Dec 31 2019
Real-time alerts and managed services reports give me a view of the landscape, things that might have slipped through the cracks
What is most valuable?Really, all of the features are valuable. Probably the most valuable are the real-time alerts and the weekly reports. They would like to send me the reports daily, but because I'm a one-person shop, I… more»
How has it helped my organization?The solution saves me at least half an FTE, some 20 hours a week. If I didn't have the managed services, I would have to have another half an FTE just to do the work that they do for us. EventTracker… more»
What needs improvement?With version 9 there are so many areas where they changed the look and feel and it is so much easier. I really don't have anything that is a pain point or that I have to work around or that I would… more»
What's my experience with pricing, setup cost, and licensing?If you look at competing products, EventTracker is less than 50 percent more expensive, and I pick up all those managed services. I pick up half an FTE without having to pay benefits.
What other advice do I have?My advice is to get your PO out and make a purchase. I have referred several other companies. I'm involved in several security organizations and it really is one of these diamonds in the rough. I know… more»
Which other solutions did I evaluate?I don't know the reasons why they put this in right away, because we were in a three-year contract — but at the end of that three years the price was going up. I don't know that we had done the math… more»
Sep 16 2019
What is most valuable?The solution is on-prem and we also utilize them for fairly full, managed services. They do tend to babysit it quite a bit. We get daily reports that they piece together… more»
How has it helped my organization?It's come in tremendously handy. We've had small incidents crop up that we've been able to isolate immediately or dig further into because of this. Without that… more»
What needs improvement?They haven't had to fixed much, but we have come back to them with requests for very specialized reporting. Something that's not canned. We might be looking at a… more»
What's my experience with pricing, setup cost, and licensing?I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about… more»
Which solution did I use previously and why did I switch?We did not have a previous SIEM. That was a very big push for us. We realized how little we had in the way of eyes on all of our products, unless we did a manual… more»
What other advice do I have?They are a fantastic team. I would stack them up against anybody. If anybody asks us what we're using for a SIEM, I'd say that this is what we're using. I highly recommend… more»
Which other solutions did I evaluate?At the time, EventTracker was one of the few that did a bit of that behavioral analysis. There was another one, the name escapes me right now. But it was the only other… more»
Find out what your peers are saying about Netsurion, Splunk, AT&T and others in Security Information and Event Management (SIEM). Updated: January 2020.
390,810 professionals have used our research since 2012.
Dec 26 2019
Enabled us to mature the discipline of operational teams by seeing activity outside of standard practice
What is most valuable?The report, each day, of the activities that have happened and the ability to archive and go back and research have been extremely advantageous for us. Examples would be a user having either inappropriately touched a file, or an… more»
How has it helped my organization?The result of the reports on activity and the archiving for research has been that the operational teams are more consistent in the usage of standard practice which, from an efficiency perspective, has removed the need for the information… more»
What needs improvement?I like the dashboard. Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of… more»
Which solution did I use previously and why did I switch?We did not have a solution in place prior to EventTracker. Prior to this, in a company I had been at just before I got here, we used IBM's QRadar and, although we did look at that product here, I found that EventTracker was more appropriate… more»
What other advice do I have?It's a simple product. It's a lot easier to implement and deploy than the other SIEMs I've used throughout my career. The advice would be that using it is a good decision. There's no reason to shy away from the product. From an event-alert… more»
Jan 05 2020
SIEMphonic gives us an expert set of eyes on things, and assistance with rules has been a huge time saver
What is most valuable?Other than the log aggregation and alerting, their reports modules have come a long way. But for the most part, we stay right in the wheelhouse of the product to use it to… more»
How has it helped my organization?Their run-and-watch service (now renamed SIEMphonic) has saved from having to hire at least one FTE. In addition, having an expert set of eyes on things and their… more»
What needs improvement?In terms of advanced queries, I wouldn't say EventTracker is lagging behind its peers. The latter just make it easier to get to them. EventTracker is designed more for a… more»
What's my experience with pricing, setup cost, and licensing?Our cost is significantly less than what it would have been for one of the competitor's products, and that includes the run-and-watch service (SIEMphonic). You can go with… more»
Which solution did I use previously and why did I switch?We did not have a previous solution. We do annual audits, and the lack of a SIEM showed up in one of our audits as a piece that we needed to start investigating, four or… more»
What other advice do I have?The biggest lesson really isn't an EventTracker lesson, it's more of a SIEM lesson. And that lesson is: It's a lot of data. When you have a lot of data, it's going to take… more»
Which other solutions did I evaluate?When we acquired EventTracker, we went through an assessment process, reviewing five or six different manufacturers of SIEMs. The frontrunners were the typical players… more»
Dec 11 2019
Provides a good structure to review logs and is easy to use. However, unless you are using SSDs, the Elasticsearch does not work well.
