ArcSight
ArcSight
ArcSight Enterprise Security Manager uses the MITRE ATT&CK framework, an open-source knowledge base of techniques and tactics, to quickly detect and escalate threats. The Navigator uses a real-time correlation engine to create dashboards and intelligent rules that map relationships between events. With its machine learning platform, the user and entity behavioral policies, or UEBA, identify unknown and elusive threats that normal analysis wouldn't necessarily catch. Throughout the ArcSight marketplace, admins can use any of the community connectors available or build their own.

Pros & Cons

Pros

  • Activity dashboard
  • Reporting and statistics
  • Vulnerability scanning

Cons

  • No incident management
  • No compliance management

What Customers Are Saying

Users reviews indicate that one of the best things about this IT security software is its support for a wide variety of logs. Other customers say they're glad they can route logs through smart connectors and manage EPS counts. According to these users, this makes ArcSight a suitable option for licensing. Some users have written that they experience some difficulty with the search mechanism.

Summary

ArcSight
ArcSight
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Trial
  • Deployment
    Installed - Windows
    Web-Based, Cloud, SaaS
  • Support Options
    Business Hours
    Online
  • Endpoint Management
    Yes
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
AT&T Logo
AT&T Cybersecurity
Formerly AlienVault, AT&T Cybersecurity is a proactive solution to protecting digital assets. Its Unified Security Management, or USM, provides immediate visibility upon installation, and with centralized monitoring of critical assets across endpoints, networks, and other environments, your team is able to view forensics data and correlate vulnerabilities. With the help of AlienApps, teams can easily integrate additional tools that will help them automate responses and detection. Managed AT&T Cybersecurity starts at $6,695 per month.

Pros & Cons

Pros

  • Asset discovery
  • File integrity monitoring
  • Network scanning

Cons

  • Whitelisting and blacklisting
  • Endpoint management

What Customers Are Saying

Customers of AT&T Cybersecurity say they prefer it to other solutions because it has a rich set of automated features that make it simple to implement. Since implementing this solution, security teams report that their burden has been reduced, and they've had no need for additional cybersecurity tools. They note that this software is useful for threat detection and response despite being a SIEM solution at heart.

Summary

AT&T Logo
AT&T Cybersecurity
  • Starting Price
    • Essentials: $1075 /month
    • Standard: $1695 /month
    • Premium: $2595 /month
  • Free Trial/Demo
    Not Provided
  • Deployment
    Installed - Windows
    Web-Based, Cloud, SaaS
  • Support Options
    Business Hours
    Online
  • Endpoint Management
    No
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
Datadog is a full-service SIEM that provides scalable plans to fit your needs. With log management capabilities, IT managers have faceted search, analytics, and dashboarding. Network monitoring tracks external traffic, and admins can see side-by-side hardware and flow data. Incident management is a fundamental part of the Datadog platform, and because it integrates with Slack, communication is streamlined during project collaboration, making it easier to track team activity.

Pros & Cons

Pros

  • Alerts escalation
  • CPU monitoring
  • Data migration

Cons

  • No baseline manager
  • No access controls/permissions

What Customers Are Saying

Customers reported higher efficiency following the implementation of Datadog. Among the most significant benefits they say they enjoy is the ability to monitor the health and performance of projects. Another feature Datadog users are pleased with is its ability to track logs and follow them up in real time, which is a significant advantage when running live projects. Other reviewers expressed satisfaction with the ability to customize the views of log sets.

Summary

  • Starting Price
    • Free version available
    • Pro: $15/month/host
    • Enterprise: $23/month/host
  • Free Trial/Demo
    14-dayFree Trial
  • Deployment
    Web-Based, Cloud, SaaS
    iPhone / iPad
    Android
  • Support Options
    Business Hours
    Online
  • Endpoint Management
    No
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
DNIF HyperScale SIEM provides a high-value solution by combining advanced technologies such as the SIEM, UEBA, SOAR, and security data lake into one product at an extremely low total cost of ownership to bring power and efficiency to security operation centers of all sizes.

