To help you compare the best SIEM solutions, IT Central Station ranked them based on hundreds of real user reviews. These reviews cover all of the best SIEM products from top security vendors, from our esteemed community of enterprise technology professionals. You'll find comparisons of pricing, performance, features, stability and many other criteria. Read below to find out what your peers have to say about SIEM vendors such as Splunk, LogRhythm, AlienVault, McAfee and others.
See all 36 solutions in Security Information and Event Management (SIEM)
Average rating based on reviews
Number of total page views
Number of times compared to another product
Total number of reviews on IT Central Station
Number of followers on IT Central Station
The total ranking of a product, represented by the bar length, is based on a weighted aggregate score.
The score is calculated as follows: The product with the highest count in each area gets the highest available score.
(20 points for Reviews; 16 points for Views, Comparisons, and Followers.)
Every other product gets assigned points based on its total in proportion to the #1 product in
that area. For example, if a product has 80% of the number of reviews compared to the product
with the most reviews then the product's score for reviews would be 20% (weighting factor) *
80% = 16. For Average Rating, the maximum score is 32 points awarded linearly based on our
rating scale of 1-10. If a product has fewer than ten reviews, the point contribution
for Average Rating is reduced (one-third reduction in points for products with 5-9 reviews;
two-thirds reduction for products with fewer than five reviews). Reviews that are more than 24 months old,
as well as those written by resellers, are completely excluded from the ranking algorithm.
What is Security Information and Event Management (SIEM)?
What is SIEM? A Security Information and Event Management (SIEM) system gives security managers a holistic overview of multiple security systems. SIEM tools centrally store and analyze log from different locations in order to spot patterns and trends that might signal an emerging security threat or attack. SIEM security combines a security information management (SIM) system with security event management (SEM) to form a single SIEM software solution. In this way, SIEM blends the best of event management tools with security event and incident management technologies.
There are multiple SIEM vendors competing in the market today. IT Central Station members offer a number of recommendations for those considering SIEM solutions.
One phrase that comes up repeatedly in IT Central Station dialogues about SIEM products is “real time.” According to reviewers, SIEM technology should possess real-time threat analysis and reporting capabilities. Solutions should offer real time security related logs and incident reporting. Reports need to specify possible risks and damage to infrastructure. A SIEM tool should ideally provide real time gathering of logs and Log Correlation. Notification event Triggering and the availability special Event Collectors with different environment is viewed as a most important criterion.
Some IT Central Station members stress the importance of SIEM being able to combine information from multiple sources. The solution has to be capable of intelligent queries on these combined sources. Put another way, SIEM must offer compatibility with diverse security data sources and be able to adapt to new or unknown sources. Then, the SIEM solution should perform multilevel correlation on those sources of data.
Specific features recommended include packet analysis, audit trail creation, threat intelligence and search. Users encourage potential buyers to have confidence in the power of a SIEM solution’s search performance and the performance of its threat intelligence engine. The solution should be capable of parsing any log format.
Best SIEM Solutions & Products
Security Information and Event Management (SIEM) Articles
A Security Engineer by profession and an Electronics and Communication Engineer by education.
My keen interest lies on simplifying processes and managing people in challenging situations.
Qualities like diligence,sincerity,reliability,punctuality,effective communication, a detailed... more>>
More than 8 years as a security engineer with the last 4 years as a SIEM consultant working delivering solutions to multiple industries.
Sr QRadar Professional Services consultant with experience delivering on prem or cloud solution. Performed SOW technical review, sizing, architecture/design,... more>>
I am a Security person and have titles like Security Officer, Security Manager, Säkerhetschef and Säkerhetsskyddschef, these are only titles and not limitations.
My last twenty years has been a road that started with Novell and now i live in the Cloud.
Security in all forms have always been... more>>
Information Security Advisor, CISO & CIO, Docutek Services
About my business:
Docutek is a leading business and technology consulting company specializing in the development and implementation of healthcare technology since 2008. We deliver Consulting, Integration, Support and Training. We also provide clients with security assessment. network... more>>
Shaikh Jamal Uddin is a computer and cyber security expert and has done B.S. in Computer Engineering as well as CPTE, CEH, ECSA, Rapid7: NCA (Nexpose), Rapid7: MPCS (Metasploit), IBM QRadar Certified, TCSE (TrendMicro), KLCC (Kaspersky), MCSA, MCITP professional certifications. Recently, he got... more>>
Dynamic 9 years of IT career, reflecting progressive experience and performance in the computer and Internet industries. Specialized in providing cutting-edge solutions to traditional Security issues; establishing strategic ideas in various domains and demonstrating self-motivation, creativity,... more>>
· Splunk Trust Most Valued Player 2018
· Splunk Certified User, Splunk Certified Power User, Splunk Certified Admin
· Splunk Accredited Sales Rep I & II, Splunk Accredited IT & App Sales Rep, Splunk Accredited Sales Engineer I, II & III
· Among Top... more>>
[EU & Canadian Passport holder / Romanian & Canadian citizenship]
Engineer (Security Professional)
I am passionate about information security since forever. I have 10+ yrs hands-on experience on various inter/intra high-level networking devices... more>>
Assisting companies with broad security analysis, securing and hardening their servers and networks, setting up complete SIEM environments. I set up controls and analyze business processes.
The buzz words: Siem consultant, Certified Information Systems Security Professional (CISSP), Certified... more>>
Cyber Security Advisor / CISO / Healthcare Security Pro
Mr. Christly is a seasoned Technology and Cybersecurity Executive and Consultant.
He has demonstrated success aligning technology investments to streamline operations, secure corporate assets, reduce operating costs, grow sales, and develop the business in healthcare, education, telecom, and... more>>
Not sure which Security Information and Event Management (SIEM) solution is right for you?Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Splunk, LogRhythm, IBM, and more!