Find out what your peers are saying about Splunk, LogRhythm, IBM and others in Security Information and Event Management (SIEM).
288,186 professionals have used our research since 2012.
Find out what your peers are saying about Splunk, LogRhythm, IBM and others in Security Information and Event Management (SIEM).
288,186 professionals have used our research since 2012.
Chart Key
Average Rating
Average rating based on reviews
Views
Number of total page views
Comparisons
Number of times compared to another product
Reviews
Total number of reviews on IT Central Station
Followers
Number of followers on IT Central Station
The total ranking of a product, represented by the bar length, is based on a weighted aggregate score. The score is calculated as follows: The product with the highest count in each area gets the highest available score. (20 points for Reviews; 16 points for Views, Comparisons, and Followers.) Every other product gets assigned points based on its total in proportion to the #1 product in that area. For example, if a product has 80% of the number of reviews compared to the product with the most reviews then the product's score for reviews would be 20% (weighting factor) * 80% = 16. For Average Rating, the maximum score is 32 points awarded linearly based on our rating scale of 1-10. If a product has fewer than ten reviews, the point contribution for Average Rating is reduced (one-third reduction in points for products with 5-9 reviews; two-thirds reduction for products with fewer than five reviews). Reviews that are more than 24 months old, as well as those written by resellers, are completely excluded from the ranking algorithm.
Most Views
From IT Central Station visitors
Most Reviews
Within the last 24 months
Most Followed
By IT Central Station users
Most Compared
From IT Central Station visitors

What is Security Information and Event Management (SIEM)?

What is SIEM? A Security Information and Event Management (SIEM) system gives security managers a holistic overview of multiple security systems. SIEM tools centrally store and analyze log from different locations in order to spot patterns and trends that might signal an emerging security threat or attack. SIEM security combines a security information management (SIM) system with security event management (SEM) to form a single SIEM software solution. In this way, SIEM blends the best of event management tools with security event and incident management technologies.

There are multiple SIEM vendors competing in the market today. IT Central Station members offer a number of recommendations for those considering SIEM solutions.

One phrase that comes up repeatedly in IT Central Station dialogues about SIEM products is “real time.” According to reviewers, SIEM technology should possess real-time threat analysis and reporting capabilities. Solutions should offer real time security related logs and incident reporting. Reports need to specify possible risks and damage to infrastructure. A SIEM tool should ideally provide real time gathering of logs and Log Correlation. Notification event Triggering and the availability special Event Collectors with different environment is viewed as a most important criterion.

Some IT Central Station members stress the importance of SIEM being able to combine information from multiple sources. The solution has to be capable of intelligent queries on these combined sources. Put another way, SIEM must offer compatibility with diverse security data sources and be able to adapt to new or unknown sources. Then, the SIEM solution should perform multilevel correlation on those sources of data.

Efficient use is important. A SIEM tool must be easy to deploy, configure and use. SIEM can be more effective if it integrates with Identity and Access Management.  Alerting and workflow integration adds to administrative efficiency.

Specific features recommended include packet analysis, audit trail creation, threat intelligence and search. Users encourage potential buyers to have confidence in the power of a SIEM solution’s search performance and the performance of its threat intelligence engine.  The solution should be capable of parsing any log format.


Best SIEM Solutions & Products

Q&A Forum

Security Information and Event Management (SIEM) Articles

140
Ex Senior Security Analyst and Onsite consultant
A Security Engineer by profession and an Electronics and Communication Engineer by education. My keen interest lies on simplifying processes and managing people in challenging situations. Qualities like diligence,sincerity,reliability,punctuality,effective communication, a detailed... more>>
1,042

3
Sr SIEM Consultant
More than 8 years as a security engineer with the last 4 years as a SIEM consultant working delivering solutions to multiple industries. Sr QRadar Professional Services consultant with experience delivering on prem or cloud solution. Performed SOW technical review, sizing, architecture/design,... more>>
3,587
TOP REVIEWERTOP 5
Security Manager
I am a Security person and have titles like Security Officer, Security Manager, Säkerhetschef and Säkerhetsskyddschef, these are only titles and not limitations. My last twenty years has been a road that started with Novell and now i live in the Cloud. Security in all forms have always been... more>>
5,959
TOP 5POPULAR
Information Security Advisor, CISO & CIO, Docutek Services
About my business: Docutek is a leading business and technology consulting company specializing in the development and implementation of healthcare technology since 2008. We deliver Consulting, Integration, Support and Training. We also provide clients with security assessment. network... more>>
234
Information Security Lead Consultant
Shaikh Jamal Uddin is a computer and cyber security expert and has done B.S. in Computer Engineering as well as CPTE, CEH, ECSA, Rapid7: NCA (Nexpose), Rapid7: MPCS (Metasploit), IBM QRadar Certified, TCSE (TrendMicro), KLCC (Kaspersky), MCSA, MCITP professional certifications. Recently, he got... more>>
25,497
Manager, Enterprise Risk Consulting
Dynamic 9 years of IT career, reflecting progressive experience and performance in the computer and Internet industries. Specialized in providing cutting-edge solutions to traditional Security issues; establishing strategic ideas in various domains and demonstrating self-motivation, creativity,... more>>
32
Technical Lead
· Splunk Trust Most Valued Player 2018 · Splunk Certified User, Splunk Certified Power User, Splunk Certified Admin · Splunk Accredited Sales Rep I & II, Splunk Accredited IT & App Sales Rep, Splunk Accredited Sales Engineer I, II & III · Among Top... more>>
150
TOP 10
Senior Technical Consultant
I experience the implementation of FortiSIEM and Solarwinds LEM
Reviewed Fortinet FortiSIEM (AccelOps): Configuration in initial setup is complex. Product's...
58
Security Manager
[EU & Canadian Passport holder / Romanian & Canadian citizenship] ------------------------------------ Engineer (Security Professional) I am passionate about information security since forever. I have 10+ yrs hands-on experience on various inter/intra high-level networking devices... more>>
90
TOP 20
Assisting companies with broad security analysis, securing and hardening their servers and networks, setting up complete SIEM environments. I set up controls and analyze business processes. The buzz words: Siem consultant, Certified Information Systems Security Professional (CISSP), Certified... more>>
804
Cyber Security Advisor / CISO / Healthcare Security Pro
Mr. Christly is a seasoned Technology and Cybersecurity Executive and Consultant. He has demonstrated success aligning technology investments to streamline operations, secure corporate assets, reduce operating costs, grow sales, and develop the business in healthcare, education, telecom, and... more>>

Sign Up with Email