2018-02-05 13:51:00 UTC

Was your research of SIEM products on our site for a purchase? If not, what was it for?


I'm a community manager here at IT Central Station and I'm doing some research to try to make our platform even better. I'd really appreciate it if you could answer a few quick questions.

Was your research of SIEM products on our site for a purchase? If not, what was it for?

Which product did you end up choosing and when did you finalize the purchase?

Was IT Central Station content helpful in helping you make a decision?

What other content or data could we have offered that would have helped you make a quicker/better decision?

I really appreciate your help! Rhea

Guest
2525 Answers
User

Was your research of SIEM products on our site for a purchase? If not, what was it for?

* Yes I'm a Cyber Security Consultant and I was comparing between Qradar and Splunk for a customer that is a health care provider.

Which product did you end up choosing and when did you finalize the purchase?

* The customer choose Splunk because it was more customizable.

Was IT Central Station content helpful in helping you make a decision?

* Yes, was a nice information source.

What other content or data could we have offered that would have helped you make a quicker/better decision?

* Technical facts comparison and screenshot of each technical capabilities for each product.

2018-02-12 15:23:20 UTC12 February 18
Real UserTOP 10

I appreciate the services and knowledge offered by itcentralstation.com, answering your questions:

1- I researched SIEM because we are a security systems integrator and I wanted to know which solution would best meet customer needs.

2- We ended up focusing on Splunk for security and IT ops use cases. We would consider LogRhythm for SIEM/SOC use case only.

3- The content from IT Central Station is very helpful all the time and I sue your site to evaluate other technologies and solutions as well.

4- If you can include 3rd party analyst reports as well then it would add value.

2018-02-07 14:39:24 UTC07 February 18
Consultant

The research was purely for self-education.

2018-02-07 12:45:28 UTC07 February 18
Real UserTOP 20

It was just for research purposes

2018-02-07 12:24:29 UTC07 February 18
Real UserTOP 10

Research only, to determine how the market is changing and what components various vendors and reference sites are including within this term.

2018-02-07 08:55:44 UTC07 February 18
User

Was your research of SIEM products on our site for a purchase? If not, what was it for?
No. It was for understanding how current scale up to customer needs.

Which product did you end up choosing and when did you finalize the purchase?
Leaning towards AllenVault ot developing our own.

Was IT Central Station content helpful in helping you make a decision?
Yes.

What other content or data could we have offered that would have helped you make a quicker/better decision?
What are various customer setups and field deployments where these products are used.

2018-02-07 04:06:58 UTC07 February 18
User

Here is my answer to the first question: I'm deploying IBM Qradar. Thanks

2018-02-07 03:46:54 UTC07 February 18
User

Was your research of SIEM products on our site for a purchase? -- Yes

Which product did you end up choosing and when did you finalize the purchase? -- Not yet finalised, the project is delayed a few months.

Was IT Central Station content helpful in helping you make a decision? -- Yes

What other content or data could we have offered that would have helped you make a quicker/better decision?

2018-02-07 03:09:41 UTC07 February 18
User

1) Was your research of SIEM products on our site for a purchase? If not, what was it for?
Answer: Yes, it to purcahse. But not for my use, but for to make a recommendation for our customer.

2) Which product did you end up choosing and when did you finalize the purchase?
Answer: We have recommended ArcSight, Qlader and Splunk.

3) Was IT Central Station content helpful in helping you make a decision?
Answer: Yes

4) What other content or data could we have offered that would have helped you make a quicker/better decision?
Answer: Use case in various field of industry.

2018-02-06 23:17:47 UTC06 February 18
User

We are actively looking for a SIEM product to be installed in the next two months.

2018-02-06 22:57:56 UTC06 February 18
User

I was/am researching a new cloud based SIEM solution for our organization.

We are doing a POC with EventTracker starting next week.

I wish I could tell you if your site was helpful, but I stumbled across them while they were trying to sell something else to me. I told them what I needed and they said ‘well, yes, we do that too.’

I don’t have a suggestion for you as to how to improve, this particular search was done on multiple sites as well as google and bing, and most everyone was at least a little helpful.