Pros & Cons

Pros

  • Retention management
  • Threat intelligence
  • Web traffic reporting

Cons

  • Limited integrations
  • No audit management

What Customers Are Saying

IT managers say this software has provided them with a security platform that brings together traditional SIEM capabilities with new UEBA and SOAR solutions. As a result, the users say, they can offer their customers comprehensive MSSs. Customers say that besides traditional SIEM, DNIF has enabled them to offer critical security services such as application data monitoring and threat hunting.

Summary

  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Demo
  • Deployment
    Installed - Windows
    Web-Based, Cloud, SaaS
  • Support Options
    24/7 (Live Rep)
    Business Hours
    Online
  • Endpoint Management
    No
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
ElasticSearch
Elasticsearch
ElasticSearch is a free, open-source SIEM solution that provides real-time searches, analysis, and visualization. Audit logging and IP filtering are used for enhanced stack security as well as full- and multi-stack monitoring. With automated alerts, ElasticSearch ingests data from any source and uses a variety of techniques to search and analyze, including cross-cluster and inverted index. It has a healthy list of plug-ins and integrations for API expansion and other functionalities.

Pros & Cons

Pros

  • Easy to implement
  • Open source software
  • Easily scalable

Cons

  • Only available as SaaS
  • Complex search queries

What Customers Are Saying

User reviews note that this software is highly accessible and offers top performance thanks to its distributed architecture. They continue that ElasticSearch adds new nodes and handles node failures with no impact on data. IT security managers mentioned that the software lets them store information in multiple formats, including binary, XML, and JSON. Some did, however, describe the Query syntax as complex, especially for new users.

Summary

ElasticSearch
Elasticsearch
  • Starting Price
    • Free version available
    • Standard: $16/month
    • Gold: $19/month
    • Platinum: $22/month
    • Enterprise: Custom Quote
  • Free Trial/Demo
    Free Trial
  • Deployment
    Web-Based, Cloud, SaaS
  • Support Options
    24/7 (Live Rep)
    Business Hours
    Online
  • Endpoint Management
    Yes
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
EventLog Analyzer
EventLog Analyzer
ManageEngine's EventLog Analyzer is a comprehensive log management solution for databases as well as web and application servers. It parses log data and uses predefined rules to detect and mitigate threats. With integrated compliance management, it lets you use any of the numerous templates provided or create your own. For any suspicious activity, there are criteria-based alerts. EventLog Analyzer is used by companies like Samsung and IBM and has a 30-day free trial. 

Pros & Cons

Pros

  • Audit management
  • Compliance tracking
  • Intrusion detection system

Cons

  • Limited reporting and statistics
  • No whitelisting and blacklisting

What Customers Are Saying

Many users indicated in their reviews that among their most-liked features were the profiles for predefined alerts and reports. They said these features made it easier to implement the solution and receive notifications. Furthermore, the same reviews noted that they were able to generate and schedule compliance-based reports for their internal audits. Reviewers frequently stated that they use the software for auditing IISs and databases.

Summary

EventLog Analyzer
EventLog Analyzer
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Demo
  • Deployment
    Installed - Windows
    Web-Based, Cloud, SaaS
  • Support Options
    Business Hours
    Online
  • Endpoint Management
    Yes
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
FortiSIEM
FortiSIEM
FortiSIEM's architecture allows unified data collection from diverse sources, including logs and performance metrics. By combining network operations and security operations, it created a patented engine that parses and analyzes real-time searches and other events. It scores the risk of users and devices in addition to mapping user identity to network identity, adding essential context to activities. FortiSIEM provides a valuable framework and has integrations with several other platforms, including ServiceNow, Jira, and Tableau.

Pros & Cons

Pros

  • Third-party integrations
  • Security auditing
  • HIPAA compliant

Cons

  • No authentication
  • No vulnerability scanning

What Customers Are Saying

IT security managers often commented that once they had installed FortiSIEM, their teams experienced no difficulty using the app. Even first-time users among their teams described the user interface as straightforward. Additionally, reviews mentioned that the software provides a vast amount of information even without the IT security technicians having to create custom queries, reports, and handlers. They added that searches were fast.

Summary

FortiSIEM
FortiSIEM
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Demo
  • Deployment
    Web-Based, Cloud, SaaS
  • Support Options
    Business Hours
    Online
  • Endpoint Management
    No
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
IBM QRadar SIEM
IBM QRadar SIEM
IBM QRadar SIEM can consolidate volumes of log and network flow data for more accurate threat detection. It automatically normalizes parsed logs from diverse sources and applies built-in analytics to detect threats others may miss. IBM QRadar helps companies stay compliant, and because it integrates with approximately 450 solutions, it's flexible and highly scalable, making it capable of providing deep insights.