What is most valuable?It is fairly easy to use. I am mainly just a one man shop. I look at EventTracker about once a day as far as different incidents and stuff goes. I don't have enough time… more»
How has it helped my organization?We send the Snort IDS alerts to EventTracker, e.g., high level ones like Ransomware and data leak type alerts, we are sending the Snort alerts to EventTracker. For things… more»
What needs improvement?The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard… more»
What's my experience with pricing, setup cost, and licensing?When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit… more»
Which solution did I use previously and why did I switch?Before EventTracker, we did use another solution. I think it was a Symantec SIEM, but they discontinued it. So, we were looking for a different solution.
What other advice do I have?I would rate the product as a seven (out of 10). We don't use the dashboard widgets, but we are planning on it.
Which other solutions did I evaluate?We looked at a handful of different solutions out there. When we were looking at SIEM solutions out there, we were looking to replace Symantec. We were looking at Arctic… more»
Feb 26 2019
What is most valuable?The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls… more»
How has it helped my organization?It gives us a real idea of our network environment, VPN access, alerts and more. We are able to identify where we're getting scanned externally from potentially malicious… more»
What needs improvement?There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but… more»
What's my experience with pricing, setup cost, and licensing?The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same. It's just what a system like… more»
Which solution did I use previously and why did I switch?We did not have a previous solution. They had already purchased this product before I came into the organization. There are a couple systems out there where people have… more»
What other advice do I have?If it's your first SIEM event-correlation system, be prepared for a long process. That's not just because it's EventTracker. That seems like that's what that process… more»
Which other solutions did I evaluate?I've looked at AlienVault. That's the only one that I can recall looking at extensively. But cost-wise it really wasn't worth it to us to switch to that system. It might… more»
Feb 13 2019
Identifies potential threats and the remediation that I should take to be able to quell those threats
What is most valuable?The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events… more»
How has it helped my organization?It is protecting us from cyber threats. We get a lot of information security audits from our larger clients. I wanted to be able to have intrusion detection and… more»
What needs improvement?The deployment of the agents could be a bit easier. We always seem to have a bit of a challenge with that. A lot of times the agents either don't deploy or they quit… more»
What's my experience with pricing, setup cost, and licensing?The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I… more»
Which solution did I use previously and why did I switch?We did not use another solution prior to EventTracker.
What other advice do I have?The solution has been everything that I've asked for from a service standpoint, software standpoint, and support. I have no complaints. My advice would be to engage them… more»
Which other solutions did I evaluate?I was doing a cursory review of different things by doing a web search, like a Google search, and looking at different options. I came across Netsurion, who are local to… more»
Feb 26 2019
What is most valuable?The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're… more»
How has it helped my organization?We use those standard reports every day and monitor them. It does save us some time from having to go out manually and pull that information together. With the daily reports that we get, we can easily scan through them and find any… more»
What needs improvement?I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports. Other than that it's… more»
What's my experience with pricing, setup cost, and licensing?Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good.
What other advice do I have?Go through some training to know the ins and outs of the application. It has changed quite a bit in the seven years I've worked with it, and it would be a good idea to do some more training to learn all the new features and to make sure you… more»
See 2 More EventTracker Reviews
User Assessments By Topic About EventTracker
What is EventTracker?
EventTracker by Netsurion delivers actionable security intelligence that empowers organizations of any size to effectively detect and respond to advanced threats.
EventTracker Security Center
EventTracker Security Center is one platform for all critical SIEM capabilities necessary for real-time security monitoring, advanced threat detection and response, and audit-ready compliance. With Security Center, you are able to quickly identify security threats, malware, unusual behavior and suspicious network traffic, and respond more effectively.
EventTracker SIEMphonic is our Co-Managed SIEM service that functions as an extension of your team to strengthen defenses, respond in real-time, control costs, and optimize your team's abilities. EventTracker SIEMphonic is includes our own award-winning platform that has been included in the Gartner Magic Quadrant for SIEM for 11 consecutive years. Whether on-premise or in the cloud, our 24/7 ISO/IEC 27001-certified Security Operations Center (SOC) provides expertise so you can focus on the unique requirements of your organization.
The Salvation Army, The FRESH Market, Pacific Western Bank, AAOS, Vanderbilt University, Talbots