Security Information and Event Management (SIEM): Which solution is best?

IT Central Station users review the highest reviewed solutions in the security information and event management (SIEM) market.

IDGConnect_SIEM_itcentral_shutterstock_1949097475_1200x800
Shutterstock

Security and risk management leaders increasingly want security information and event management (SIEM) solutions with attack detection, investigation, response and compliance capabilities. However, they must balance this desire with an understanding of the resources needed to run such solutions effectively.

Over 388,000 professionals have used IT Central Station research to inform their purchasing decisions. Their latest paper looks at the highest rated SIEM vendors, profiling each and examining what they can offer enterprise.

Here’s a breakdown of the key players currently active in the market:

Azure Sentinel

Average Rating: 8.2

Top Comparison: AWS Security Hub

Overview: A scalable, cloud-native, SIEM and security orchestration automated response (SOAR) solution that lets businesses see and stop threats before they cause harm.

ArcSight Enterprise Security Manager (ESM)

Average Rating: 7.4

Top Comparison: Splunk

Overview: Helps businesses protect their data through compliance solutions and security analytics.

Devo

Average Rating: 8.6

Top Comparison: Splunk

Overview: The only cloud-native logging and security analytics platform that releases the full potential of enterprise data to empower bold, confident action when it matters most.

Fortinet FortiSIEM

Average Rating: 7.5

Top Comparison: Splunk

Overview: Provides an actionable security intelligence platform to monitor security, performance, and compliance through a single pane of glass.

IBM QRadar

Average Rating: 8.2

Top Comparison: Splunk

Overview: This family of products provides consolidated flexible architecture for security teams to quickly adopt log management, SIEM, user behaviour analytics, incident forensics, threat intelligence and more.

LogRhythm NextGen SIEM

Average Rating:  8.2

Top Comparison: Splunk

Overview: Combines advanced security analytics; user and entity behaviour analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) in a single end- to-end solution.

Netsurion EventTracker

Average Rating: 9.0

Top Comparison: Splunk

Overview: A co-managed security solution that delivers actionable security intelligence that empowers organisations of any size to effectively detect and respond to insider threats as well as advanced cyber criminals.

Securonix Security Analytics

Average Rating: 8.4

Top Comparison: Splunk

Overview: A next-generation security analytics platform that transforms big data into actionable security intelligence.

SolarWinds Security Event Manager

Average Rating: 7.9

Top Comparison: Splunk

Overview:  A leading SIEM product and log management solution, which provides log collection, analysis, and real-time correlation.

Splunk

Average Rating: 8.0

Top Comparison: IBM QRadar

Overview: Splunk's vision is to make machine data accessible, usable, and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analysing all activities.

IDGConnect_itcentralstation_siem_downloadbutton_2100x912 IDG Connect
Related: