-premises QRadar deployment combined with a SaaS solution hosted on their IBM Cloud.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

IBM’s QRadar is best suited for midsize to large enterprises with general SIEM requirements, and those whose use cases require behavior analysis, network flow, and packet analysis; IBM has worked to expand over these capabilities over past few years. Its unified platform covers a wide range of security monitoring tools, and has native threat detection.

Solutions Overview

Lacework automates security and compliance across AWS, Azure, GCP, and private clouds, providing a comprehensive view of risks across cloud workloads and containers. Lacework’s unified cloud security platform provides unp...

Lacework automates security and compliance across AWS, Azure, GCP, and private clouds, providing a comprehensive view of risks across cloud workloads and containers. Lacework’s unified cloud security platform provides unprecedented visibility, automates intrusion detection, delivers one-click investigation, and simplifies cloud compliance.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Lacework works to bring automation, speed, and scale to cloud security by enabling enterprises to securely innovate in the cloud. Lacework is designed to self-adapt to the cloud’s ever-changing configuration and workloads. The Lacework team focuses on giving customers visibility and control over their cloud operations at cloud scale to the monitoring of all activities across all cloud components.

Logentries SIEM
Solutions Overview

Boston-based Logentries offers a real-time log management and analytics service built for the cloud. These SIEM solutions securely collect log data while preventing unencrypted sensitive data from leaving your IT environm...

Boston-based Logentries offers a real-time log management and analytics service built for the cloud. These SIEM solutions securely collect log data while preventing unencrypted sensitive data from leaving your IT environment without consent from the security team.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Logentries is a good solution for companies that want aggregated log management and security event correlation across their entire IT infrastructure. Because it is easy to use, LogEntries can appeal to small, large, and mid-sized enterprises interested in behavioral analytics.

Solutions Overview

Danish LogPoint’s full enterprise SIEM solution extracts security events and incidents from logs existing in IT infrastructures and environments of any size. Filtered and correlated real-time results are displayed in dash...

Danish LogPoint’s full enterprise SIEM solution extracts security events and incidents from logs existing in IT infrastructures and environments of any size. Filtered and correlated real-time results are displayed in dashboards that can be configured based on the specific roles and responsibilities of each user.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

LogPoint offers SIEM solutions to smaller companies with limited budgets and operational capabilities, as well as large, complex multinational enterprises. While they mostly operate in Europe, they also have partnerships across the globe and continue to grow their footprint.

Solutions Overview

LogRhythm, the Colorado-based solution provider, combines SIEM, Security Analytics (including UEBA), Log Management, and Network and Endpoint Monitoring with Machine Analytics and Host and Network Forensics in a unified S...

LogRhythm, the Colorado-based solution provider, combines SIEM, Security Analytics (including UEBA), Log Management, and Network and Endpoint Monitoring with Machine Analytics and Host and Network Forensics in a unified Security Intelligence Platform. Their SIEM solution consists of several unified components: the Event Manager, Log Manager, Advanced Intelligence Engine (AI Engine), and Console.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

LogRhythm primarily caters to companies that desire an end-to-end workflow that sorts through security alert noise and quickly discovers, investigates, and responds to cyber threats via SIEM, security analytics and network/endpoint monitoring solutions. LogRhythm’s well-regarded innovations in usability facilitates their solutions’ deployment and performance.

Solutions Overview

Logsign is a global cybersecurity vendor focusing on automation-driven SIEM and SOAR products and value-added services. They are located in The Hague, Netherlands, San Francisco US and İstanbul, Turkey. Download this Dire...

Logsign is a global cybersecurity vendor focusing on automation-driven SIEM and SOAR products and value-added services. They are located in The Hague, Netherlands, San Francisco US and İstanbul, Turkey.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Logsign offers a security driven logging solution that can integrate with hundreds of vendors over tens of protocols. As a vendor agnostic company, they supply vast support to new/custom logging formats. Logsign installations can scale from a single server installation to tens of servers both vertically and horizontally in an almost linear fashion.

ManageEngine
Solutions Overview

ManageEngine’s Log360 solution simplifies IT management with an affordable software solution that offers the ease-of-use smaller enterprises need and the powerful features the largest enterprises demand. Log360 features t...