Pros & Cons

Pros

  • Endpoint management
  • Behavior tracking
  • Features planning tools

Cons

  • No multi-cloud management
  • No KPI monitoring

What Customers Are Saying

Users write in their reviews that QRadar's customizability and compatibility with most companies' IT systems are two of its main advantages. Another benefit frequently highlighted in reviews is the software's ability to isolate events that warrant the immediate attention of IT security technicians. Customers say QRadar achieves this through its flexible component deployment strategy and rich set of configurable elements such as building blocks, reference sets, and rules.

Summary

IBM QRadar SIEM
IBM QRadar SIEM
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    14-Day Free Trial
  • Deployment
    Installed - Mac
    Installed - Windows
    Web-Based, Cloud, SaaS
  • Support Options
    Online
  • Endpoint Management
    Yes
  • Log Management
    No
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
LogRhythm NextGen SIEM
LogRhythm NextGen SIEM
LogRhythm NextGen SIEM is a centralized platform that provides comprehensive visibility by continuous collection, normalization, and analysis. It detects and alerts administrators to suspicious cloud usage and supports over 800 data sources. Its cybercrime security analytics identifies indicators of an impending attack, and endpoint monitoring provides real-time visibility into evading malware outbreaks. Log security analytics provides actionable data while improving detection accuracy.

Pros & Cons

Pros

  • Correlation of events
  • Performance trending
  • Monitors access and group policy changes

Cons

  • Limited documentation on query-building
  • Offers inadequate training

What Customers Are Saying

Reviews from LogRhythm NextGen users generally express satisfaction with the product. Most customers indicate that it's their preferred enterprise-wide SIEM tool for security log management. These users list the software's event and log ingestion as one of this primary advantages. They also say that LogRhythm NextGen is relatively easy to implement and commend its support for being responsive. A few customers have complained that it provided limited support for cloud environments.

Summary

LogRhythm NextGen SIEM
LogRhythm NextGen SIEM
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Demo
  • Deployment
    Installed - Windows
    Web-Based, Cloud, SaaS
  • Support Options
    Business Hours
    Online
  • Endpoint Management
    Yes
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
LogSign SIEM provides comprehensive control and visibility. With its SOAR capabilities, it streamlines security flows by mapping people, processes, and technologies. Admins can manage repetitive tasks, leaving them time to take care of higher priorities. Advanced parsing and indexing mean you can connect an unlimited number of logs. Through complex correlations, this data makes it easier to detect complex threats early. LogSign has over 400 integration connectors for databases, routers, and more sources.

Pros & Cons

Pros

  • Behavioral analytics
  • Compliance management
  • Policy management

Cons

  • No status tracking
  • No vulnerability scanning

What Customers Are Saying

Reviews frequently report that it's relatively easy to set up the user administration functionalities on LogSign. Many users also mention that the software's customer support staff are helpful and highly knowledgeable. The software's user interface received positive reviews from users, who approve of its reports and dashboards and describe their overall experience as pleasant. On the other hand, some users wrote that they wish the provider offered more training and documentation.

Summary

  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Not Provided
  • Deployment
    Web-Based, Cloud, SaaS
  • Support Options
    24/7 (Live Rep)
  • Endpoint Management
    No
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
McAfee SIEM
McAfee SIEM
McAfee Enterprise Security Manager is an all-in-one solution for detecting and managing threats. Admins can scan raw logs with billions of events in seconds, rather than hours or weeks, to provide accurate intelligence management. Its advanced correlation engine matches events and call logs to find patterns and vulnerabilities. McAfee SIEM provides organizations with audit trails and historical data to support complete analysis and compliance.

Pros & Cons

Pros

  • Offers prioritization
  • Real-time monitoring
  • Offers SSL security

Cons

  • No behavioral analytics
  • No password management

What Customers Are Saying

Many users believe McAfee SIEM is becoming increasingly popular as a solution for addressing severe targeted attacks. They value it as a tool for log management and automated analysis. These users note that as attacks become increasingly difficult to detect, they have ratcheted up their reliance on this enterprise security manager from McAfee. Several customers say they liked how the software enables them to compare logs from multiple devices.