2018-02-06 22:28:32 UTC06 February 18
Vendor

1) Was your research of SIEM products on our site for a purchase? If not, what was it for?
Answer: Yes it was vendor research specific.
2) Which product did you end up choosing and when did you finalize the purchase?
Answer: other priorities but still on our radar for this year
3) Was IT Central Station content helpful in helping you make a decision?
Answer: Very much so, Thank You!
4) What other content or data could we have offered that would have helped you make a quicker/better decision?
Answer: Pros & cons of each product - generally based on utility, market share, & price

2018-02-06 22:12:00 UTC06 February 18
Vendor

We are using ArcSight and there are discussions with upper-management to use Splunk in a short future thus I would like to find information that compares ArcSight and Splunk technically.

I am an expert in ArcSight thus I know that ArcSight is very complex to build something but it is very flexible.
I don't know what propose Splunk SIEM solution.

I would like to have a real comparison because if you check them individually, they say that they are the best choice but when you are expert you know that it is wrong or it is in a specific situation.

I would like to know how to size the Splunk infra if I want to do the same as ArcSight.

Currently, I have not found the answers to my questions on your website but I continue to search.

ArcSight has been already bought thus I need more info on Splunk, the limitation of the product, how to size it, what I couldn't do with it compare to ArcSight.

If you could help me on these points, it will be very nice because I am currently very busy.

2018-02-06 20:54:07 UTC06 February 18
User

I am researching SIEM products in order to add one of them to our company security portfolio.
I am interested in SPLUNK.

2018-02-06 19:41:51 UTC06 February 18
Vendor

Was your research of SIEM products on our site for a purchase? If not, what was it for?

If I remember correctly, it was Splunk vs. LogRhythm review scores. We were interested in OEMing LR.

Which product did you end up choosing and when did you finalize the purchase?

That client went with Splunk.

Was IT Central Station content helpful in helping you make a decision?

It was at least moderately useful.

What other content or data could we have offered that would have helped you make a quicker/better decision?

2018-02-06 19:12:49 UTC06 February 18
User

Was your research of SIEM products on our site for a purchase? If not, what was it for?
Answer: No, it was for market and product comparisons and research, of reviews on the various SIEM technologies.

Which product did you end up choosing and when did you finalize the purchase?
Answer: We finalized a purchase and decided to go with FortiSIEM. We were partial to AlienVault solution as well, however some cost saving led us to go with FortiSIEM, considering we already have some Fortinet solutions in place within our environment).

Was IT Central Station content helpful in helping you make a decision?
Answer: Yes ITCS has plenty of useful information, the Buyer's Guide was helpful with our market research.

What other content or data could we have offered that would have helped you make a quicker/better decision?
Answer: More side-by-side comparisons between all vendors within this space. Also more real time feedback pertaining to operational input would be very helpful. Labs, are handy however they really don't necessarily relate/mimic the real SOC world.

2018-02-06 19:00:09 UTC06 February 18
User

Was your research of SIEM products on our site for a purchase? If not, what was it for?
Answer: No, this was more research to get an cross comparison of reviews on the various SIEM technologies.

Which product did you end up choosing and when did you finalize the purchase?
Answer: We haven't finalized a purchase. However we did narrow our POC scope to 2 vendors (Spunk and AlienVault).

Was IT Central Station content helpful in helping you make a decision?
Answer: Yes, the Buyer's Guide was helpful.

What other content or data could we have offered that would have helped you make a quicker/better decision?
Answer: More side-by-side comparisons between the vendors. Also more real-world operational input. While you created a testing lab, it doesn't necessarily relate to a real world SOC.