ManageEngine’s Log360 solution simplifies IT management with an affordable software solution that offers the ease-of-use smaller enterprises need and the powerful features the largest enterprises demand. Log360 features the ManageEngine EventLog Analyzer: a web-based, agentless syslog and windows event log management solution for security information management that collects, analyses, archives, and reports on event logs from distributed Windows hosts and syslogs from myriad data sources including UNIX hosts, Routers & Switches.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

ManageEngine is a cost-effective solution that is a good option for small and mid-sized businesses and enterprises. They also offer a pay-as-you-go pricing model coupled with the ability to scale services up or down as needed, ideal for enterprises looking to expand their footprint.

Rapid7 SIEM tools
Solutions Overview

Founded 2000 and based out of Boston, Rapid7 offers their InsightIDR solution—a cloud SIEM solution for modern threat detection and response. Through InsightIDR, Rapid7 seeks to unify your security data with cloud-based l...

Founded 2000 and based out of Boston, Rapid7 offers their InsightIDR solution—a cloud SIEM solution for modern threat detection and response. Through InsightIDR, Rapid7 seeks to unify your security data with cloud-based log and event management. Rapid7 aims to assist with enterprise compliance, detect the behavior behind breaches, and monitor for lateral movement. Specifically, Rapid7 monitors for lateral movement involving stolen credentials by traffic manipulation and hash extraction, and it facilitates the searching and visualizing of your security data. This provider focuses on centralization and analysis, providing fast deployment and the identification of evolved attacker behavior.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Rapid7 receives high marks from global enterprises seeking intrusion detection and prevention and comprehensive security coverage; many acknowledge the ease and straightforward of implementation and deployment. Indeed, Rapid7 was named to the March 2019 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment. They were also named in the Gartner Market Guide for Managed Detection and Response, the Market Guide for SOAR. Additionally, they were named a Visionary to the SIEM Magic Quadrant in 2018.

Solutions Overview

A giant in the cybersecurity technology sphere, NetWitness suite provides visibility from logs, full network packet, NetFlow, and endpoint data capture. The NetWitness Logs facilitates the automated collection, analysis, ...

A giant in the cybersecurity technology sphere, NetWitness suite provides visibility from logs, full network packet, NetFlow, and endpoint data capture. The NetWitness Logs facilitates the automated collection, analysis, alerting, auditing, reporting, and secure storage of all logs. Alerts can be delivered through the intuitive user interface, via SMS or email, and auditors can even be granted read-only access to the enVision platform so that they can access the reports whenever they need them.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

NetWitness is best-suited for security-conscious companies that need log-based and network-level monitoring for threat detection and investigation, and have an incident response team. Their logging and documentation capabilities are solid. NetWitness works best for companies that have a good deal of technical knowhow on hand, as the interface and the numerous moving parts can be overwhelming without it. They offer good support to help with any deployment issues.

Solutions Overview

SilverSky, formally Cygliant, origins lie in the analysis of enterprise log files across web servers, file servers, firewalls, and other network devices. Having moved into the SIEM market only recently, SilverSky seeks to...

SilverSky, formally Cygliant, origins lie in the analysis of enterprise log files across web servers, file servers, firewalls, and other network devices. Having moved into the SIEM market only recently, SilverSky seeks to reduce cyber risk and enable enterprises to implement comprehensive strategies to combat cyber risk by combining security programs with insurance coverage. SilverSky offers their SOCVue solution—a security hybrid SaaS offering—and provides 24/7 security operations designed to singularly meet enterprises’ regulatory and industry compliance objectives.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

SilverSky is a good option for small and mid-sized enterprises who need to protect themselves against cyberattacks. Its solutions help enterprises manage their IT infrastructure costs while improving their IT security, deliberately designing their solutions to help lean IT staff with limited budgets. Its SOCVue Vulnerability and Patch Management subscription service can help enterprises handle the necessary security patching without disrupting everyday business processes.

Solutions Overview

Running off a Hadoop big data platform, Securonix offers the Snypr Security Analytics solution as their SIEM platform. Among their capabilities includes a library of threat signatures, UEBA functionality, and event and da...