Summary

McAfee SIEM
McAfee SIEM
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Demo
  • Deployment
    SaaS
    Windows
    Linux
  • Support Options
    Online
  • Endpoint Management
    Yes
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
Netsurion EventTracker
Netsurion EventTracker
Netsurion SIEM provides proactive monitoring and security for all surfaces within an organization. EventTracker uses rules-based alerts for incident response, and its indexing model enables forensic analysis that quickly detects and addresses threat behavior. Netsurion has over 1,500 security and compliance templates to use for reporting, including PCI-DSS, HIPAA, and ISO.

Pros & Cons

Pros

  • Archiving and retention
  • Customizable reports
  • HIPAA compliant

Cons

  • Limited integrations
  • No audit management

What Customers Are Saying

Customers who use this solution for multiple clients write in their reviews that it provides them with adequate information for compliance. The only gripe that some reviewers seemed to have with EventTracker was that they found it somewhat difficult to deploy. However, they added that implementation was nonetheless successful with the help of an agent from the provider. Other frequently highlighted benefits were real-time alerts and centralized log management.

Summary

Netsurion EventTracker
Netsurion EventTracker
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Demo
  • Deployment
    Installed - Windows
    Web-Based, Cloud, SaaS
  • Support Options
    24/7 (Live Rep)
    Business Hours
    Online
  • Endpoint Management
    Yes
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
Powertech Event Manager
Powertech Event Manager
Powertech Event Manager from Core Security provides out-of-the-box integration solutions that monitor critical assets in a centralized location. Its Core Network Insight analyzes related traffic for critical infrastructure threats. With the help of an easier-to-use console, Security Auditor simplifies security policy management and administration by automatic configuration settings identification. Powertech Event Manager provides streamlined reporting, easing the administrative burden across all systems.

Pros & Cons

Pros

  • Application security
  • Forensic analysis
  • Real-time analytics

Cons

  • Limited reporting and analytics
  • No status tracking

What Customers Are Saying

The reviews for this SIEM are generally positive. Customers frequently indicate that they use Powertech Event Manager to manage access to production. They add that the software enables them to stay on top of requirements for security logging and monitoring events and incidents. In addition, users note that implementing this system raised the level of trust their customers had in them.

Summary

Powertech Event Manager
Powertech Event Manager
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Demo
  • Deployment
    Installed - Windows
    Web-Based, Cloud, SaaS
  • Support Options
    24/7 (Live Rep)
    Business Hours
    Online
  • Endpoint Management
    No
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
RSA NetWitness Logs And Packets
RSA NetWitness Logs and Packets
RSA Netwitness Logs and Packets helps security teams work more efficiently by improving their ability to effectively hunt for and respond to threats. With automation and machine learning, it's easier to prioritize threats. The platform has an advanced analyst workbench that provides constant visibility for faster detection and response. RSA NetWitness’s platform also includes a module that takes a deeper look at what's going on across network endpoints, always relying on the UEBA process to identify and profile unusual behavior.

Pros & Cons

Pros

  • Third-party integrations
  • Policy management
  • Offers authentication

Cons

  • No vulnerability scanning
  • No audit management

What Customers Are Saying

Customers generally have good things to say about NetWitness. Among their favorite aspects of the software, per their reviews, are its ease of use, customizability, tight security features, and compatibility with many IT systems. Many of them indicate that they're satisfied with the software as it enables them to monitor security-related activity and record their endpoints in a way that streamlines responses and investigations.

Summary

RSA NetWitness Logs And Packets
RSA NetWitness Logs and Packets
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Demo
  • Deployment
    Web-Based, Cloud, SaaS
  • Support Options
    In Person
    Live Online
  • Endpoint Management
    No
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
Security Event Manager
Security Event Manager
Security Event Manager from SolarWinds provides 24/7 analysis, supporting your organization's threat hunt efforts. Its advanced log viewer gathers and analyzes server logs while being able to audit logon events in one central location. Cross-site scripting prevention protects your company's network against in-memory attacks. Security Event Manager also has DDoS prevention tools. Additionally, admins can automate compliance, risk management, and log management tasks to achieve active compliance and actionable insights while improving overall productivity. Pricing starts at $2,613.