2018-02-06 18:19:10 UTC06 February 18
Vendor

This is my view, not IBM's view:
If you could answer a few quick questions.
Was your research of SIEM products on our site for a purchase? If not, what was it for?
So, I provide Solution Guidance to many of the corporate SalesForce and their support staffs for given projects and deals. In this case, for a
situation where there was some form of global merger going on. Parts of the customer company had ArcSight, other parts other tools, and some parts QRadar. Could all of these live together and form part of a Global Immune System was sort of the question. [IBM Immune System -
https://ibm.biz/Bdignb and http://www-03.ibm.com/security/infographics/immune-system/ ] I wanted to check that what I had been told internally and from Corporate marketing (based on IDC, Forrester, Gartner) with an independent source such as yourselves with hands-on experience. Your info confirmed what I thought I
knew; particularly about :
a) ArcSight having a quite steep learning curve - requires staff with expertise and certainly SME for ArcSight
b) ArcSight ESM works well on physical hardware but not yet aligned for Cloud and needs a lot of extra work to tune it even to a Virtual
Hypervisor. Without proper tuning, running ESM on VMware does not work well.
Which product did you end up choosing and when did you finalize the purchase?
As this Global Corporation needs to streamline and integrate all of their
Mergers and Acquisitions security operations this will take some time;
throughout which they will want to run the same as-is until they migrate to their evolving ww new secured infrastructure based on Hybrid Cloud.
They were seeking a Solution and Systems Integrator and also a Strategic
Security Partner for the year of WW Regulatory Change (GDPR, NIS, etc...)
My corporation will be able to provide all of that whilst initially still continuing to run the ArcSight until contract renewal and perhaps even after that. We will build on the QRadar SIEM they have within one part of their organization whilst coexisting with ArcSight in another.
Core Contract was signed in January.
Was IT Central Station content helpful in helping you make a decision?
I didn't have to make a decision as such but was able to clarify they could co-exist and what the ramifications would be for there to be streamlined organization and the overall Systems Integration, Transition and Transformation and core enterprise security. Your information clarified and confirmed as per the answer above.
What other content or data could we have offered that would have helped you make a quicker/better decision?
It is all there yet perhaps there should be some overview that puts all such products against an ISO / ISF, CoBit or Cloud Security Alliance or indeed the NIST Security Framework 800-53; it's not much use to have a SIEM product that isn't truly integrated with your entire Security Monitoring Framework and particular the Analytics and User Behaviour in readiness for some sort of Threat Reduction capability that all CxO's would love. So a mapping against a Standard Security Framework and the bigger picture would help considerably for such a purchase moving forward and catering for the ever complex Regulatory Framework.
I hope that helps

2018-02-06 17:08:48 UTC06 February 18
Real User

I seem to recall someone from your end reached out to me for comment on our SIEM experience and purchase.

2018-02-06 14:58:51 UTC06 February 18
User

Was your research of SIEM products on our site for a purchase? If not, what was it for?

We are an IT provider, I was about to get better understanding positioning various products of similar profile. I compared IBM QRadar, SPLUNK, LOGRHYTHM

Which product did you end up choosing and when did you finalize the purchase? My company favorites IBM´s QRADAR

Was IT Central Station content helpful in helping you make a decision? YES, Thank You. I received through IT Central Station very nice and helpful contact who helped to gain transparency about the different SIEM products

What other content or data could we have offered that would have helped you make a quicker/better decision? I am satisfied with the fast response and got all the info needed.

I

2018-02-06 14:47:07 UTC06 February 18
User

Was your research of SIEM products on our site for a purchase? If not, what was it for?
ME: No. For market/product research.

Which product did you end up choosing and when did you finalize the purchase?
ME: I am partial to AlienVault.

Was IT Central Station content helpful in helping you make a decision?
ME: ITCS has a lot of useful information in helping me with my market research.

What other content or data could we have offered that would have helped you make a quicker/better decision?
ME: The more side by side comparisons you have "AlienVault vs LogRythm", "AlienVault vs Splunk" on your site, the better.

I really appreciate your help! Chaya
ME: No problem! Take care.

2018-02-06 14:37:47 UTC06 February 18
User

Simply Splunk.

2018-02-06 14:03:11 UTC06 February 18
User

Research only

2018-02-06 13:33:51 UTC06 February 18
User

Hi, I might have searched endpoint patching tool for Linux systems .. I am not actively looking for any changes in our current tool systems... will let you know if anything required

2018-02-06 13:19:57 UTC06 February 18
User

Mostly I looked at your site to get information about other SIEM solutions.

We are McAfee partners and we are selling McAfee SIEM, but we are also looking for solutions for smaller clients.

Thank you for reminding of your site. I have to look what kind of information there is about AlienVault solutions.

2018-02-06 13:09:14 UTC06 February 18
Find out what your peers are saying about Splunk, LogRhythm, IBM and others in Security Information and Event Management (SIEM). Updated: November 2019.
378,397 professionals have used our research since 2012.
Sign Up with Email