Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
Datadog is a cloud monitoring solution that is designed to assist administrators, IT teams, and other members of an organization who are charged with keeping a close eye on their networks. Administrators can use Datadog to set real-time alerts and schedule automated report generation. They can deal with issues as they arise and keep up to date with the overall health of their network while still being able to focus on other tasks. Users can also track the historical performance of their networks and ensure that they operate at the highest possible level.
It has always scaled for us. Cost scales up too, but that is not necessarily a bad thing. It's reasonable for what they're providing.
It costs the same amount it would if we were hosting it ourselves, so we are incredibly happy with the cost.
It has always scaled for us. Cost scales up too, but that is not necessarily a bad thing. It's reasonable for what they're providing.
It costs the same amount it would if we were hosting it ourselves, so we are incredibly happy with the cost.
Dynatrace is an AI-powered software intelligence monitoring platform that accelerates digital transformation and simplifies cloud complexities. Dynatrace is an entirely automated full-stack solution that provides data and answers about the performance of your applications and deep insight into every transaction throughout every application, including the end-user experience. By modernizing and automating enterprise cloud operations, users can deliver an optimal digital experience with higher quality software to customers faster.
Decodes on less used/popular protocols are available, but they should be included. Additional investment should not be required.
Pricing is based on the number of servers monitored, so for big applications, it is a bit expensive.
Decodes on less used/popular protocols are available, but they should be included. Additional investment should not be required.
Pricing is based on the number of servers monitored, so for big applications, it is a bit expensive.
Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that.
Our licensing fees are billed annually and per terabyte.
Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
Graylog is purpose-built to deliver the best log collection, storage, enrichment, and analysis. Graylog is:
Having paid official support is wise for projects.
I am using a community edition. I have not looked at the enterprise offering from Graylog.
Having paid official support is wise for projects.
I am using a community edition. I have not looked at the enterprise offering from Graylog.
Sumo Logic empowers the people who power modern, digital business. Our cloud-native SaaS analytics platform powered by logs helps customers deliver reliable and secure cloud-native applications. With Sumo Logic, practitioners and developers can ensure application reliability, secure and protect against modern threats and gain insights into their cloud infrastructures. Customers worldwide rely on our scalable platform to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit: SUMOLOGIC.COM
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
Real-time log management and analysis
The cost of using Stackdriver depends on usage.
The cost could be lower.
The cost of using Stackdriver depends on usage.
The cost could be lower.
Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
Amazon CloudWatch is a monitoring and observability service provided by Amazon Web Services (AWS). It allows users to collect and track metrics, collect and monitor log files, and set alarms. With CloudWatch, users can gain insights into their applications, infrastructure, and services, enabling them to make informed decisions and take necessary actions.
We have monthly licensing costs. The licenses are probably in the vicinity of about $300 - $350/month.
Its pricing is reasonable. It is sometimes tricky, but it is reasonable as compared to others.
We have monthly licensing costs. The licenses are probably in the vicinity of about $300 - $350/month.
Its pricing is reasonable. It is sometimes tricky, but it is reasonable as compared to others.
Securonix Security Analytics SNYPR is a next-generation security analytics platform that transforms big data into actionable security intelligence, enabling you to take care of so much more than simply your SIEM (security information and event management) needs. In addition, it contains all of the tools that you may need to enable your organization to successfully handle both log management as well as UEBA (user and entity behavior analytics)-related tasks. The SNYPR management platform gives users the ability to combine security orchestration, automation, and response, security information and event management, network traffic analysis, and user and entity behavior analytics. This single technical environment does away with your need for multiple security, management, and analytics solutions.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
Optimizing SIEM
syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM.
Syslog-ng is a free open-source solution.
Syslog-ng is open-source.
Syslog-ng is a free open-source solution.
Syslog-ng is open-source.
Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer and ADAudit Plus into a single console to help you manage your Active Directory auditing and network security easily.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
Pricing could always be lower. If it were free, I would be more satisfied.
The license cost for any other monitoring tool is too high compared to this product.
Pricing could always be lower. If it were free, I would be more satisfied.
The license cost for any other monitoring tool is too high compared to this product.
The IBM® SevOne Network Performance Management (IBM SevOne NPM) solution helps you spot, address, and prevent network performance issues early with machine learning-powered analytics from a single source. Boost network performance and improve your user application experience by proactively monitoring your multivendor end-to-end network across enterprise, communication, and managed service provider networks.
Prices per license are not huge, but they exist.
Have a bank of licenses, because it is about the number of objects (RAM, ports, CPU, etc.).
Prices per license are not huge, but they exist.
Have a bank of licenses, because it is about the number of objects (RAM, ports, CPU, etc.).
A syslog server is a logging server that allows for the centralized collection of syslog messages, known as events, from a variety of networking devices such as routers, switches, and firewalls, in addition to servers running a variety of operating systems.
We subscribe and pay directly on the website.
The price of SolarWinds Kiwi Syslog Server could improve.
We subscribe and pay directly on the website.
The price of SolarWinds Kiwi Syslog Server could improve.
Your organizations IT infrastructure generate huge amount of logs every day and these machine generated logs have vital information that can provide powerful insights and network security intelligence into user behaviors, network anomalies, system downtime, policy violations, internal threats, regulatory compliance, etc. However, the task of analyzing these event logs and syslogs without automated log analyzer tools can be both time-consuming and painful if done manually.
