RSA NetWitness Logs and Packets (RSA SIEM) Competitors and Alternatives

Get our free report covering Splunk, IBM, Micro Focus, and other competitors of RSA NetWitness Logs and Packets (RSA SIEM). Updated: October 2019.
372,374 professionals have used our research since 2012.

Read reviews of RSA NetWitness Logs and Packets (RSA SIEM) competitors and alternatives

Mathieu Dorckel
Consultant
Cybersecurity Engineer Consultant at a tech services company with 501-1,000 employees
Jun 11 2018

What is most valuable?

The correlation and the parsing are important features, since it is very important for a SIEM to have a good scalability and performance.

How has it helped my organization?

Previously, we had to do a lot of debugging when we wanted to change our firewall policy to find out which rule was blocking things, etc. With Qradar, when you integrate… more»

What needs improvement?

The weak signal detection with QRadar needs improvement. You can detect what you know, but what is unknown to the rule engine can't be detected, similar to a base rule of… more»

What's my experience with pricing, setup cost, and licensing?

Think what you will integrate into QRadar. It is a SIEM. You need to send it logs, but not everything. Pricing (based on EPS) will be more accurate.

If you previously used a different solution, which one did you use and why did you switch?

My service since the beginning has been to only sell and manage QRadar.

What other advice do I have?

Think scalability and make sure your product can be integrate into QRadar.

Which other solutions did I evaluate?

I had the chance to test some other products, and there is a lot of them on the market. However, when you have to deploy and manage it, not just demo it, it is a total… more»
Ala Khalil
Reseller
PreSales Director at a tech services company
Nov 11 2018

What is most valuable?

The feature that I find most valuable is the MIR (Mandiant Incident Response) for checks on our inbound security.

What needs improvement?

The one thing that needs to improve is that they use guidance or FDK for max data. They don't have their own tools, that is a weakness in the Mandiant.

What's my experience with pricing, setup cost, and licensing?

We looked into other forensic options in the past. We used to use RSA in the past, but it is not the same as FireEye.

What other advice do I have?

The world is currently shifting to AI, Artificial Intelligence engines. FireEye, now has nothing in the road map to shifting to AI. Other companies do have a roadmap for AI integration. Now the hacker is more intelligent. The hacker is going to hack the laptop for example, and an AI engine could be… more»
Get our free report covering Splunk, IBM, Micro Focus, and other competitors of RSA NetWitness Logs and Packets (RSA SIEM). Updated: October 2019.
372,374 professionals have used our research since 2012.
Sign Up with Email