We performed a comparison between SolarWinds Security Event Manager and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The main benefit is the ease of integration."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The product can integrate with any device."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The most valuable feature is the ease of use for the end user."
"SolarWinds is effective for server, network, and log monitoring. It's also good for IP address management. We also have a patch manager, but we're still working on getting that operational."
"The most valuable feature is the reporting."
"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"SolarWinds is easy to configure, and it provides timely alerts."
"The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."
"This tool is simple to use."
"The most valuable feature in ESM is its search and reporting feature. It's really nice."
"We are now able to completely monitor our environment so we can review what is there, which is a big win for us."
"The most valuable feature is that if the scanning does find something, it quarantines it. Then you can decide what you are going to do with it."
"I like the ease of deployment."
"This solution integrates easily and very well with other technologies."
"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."
"It enables us to detect malicious threats, issues, or vulnerabilities in our network."
"It can be easily deployed with the other solutions."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"The solution should allow for a streamlined CI/CD procedure."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"The troubleshooting has room for improvement."
"The reporting could be more structured."
"SolarWinds should improve its correlation capabilities. The correlation does not automatically detect and reduce the events fast enough. You have to manually do a correlation report, which means the tool is not scalable in many ways."
"The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow."
"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"The only issue is the pricetag. SolarWinds is a costly solution."
"It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
"I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."
"There are some banking and transactional cases that are local, South America transactions. I would like to see them add features that can be used locally, to make those transactions more reliable."
"The only drawback is that they don't have any packet capturing or network behavior analysis."
"The product’s alert response feature needs improvement. It could be more flexible and secure."
"The initial setup is difficult and could improve."
"The product's stability is an area of concern where improvements are required."
"We would welcome integrations with some of the new McAfee acquisitions, e.g., behavioural analytics."
"We cannot add new data sources to the most recent version."
"I would like to see good analytics in future releases."
More SolarWinds Security Event Manager Pricing and Cost Advice →
SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. SolarWinds Security Event Manager is rated 7.8, while Trellix ESM is rated 7.4. The top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender XDR and Wazuh, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Cybereason Endpoint Detection & Response. See our SolarWinds Security Event Manager vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.