There is a yearly subscription for the solution.
ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license.
There is a yearly subscription for the solution.
ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license.
Security Onion is a free and open Linux distribution for threat hunting, enterprise security monitoring, and log management. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!
Security Onion includes a native web interface with built-in tools analysts use to respond to alerts, hunt for evil, catalog evidence into cases, monitor grid performance, and much more. Additionally, third-party tools, such as Elasticsearch, Logstash, Kibana, Suricata, Zeek (formerly known as Bro), Wazuh, Stenographer, CyberChef, NetworkMiner, and many more are included.
Security Onion is a free solution.
It is an open-source solution.
Security Onion is a free solution.
It is an open-source solution.
Grafana Loki is a powerful log aggregation and analysis tool designed for cloud-native environments. Its primary use case is to collect, store, and search logs efficiently, enabling organizations to gain valuable insights from their log data.
You can use the free version of Grafana Loki on-premises.
My company doesn't need to pay for the licensing cost of the solution.
You can use the free version of Grafana Loki on-premises.
My company doesn't need to pay for the licensing cost of the solution.
The pricing is quite harsh.
It's not cheap at all as it's a big product and has been in the market for quite some time now.
The pricing is quite harsh.
It's not cheap at all as it's a big product and has been in the market for quite some time now.
Check Point Security Management is an advanced security management platform for enterprises. The platform integrates all aspects of security. A single platform manages the entire infrastructure, from data centers to private/public cloud deployments.
Do the homework because Check Point is rather expensive.
This product can be used for 25 security gateways on a basic license.
Do the homework because Check Point is rather expensive.
This product can be used for 25 security gateways on a basic license.
Nagios Enterprises delivers official products, services, and solutions for and around Nagios – the industry standard in enterprise-grade IT infrastructure monitoring. With millions of users worldwide, Nagios is the undisputed champion in the IT monitoring space. Our team of dedicated professionals works to ensure total customer satisfaction with all the services we provide. Our extensive network of partners helps extend Nagios services and solutions to new organizations and markets worldwide to meet a variety of business needs. Nagios Enterprises was founded in 2007 by Ethan Galstad. Ethan created what would later become known as Nagios in 1999, and currently serves as the President of Nagios Enterprises.
We found the pricing to be quite affordable.
For a single instance, the price is around $4,000.
We found the pricing to be quite affordable.
For a single instance, the price is around $4,000.
Logz.io is a leading cloud-native observability platform that enables engineers to use the best open source tools in the market without the complexity of operating, managing, and scaling them. Logz.io offers four products: Log Management built on ELK, Infrastructure Monitoring based on Prometheus, Distributed Tracing based on Jaeger, and an ELK-based Cloud SIEM. These are offered as fully managed, integrated cloud services designed to help engineers monitor, troubleshoot and secure their distributed cloud workloads more effectively. Engineering driven companies like Siemens, Unity and ZipRecruiter use Logz.io to simplify monitoring and security workflows, increasing developer productivity, reducing time to resolve issues, and increasing the performance and security of their mission-critical applications.
The tool is an open source product.
The product's pricing is cheaper than other solutions.
The tool is an open source product.
The product's pricing is cheaper than other solutions.
Splunk Cloud is the industry’s only enterprise-ready cloud service for machine data, offering a 100% uptime SLA and standard plans from 5GB/day to 5TB/day. Watch this video to find out how you can accelerate time-to-value and stay focused on your core business using Splunk Cloud.
The licensing is based on the amount of data that we send to the cloud on a daily basis.
The licensing costs depend on the state of your environment and the fees are paid on a monthly basis.
The licensing is based on the amount of data that we send to the cloud on a daily basis.
The licensing costs depend on the state of your environment and the fees are paid on a monthly basis.
DNIF HYPERCLOUD is a cloud native platform that brings the functionality of SIEM, UEBA and SOAR into a single continuous workflow to solve cybersecurity challenges at scale. DNIF HYPERCLOUD is the flagship SaaS platform from NETMONASTERY that delivers key detection functionality using big data analytics and machine learning. NETMONASTERY aims to deliver a platform that helps customers in ingesting machine data and automatically identify anomalies in these data streams using machine learning and outlier detection algorithms. The objective is to make it easy for untrained engineers and analysts to use the platform and extract benefit reliably and efficiently.
The pricing is based on the log size.
The solution requires a huge infrastructure and that is costly.
The pricing is based on the log size.
The solution requires a huge infrastructure and that is costly.
Rapid7 InsightOps is the next evolution of the Logentries log management technology, combining cloud-based log centralization with IT asset search to make log management fast and easy.
The product is cheap.
The product is cheap.
Unify security, log management, and observability with the new CrowdStrike Falcon LogScale module, the next evolution of Humio, including the all-new managed Falcon Complete LogScale service.
Today’s enterprises must manage a massive amount of machine data. They require a platform that enables engineering teams to deliberately route and store structured and unstructured data for different teams with unique use cases. Legacy platforms weren’t made for this moment.
Mezmo, formerly LogDNA, lets organizations ingest, process, route, analyze, and store all of their log data. Purpose-built for modern engineering teams—including developers, SREs, IT Operations, and Security Engineers—the Mezmo platform is trusted by thousands of companies for SaaS, cloud, and hybrid applications.