Pros & Cons

Pros

  • Cataloging and categorization
  • FISMA compliance
  • Real-time notifications

Cons

  • Limited reporting and analytics
  • No audit management

What Customers Are Saying

CTOs at a number of companies write in their reviews that they like this solution because it's lightweight, among other things. Some even say they run it as an appliance on a virtual environment. Among the compliments Security Event Manager continues to receive are that it has a great dashboard and a remarkable community that helps users get the best out of it. In addition, they say it offers superior protection.

Summary

Security Event Manager
Security Event Manager
  • Starting Price
    • $2
    • 525
  • Free Trial/Demo
    Free Demo and 30 Day Free Trial
  • Deployment
    Installed - Windows
    Web-Based, Cloud, SaaS
  • Support Options
    24/7 (Live Rep)
    Business Hours
    Online
  • Endpoint Management
    No
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
Security Management Platform
Security Management Platform
Exabeam Security Management Platform has a big data architecture that facilitates smarter security. Teams can collect unlimited data and automated manual response solutions, ensuring better response times and more consistent results. When investigating hacker tactics and techniques, the platform contributes to reducing the detection timeline. Behavioral modeling and machine learning make Exabeam's advanced analytics more efficient at threat hunting.

Pros & Cons

Pros

  • Real-time monitoring
  • Threat intelligence
  • Behavioral profiling

Cons

  • Limited customization options
  • Available only as a web app

What Customers Are Saying

Customers speak highly of this software. Many of them say the reason they opted for it was that it was among the most cost-effective security log management solutions in the market. Even with its relatively low cost, users say, Security Management Platform offers excellent value for the price. Additionally, several users have commended the software's user interface as being highly intuitive and easy to navigate.

Summary

Security Management Platform
Security Management Platform
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Demo
  • Deployment
    Installed - Mac
    Installed - Windows
    Web-Based, Cloud, SaaS
  • Support Options
    24/7 (Live Rep)
    Business Hours
    Online
  • Endpoint Management
    No
  • Log Management
    Yes
  • Real-time Monitoring
    No
  • Threat Intelligence
    No
SolarWinds Threat Monitor
SolarWinds Threat Monitor
SolarWinds Threat Monitor is SIEM software that provides managed security providers and MSSP an all-in-one platform for taking care of their networks. It's a cloud-based, centralized command hub with network and host intrusion detection systems with advanced log search for deeper analysis and reporting. With SolarWinds Threat Monitor, there's a better chance of preventing web threats and managing vulnerabilities.

Pros & Cons

Pros

  • Comprehensive reporting
  • Easy to use
  • Easily scalable

Cons

  • Takes relatively long to learn
  • Occasional bugs in log searching

What Customers Are Saying

Customers approve of several aspects of SolarWind's Threat Monitor solution. These include the software's reporting features, easy-to-use interface, and versatility. While some report that its training may take a bit longer, they note that it's easy to use once training is complete. Furthermore, other customers write in their reviews that it leaves an acceptable footprint on the company's IT infrastructure.

Summary

SolarWinds Threat Monitor
SolarWinds Threat Monitor
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Demo
  • Deployment
    Cloud, SaaS, Web
    Mobile - iOS Native
    Mobile - Android Native
  • Support Options
    24/7 (Live Rep)
    Online
  • Endpoint Management
    Yes
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
Splunk Enterprise
Splunk Enterprise
Splunk Enterprise turns ingested data into actionable business-driven tactics. Use log data as metrics to boost monitoring and alerting functionality through better analytics. Remote collaboration makes it easier for workers in the field to troubleshoot issues, and its secure gateway creates an encrypted bridge for better communications. Customized dashboards show rich visualizations of data in ways that provide greater visibility.

Pros & Cons

Pros

  • Active monitoring
  • Behavioral analytics
  • Customizable dashboard

Cons

  • No role-based permissions
  • No collaborations tools

What Customers Are Saying

Overall, customers are generally approving of this SIEM. They describe its dashboards as highly informative, adding that this enables them to monitor server data security with ease. Furthermore, users say, selecting graphical representation gives them access to insightful visuals such as tables and charts of logs. Lastly, many customers are appreciative of the software's ability to capture various formats of data.

