RSA NetWitness Logs and Packets (RSA SIEM) Competitors and Alternatives

The top RSA NetWitness Logs and Packets (RSA SIEM) competitors are
  • Splunk
  • IBM QRadar
  • ArcSight
  • Cisco Stealthwatch Enterprise
  • LogRhythm NextGen SIEM
  • FireEye Network Security
  • RSA enVision
  • Symantec Advanced Threat Protection
Read reviews of RSA NetWitness Logs and Packets (RSA SIEM) competitors and alternatives
Doug Dayley
Real User
IT Infrastructure Manager at Jeunesse Global
Oct 25 2017

What is most valuable?

Well our eCommerce site is very important to our business. So not only NetMon, but also just knowing the traffic that's coming in and out of... more»

How has it helped my organization?

* We have been impressed with the data that we're getting back. * We have been impressed with the look and feel, ease of use, and things of that... more»

What needs improvement?

Better knowledge transfer during implementation. We definitely thought it was complex when we initially set it up, but that is usually just a... more»

Which other solutions did I evaluate?

We have come from a separate SIEM, SolarWinds, and just purchased LogRhythm within the past couple of months. They switched because they flat... more»

What other advice do I have?

Do your due diligence. For the most part, you're dealing with the same data depending on who your SIEM is. It is still the same data that's... more»
Splunk Logo
Splunk
Scott Odle
Real User
Business Intelligence Developer at a university with 10,001+ employees
Apr 25 2018

What is most valuable?

The search language is easy to understand and teach to new users. The SDK is comprehensive and has incredible levels of integration with the platform and data.

How has it helped my organization?

Splunk has enabled us to detect, even predict potential security issues, before they become severe. It has enabled our operations and development teams to more efficiently monitor and troubleshoot their systems.

What needs improvement?

* Certain sections of the developer documentation could use some updating and clarification. * Search head clustering is often temperamental in its current state and should be improved, replaced by something better, or be reverted to search... more»
Willem Albertus Potgieter
Real User
Vulnerability Manager at a tech services company with 51-200 employees
Jun 17 2018

What is most valuable?

The threat protection network is the most valuable feature because when you get an offense, you can actually trace it back to where it... more»

How has it helped my organization?

Normally, an offense comes in and an offense is something negative, to put it plainly, that impacted your environment. Once it comes through,... more»

What needs improvement?

I would like to see a more user-friendly product. I would like them to make it much more user-friendly. At this stage, you need to use a lot of... more»

Which other solutions did I evaluate?

We used Splunk in the past and we are using both products at the same time.

What other advice do I have?

Just spec it correctly and it will do its job for you. It has an active community. IBM patches the product regularly when problems are picked... more»

Sign Up with Email