Solutions Review: The Eight Niche Players in SIEM, 2020

Solutions Review: The Eight Niche Players in SIEM, 2020

These providers have recently been named Niche Players in SIEM in 2020 by analyst house Gartner, Inc. 

Gartner defines SIEM by “customers’ need to analyze security event data in real-time, which supports the early detection of attacks and breaches. SIEM systems collect, store, investigate, support mitigation and report on security data for incident response, forensics and regulatory compliance.” Additionally, Gartner considers SIEM a mature market, offering few if any predictions about the future of the cybersecurity branch. 

The following providers recently received the title of Niche Player in the Gartner Magic Quadrant for SIEM in 2020. Gartner does not consider Niche Players as lesser than Leaders; instead Niche Players “provide SIEM technology that is a good match with a specific SIEM use case or a subset of SIEM functional requirements.” In fact, Gartner strongly praises the Niche Players and their capabilities.

The report, which highlights and scores the top products in the industry, also explores the top capabilities in the market including threat management and compliance. Each provider’s market share and product portfolios differ, which is what makes them interesting to the wider audience of SIEM customers. 

Here, we provide a brief comment about each and links to product details so you can learn more. Note: providers listed below in alphabetical order. 

Eight Niche Players in SIEM, 2020

AT&T Cybersecurity

AT&T CybersecurityThe AT&T Cybersecurity SIEM solution, Unified Security Management Anywhere, deploys as a Software-as-a-Service. AMong its capabilities, it provides asset discovery, vulnerability assessment, intrusion detection, and endpoint detection and response (EDR). The latter, a more recent addition, provides threat visibility and automated response.  


FireEye Solutions Review: The Eight Niche Players in SIEM, 2020The core of FireEye’s SIEM offering is called FireEye Helix, which integrates with other FireEye solutions for email, network, and cloud security. FireEye solutions run in the cloud and provide capabilities for investigations based on forensic data. Recently FireEye included new orchestration capabilities.   


FortinetFortinet’s SIEM solution, named FortiSIEM, provides an advanced agent for Windows and Linux with EDR capabilities. Additionally, it offers for-pay threat intelligence and user and entity behavioral analysis (UEBA) capabilities. The FortiSIEM solution includes asset discovery features and configuration management.  



HanSight primarily sells in China, but its core product—HanSight Enterprise SIEM—includes UEBA. Also, it includes network traffic analytics, vulnerability management, asset discovery, and data loss prevention. Also, HanSight offers a Hosted Enterprise SIEM solution and provides capabilities                                                                for security operations center support.   


ManageEngineManageEngine’s main SIEM product is Log360 which can deploy on-premises or virtually. Also, the provider offers a web-based, cloud-hosted log storage platform called ManageEngine Log360 Cloud, which stores log management data created by a separate module. Log360 supports the automatic discovery of syslog devices on customer networks.   


McAfeeOne of the most recognized names in cybersecurity, McAfee offers the McAfee Enterprise Security Manager. This is composed of multiple modules that provide log searches, log managers, correlation engines, and log storage. Also, McAfee provides a separate Threat Intelligence module on a subscription basis.   

Micro Focus

Micro Focus SIEM toolsThe ArcSight Solution serves as Micro Focus’ primary SIEM solution. This comprises core SIEM capabilities as well as data collection, management, UEBA, and incident investigation. Micro Focus also supports security use cases through its Application Defender and Voltage data protection solutions.   


SolarWindsSolarWinds offers businesses the SolarWind Security Event Manager for SIEM. Among its features, it provides data management, real-time correlation, and log searching to support threat and compliance monitoring, investigations, and response. Also, SolarWinds offers an out-of-the-box repository of threat detection rules and compliance content.

Looking for a SIEM provider? Our SIEM Buyer’s Guide profiles the Niche Players in SIEM in 2020 in detail, along with their key capabilities

Ben Canner