Summary

Splunk Enterprise
Splunk Enterprise
  • Starting Price
    • Free version available
    • Custom Quote
  • Free Trial/Demo
    Free Trial
  • Deployment
    Web-Based, Cloud, SaaS
  • Support Options
    Business Hours
    Online
  • Endpoint Management
    Yes
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
Sumo Logic
Sumo Logic
Sumo Logic helps companies become more proactive when it comes to monitoring and troubleshooting operation threats. Admins can better detect where and how compromises happen, hastening investigations and ensuring better compliance. With workflow automation, it's easier to triage alerts and focus on higher priority tasks. Sumo Logic provides complete unified cloud coverage for public, multi-cloud, and hybrid environments. Pricing varies, depending on needs, and starts as low as $0.10 per GB logs.

Pros & Cons

Pros

  • Powerful search functionality
  • Easy to use
  • Cost-effective

Cons

  • No alerts/escalation
  • No capacity planning

What Customers Are Saying

Sumo Logic customers indicate in their reviews that they like the ease with which they can operate this SIEM. Many of their comments suggest that they're satisfied with the value the solution provides their companies. Other reviews mention that Sumo Logic has been highly responsive to their requests for new features. As a result, the reviewers write, the product continues to evolve and improve.

Summary

Sumo Logic
Sumo Logic
  • Starting Price
    • Essentials: $3/GB logs; $0.45/1K DPM
    • Enterprise Operations: $4/GB logs; $0.60/1K DPM
    • Enterprise Security: $4.25/GB logs: $0.64/1K DPM
    • Enterprise Suite: $0.10/GB logs; $2.14/GB search unlimited; $4.75/GB log search, alerts, dashboard; $0.71/1K DPM
  • Free Trial/Demo
    30-Day Free Trial
  • Deployment
    Web-Based, Cloud, SaaS
  • Support Options
    24/7 (Live Rep)
    Business Hours
    Online
  • Endpoint Management
    No
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes
Threat Detection Marketplace
Threat Detection Marketplace
Threat Detection Marketplace is a centralized global content repository. Using the MITRE ATT&CK methodology, companies can draw from approximately 215 techniques to help them with faster threat hunting. This type of real-time forensics facilitates more proactive threat detection. Threat Detection Marketplace provides users with access to LogStash configuration files and plenty of machine learning recipes to use. It easily integrates with prominent SIEM applications, such as ArcSight and QRadar.

Pros & Cons

Pros

  • Compliance tracking
  • Network monitoring
  • Powerful reporting

Cons

  • No application security
  • No vulnerability scanning

What Customers Are Saying

Positive sentiment forms the majority of the reviews this SIEM has received from its customers. They say Threat Detection Marketplace has enabled them to deploy up-to-date detection content for global cyberthreats. In addition, other users say the solution has facilitated the application of specialized vulnerabilities content for their companies.

Summary

Threat Detection Marketplace
Threat Detection Marketplace
  • Starting Price
    • Custom Quote
  • Free Trial/Demo
    Free Trial
  • Deployment
    Web-Based, Cloud, SaaS
  • Support Options
    24/7 (Live Rep)
    Business Hours
    Online
  • Endpoint Management
    Yes
  • Log Management
    Yes
  • Real-time Monitoring
    Yes
  • Threat Intelligence
    Yes

How We Chose the Best SIEM Tools

SIEM — security information and event management — is a method of managing security events, including threat monitoring and information management, which is about dealing with log data. All the information aggregated is categorized. Administrators can see these incidents and then send alerts if those incidents don't fit within established security criteria. In choosing the best SIEM tools, we considered their features, integrations they had, and reports they provided.

Features

Logs are the crux of any SIEM Solution. They provide a trove of real-time and historical data to crunch so teams can gather necessary intelligence. Logs, alerts, and analysis are key must-have features.

Integrations

SIEM integrations with third-party applications can be complicated due to the different protocols and policies. The best software solutions support a variety of integration processes, including secure API calls and remote storage.

Reports

SIEM solutions need to aggregate, filter, and analyze all aspects of the ingested data. A modernized dashboard that aggregates, correlates, and details log entries helps admins get a 360-degree view of infrastructure strengths and weaknesses.