Running off a Hadoop big data platform, Securonix offers the Snypr Security Analytics solution as their SIEM platform. Among their capabilities includes a library of threat signatures, UEBA functionality, and event and data collection. Other functions include configuration, indexing via Search Service, data parsing and normalization via enrichment services, and correlation services.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

In Gartner’s 2018 SIEM Magic Quadrant, they praised Securonix’s flexible delivery models and its data management capabilities.Their use cases can extensively support out-of-the-box content, and they can ingest a wide set of data sources. Customers praise its ease of implementation and give it positive feedback overall.

Solutions Overview

California’s Splunk provides pre-packaged dashboards, reports, incident response workflows, analytics, and correlations to identify, investigate, and respond to internal and external threats. Its security intelligence pla...

California’s Splunk provides pre-packaged dashboards, reports, incident response workflows, analytics, and correlations to identify, investigate, and respond to internal and external threats. Its security intelligence platform provides event and data collection with visualization options and use-case agnostic data analysis capabilities for IT operations.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Splunk continues to add machine learning-based user behavioral analytics to better detect threats, and has a full suite of solutions that allows for growth into the platform. Companies looking for a customizable SIEM platform in order to support analytic functions and third-party integration may find their solution here.

Solutions Overview

California’s Sumo Logic principle focus as a solution provider is log aggregation. However this statement, while true, does not paint the full picture of Sumo Logic’s capabilities. It also enables enterprises to build ana...

California’s Sumo Logic principle focus as a solution provider is log aggregation. However this statement, while true, does not paint the full picture of Sumo Logic’s capabilities. It also enables enterprises to build analytical power that transforms daily operations into intelligent business decisions.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Sumo Logic offers a flexible and market dynamic payment options for their solution, which works well with companies of all sizes. Its price points are competitive for the market, and it’s entirely cloud-based and maintenance free. Enterprises interested in Sumo Logic should take note: they will need a solid underlying internet connection to take advantage of Sumo Logic’s SIEM and security analytics offerings.

Solutions Overview

Hailing from Maryland, Tenable offers SIEM which leverages the log management capabilities of their Log Correlation Engine (LCE) to collect all logs, software activity, user events, and network traffic across the entire I...

Hailing from Maryland, Tenable offers SIEM which leverages the log management capabilities of their Log Correlation Engine (LCE) to collect all logs, software activity, user events, and network traffic across the entire IT environment. Tenable analyzes data for correlated events and impact on security and compliance posture.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Tenable is a good option for organizations of all size, from small businesses to large enterprises. For the most part, Tenable is used by large enterprises, companies, and organizations, as it offers the capabilities suited for their large data volume demands.

Solutions Overview

Trustwave’s Managed SIEM services provide threat intelligence, efficiency, and automation to organizations of all sizes. Their service is ideal for consumer-facing businesses, as includes the Payment Card Industry Data Se...

Trustwave’s Managed SIEM services provide threat intelligence, efficiency, and automation to organizations of all sizes. Their service is ideal for consumer-facing businesses, as includes the Payment Card Industry Data Security Standard (PCI DSS)—a high standard and important compliance capability.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Trustwave would be a good choice for midsized organizations seeking SIEM that will offer a variety of technologies and service options to meet compliance and threat management requirements simultaneously. They’ve integrated with numerous telecommunications companies, indicating their effectiveness in high-speed environments.

Solutions Overview

Trellix recently absorbed, McAfee, a key player in SIEM and threat intelligence research. Their Enterprise Security Manager (ESM) consolidates, correlates, assesses, and prioritizes security events for both third-party an...

Trellix recently absorbed, McAfee, a key player in SIEM and threat intelligence research. Their Enterprise Security Manager (ESM) consolidates, correlates, assesses, and prioritizes security events for both third-party and Intel Security solutions. Trellix also provides integrated tools for configuration and change management, case management, and centralized management of policy to improve workflow and efficiency. Trellix’s Advanced Correlation Engine is designed for dedicated correlation and risk and behavior-based correlation. It also includes parsed event, database, and reporting capabilities.

Download this Directory and get our Free Security Information and Event Management Buyer’s Guide.

Trellix recently enhanced its SIEM offering by acquiring McAfee. Its Enterprise Security Manager (ESM) consolidates, correlates, assesses, and prioritizes security events for both third-party and Intel Security solutions. Trellix’s Advanced Correlation Engine is designed for dedicated correlation and risk and behavior-based correlation.