Exabeam Fusion SIEM vs Trellix ESM Comparison 2024

Read 85 Microsoft Sentinel reviews

32,763 views|18,195 comparisons

Exabeam Fusion SIEM

Read 10 Exabeam Fusion SIEM reviews

5,139 views|2,437 comparisons

Trellix ESM

Read 34 Trellix ESM reviews

3,720 views|1,591 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Exabeam Fusion SIEM vs. Trellix ESM

March 2024

Executive Summary

We performed a comparison between Exabeam Fusion SIEM and Trellix ESM based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Exabeam Fusion SIEM vs. Trellix ESM Report (Updated: March 2024).

Download the complete report

768,924 professionals have used our research since 2012.

Featured Review

Santhosh I

Subject Matter Expert - Threat Management at a tech services company

Helps prioritize threats and decreases time to detect and time to respond.

The solution improved our organization in a few ways. The key one is the cloud layer of integrations. When we were on-premises with SAP monitoring... Read more →

AYOUB ECH-CHKAF

Security Operations Center Analyst (L2 at Thales

An easy-to-use solution, but its data lake features could be simple to understand

The solution provides an easy-to-use platform to create rules for use cases.

Daniel Durian

Information Security Manager at SM Prime Holdings

Provides visibility of all the traffic within the company infrastructure

It provides threat monitoring from the Internet and if there is malicious activity on the end-point, the ESM can provide us what host is affected.

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications.""Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions.""There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive.""Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information.""The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native.""Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises.""The main benefit is the ease of integration.""Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."

More Microsoft Sentinel Pros →

"The advanced analytics has a really great overview of user behavior.""I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful.""Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions.""The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it.""The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface.""The solution's initial setup process is easy.""The setup is not difficult. It was easy.""It's a very user-friendly product and it's a very comprehensive technology."

More Exabeam Fusion SIEM Pros →

"It enables us to detect malicious threats, issues, or vulnerabilities in our network.""The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller.""The product’s most valuable feature is log monitoring.""The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use.""It is user-friendly. The notification part of McAfee ESM is very easy.""We are now able to completely monitor our environment so we can review what is there, which is a big win for us.""The most valuable feature in ESM is its search and reporting feature. It's really nice.""It has good technical support, which is available around the clock. You can call up anytime and get whatever you want. My queues are resolved."

More Trellix ESM Pros →

Cons

"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language.""Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise.""It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall.""It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools.""The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything...""The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress.""Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex.""They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."

More Microsoft Sentinel Cons →

"The only problem is that the UI is not very impressive.""Updating the new release of Exabeam Fusion SIEM takes time and slows our performance.""The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward.""We still have questions surrounding hardware deployment.""The organzation is rigid and not flexible in the way they operate""Adding to the number of certifications that they have, for example, ISO 27001, would be helpful.""They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however.""We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."

More Exabeam Fusion SIEM Cons →

"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore.""Customized reports and alerting functionality could be included in the dashboard.""The product’s alert response feature needs improvement. It could be more flexible and secure.""I would like to see improvements to the user interface.""Cloud integration has room for improvement because they're not full-fledged to integrate with the cloud solutions that come. They use different integration platforms to bring in data, and that needs to be improved.""Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface.""We would welcome integrations with some of the new McAfee acquisitions, e.g., behavioural analytics.""The solution needs to improve case management. The UI is confusing."

More Trellix ESM Cons →

Pricing and Cost Advice

"It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."

"It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"

"Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."

"I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."

"It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."

"I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."

"Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."

"Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

More Microsoft Sentinel Pricing and Cost Advice →

"They have a great model for pricing that can be based either on user count or gigabits per day."

"There is an annual license required to use Exabeam Fusion SIEM. The price of the solution should be reduced."

"Exabeam Fusion SIEM's pricing is reasonable."

"The solution is expensive."

More Exabeam Fusion SIEM Pricing and Cost Advice →

"You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."

"We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees."

"The cost is dependent on the customer's environment and requirements."

"The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."

"The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."

"We renew our license annually."

"McAfee is the right choice for a low-budget solution."

"The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."

More Trellix ESM Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See Recommendations

768,924 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at a tech company

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threa...

Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »

Read all 10 answers →

What is a better choice, Splunk or Azure Sentinel?

Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »

Which is better - Azure Sentinel or AWS Security Hub?

Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »

Read all 2 answers →

What are the biggest differences between Securonix UEBA, Exabeam, and IBM...

Top Answer:It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier… more »

Read all 2 answers →

What do you like most about Exabeam Fusion SIEM?

Top Answer:The solution's initial setup process is easy.

