SolarWinds Security Event Manager Questions
We all know it's really hard to get good pricing and cost information.
Please share what you can so you can help your peers.
If you were talking to someone whose organization is considering SolarWinds LEM, what would you say?
How would you rate it and why? Any other tips or advice?
Security Information and Event Management (SIEM) Questions
Jan 13 2021
There are many cybersecurity tools available, but some aren't doing the job that they should be doing.
What are some of the threats that may be associated with using 'fake' cybersecurity tools?
What can people do to ensure that they're using a tool that actually does what it says it does?
Sep 24 2020
How do log management and SIEM differ? Is it necessary to have separate tools for each function or can these functions be rolled into one solution?
Which products are best for SIEM, and which are better for log management? Do you have recommendations of products that effectively combine both log management and SIEM?
Jan 04 2021
Do you have recommendations for the best SIEM tool to invest in for a large financial services provider? What particular features of your recommended tool make it the best choice?
Aug 24 2020
I'm the owner of a small tech services company.
I'm looking for help with a template for a SIEM PoC (high-level, generic document). Can anyone help?
Thank you, Dan
Aug 03 2020
What are the differences between how NDR and SIEM work to improve network security? What are the pros and cons of each? Is it necessary to have both types of tools?
Jul 28 2020
Can anyone advise on which SIEM will work best with Palo Alto Cortex XDR?
Buying a SIEM solution, especially for a large enterprise, is a massive decision.
How long does your organization spend on making this decision? How long does it then take to implement?
What are your considerations before pulling the trigger on a particular solution?
What's your shortlist process like?
How do you do your research?
What are your primary considerations?
How do independent user review sites like IT Central Station, or independent analyst reviews, influence your decision?
Would love to hear your thoughts. Thanks in advance :)
Sep 25 2020
I work at mid-sized enterprise bank. I am researching SIEM solutions. Which is the best tool for security information and event management: Arcsight or Securonix?
SIEM and SOAR have a lot of components in common. How do they differ in the role they play in Cyber Security?
If you've been working in cybersecurity, you've likely come across SOAR and SIEM technologies. There are differences between their capabilities, although they have a fair amount of commonalities. They both collect data, but the quantity of data, type of data, and type of response is where they differ. As threats have advanced, security professionals may be in need of both.That's where SOAR and SIEM come to the rescue, although there has been some confusion as to the difference between the two. The two technologies have different competencies, but can be combined to increase a security team's or SOC's effectiveness.
SIEM vs SOAR
In short, SIEM aggregates and correlates data from multiple security systems to generate alerts while SOAR acts as the remediation and response engine to those alerts.SIEM is the collection and aggregation of security data sourced from integrated platforms logging event-related data - firewalls, network appliances, intrusion detection and prevention systems, etc. - then correlates data across devices, categorizes, and analyzes incidents before issuing alerts. The alerts are identified by using sophisticated analytical techniques and machine learning, which require fine tuning. This leaves a lot of alerts for a security team or SOC to prioritize and remediate; a difficult, time-consuming process. SOAR, on the other hand, is designed to help security teams automate the response process by gathering alerts, managing cases, and responding to the endless alerts generated by SIEM. With SOAR, security teams can integrate with security alerts and create adaptive, automated incident response workflows. This gives SecOps the ability to prioritize threats and deliver faster results.
Are event correlation and aggregation both needed for effective event monitoring and SIEM?
Is AWS Cloudwatch enough on its own, or is it a good idea to use a SIEM platform in conjunction with it?
I am the technical director of a science and technology division for the government.
Which SIEM solution would deliver the best ability to identify, protect, detect, respond and recover from a cyber attack?
Thanks! I appreciate your help.
Product CategoriesSecurity Information and Event Management (SIEM)
Download our free SolarWinds Security Event Manager Report and get advice and tips from experienced pros sharing their opinions.
- Which is the best SIEM solution for a government organization?
- What is the difference between IT event correlation and aggregation?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
- What are the must-haves for a SIEM solution?
- What is the difference between SIEM and SOAR platforms?
- What is the difference between log management and SIEM?
- Are you using a SIEM platform with AWS Cloudwatch?
- What is the best SIEM tool for a large financial services firm?
- What is your SIEM buying cycle like?