Read all 10 answers →

What is your experience regarding pricing and costs for Exabeam Fusion SIEM?

Top Answer:The solution is expensive.

Read all 6 answers →

What do you like most about McAfee ESM?

Top Answer:The solution's technical support is great.

Read all 22 answers →

What is your experience regarding pricing and costs for McAfee ESM?

Top Answer:The product is slightly expensive. They offer some discount on the purchase of a certain number of nodes. They should… more »

Read all 16 answers →

What needs improvement with McAfee ESM?

Top Answer:The integration capabilities of Trellix ESM with SaaS solutions are an area of concern where improvements are needed… more »

Read all 20 answers →

Comparisons

AWS Security Hub vs. Microsoft Sentinel

Compared 17% of the time.

IBM Security QRadar vs. Microsoft Sentinel

Compared 12% of the time.

Microsoft Defender for Cloud vs. Microsoft Sentinel

Compared 7% of the time.

Splunk Enterprise Security vs. Microsoft Sentinel

Compared 6% of the time.

Elastic Security vs. Microsoft Sentinel

Compared 5% of the time.

More Microsoft Sentinel Competitors →

IBM Security QRadar vs. Exabeam Fusion SIEM

Compared 10% of the time.

Palo Alto Networks Cortex XSOAR vs. Exabeam Fusion SIEM

Compared 10% of the time.

Splunk Enterprise Security vs. Exabeam Fusion SIEM

Compared 9% of the time.

Splunk User Behavior Analytics vs. Exabeam Fusion SIEM

Compared 8% of the time.

Gurucul UEBA vs. Exabeam Fusion SIEM

Compared 5% of the time.

More Exabeam Fusion SIEM Competitors →

ArcSight Enterprise Security Manager (ESM) vs. Trellix ESM

Compared 18% of the time.

IBM Security QRadar vs. Trellix ESM

Compared 17% of the time.

Splunk Enterprise Security vs. Trellix ESM

Compared 17% of the time.

LogRhythm SIEM vs. Trellix ESM

Compared 16% of the time.

Cybereason Endpoint Detection & Response vs. Trellix ESM

Compared 4% of the time.

More Trellix ESM Competitors →

Also Known As

Azure Sentinel

McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager

Learn More

Microsoft

Exabeam

Trellix

Video Not Available

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:

-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease

Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.

Hulu, ADP, Safeway, BBCN Bank

San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport

Top Industries

REVIEWERS

Financial Services Firm22%

Computer Software Company11%

Manufacturing Company8%

Comms Service Provider8%

VISITORS READING REVIEWS

Computer Software Company16%

Financial Services Firm10%

Government9%

Manufacturing Company7%

VISITORS READING REVIEWS

Computer Software Company14%

Financial Services Firm12%

Manufacturing Company8%

Government8%

REVIEWERS

Financial Services Firm25%

Government15%

Computer Software Company10%

Manufacturing Company10%

VISITORS READING REVIEWS

Educational Organization70%

Computer Software Company5%

Government4%

Financial Services Firm4%

Company Size

REVIEWERS

Small Business33%

Midsize Enterprise21%

Large Enterprise47%

VISITORS READING REVIEWS

Small Business25%

Midsize Enterprise16%

Large Enterprise59%

REVIEWERS

Small Business54%

Midsize Enterprise23%

Large Enterprise23%

VISITORS READING REVIEWS

Small Business22%

Midsize Enterprise16%

Large Enterprise61%

REVIEWERS

Small Business29%

Midsize Enterprise15%

Large Enterprise56%

VISITORS READING REVIEWS

Small Business8%

Midsize Enterprise74%

Large Enterprise18%

Buyer's Guide

Exabeam Fusion SIEM vs. Trellix ESM

March 2024

Free Report: Exabeam Fusion SIEM vs. Trellix ESM

Find out what your peers are saying about Exabeam Fusion SIEM vs. Trellix ESM and other solutions. Updated: March 2024.

DOWNLOAD NOW

768,924 professionals have used our research since 2012.

Exabeam Fusion SIEM is ranked 28th in Security Information and Event Management (SIEM) with 10 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. Exabeam Fusion SIEM is rated 8.0, while Trellix ESM is rated 7.4. The top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Exabeam Fusion SIEM is most compared with IBM Security QRadar, Palo Alto Networks Cortex XSOAR, Splunk Enterprise Security, Splunk User Behavior Analytics and Gurucul UEBA, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Cybereason Endpoint Detection & Response. See our Exabeam Fusion SIEM vs. Trellix ESM report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Exabeam Fusion SIEM vs Trellix ESM comparison

Microsoft Sentinel

Exabeam Fusion SIEM

Trellix ESM