Security Information and Event Management (SIEM) Reviews and Ratings

This is one of the best products on the market. Our overall experience is truly amazing. This SIEM product has all the best what logs agregators can do. Scalability is at the highest level, search head performance is one of the fastest. Splunk supports a huge amount of the applications which one can configure with the universal forwarders and deploy on the servers. It is really hard to find anything on the market similar to this platform with that amount of professionalism visible on each aspect of that SIEM system.

LogRhythm SIEM helps our company enrich data with contextual information using pre identified threats and vulnerabilities. It helps us meet regularly requirements and helps streamline audit processes. It has amazing dashboard which shows actionable insights

As a SOC admin at my organization, my overall experience with the QRadar (7.5) has been positive. The platform offers robust threat detection capabilities and comprehensive log management, which are essential for our Security Ops. The user interface is intuitive and user friendly and making it easier to navigate and configure. However, occasional parsing issues and DSM related but can be overcome by customization. QRadar significantly enhanced our ability to monitor and respond to security incidents effectively. Additionally, the support documentation provided are quite helpful in resolving any issues promptly. Overall, QRadar is a reliable and powerful tool for our security needs. Qradar and its easy deployment of EC EP and Console (that is also All-in-one) is widely used in the organizations and in our company which makes the events and flows to fetch easily and smoothly.

Splunk is one of the market leaders in the SIEM segment for a reason. The ability of log ingestion, parsing and analysis is truly exceptional. It has a great user friendly dashboard which helps you in correlating and analyzing different kinds of logs from multiple different tools. The implementation is also simple. The alerting mechanism is impressive too. Overall the features, services, ease of operation, advancement of Splunk make it a top choice for customers in Cyber security and other domains as well.

Trellix Security Manager is an easy to use security software that helps prevent against viruses and threats on emails, applications, etc. It provides easy to read reports and can be used on both computers and smartphones.

Very happy with our overall experience, the onboarding team tried to tailor the process around our needs, the support team has been generally very responsive to our requests, and the product itself has a lot of functionality out-of-the-box, while giving us the capabilities to create very specific and complex use-cases for our organization.

When we first start looking for a product to help with log ingestion, Elastic (ELK Stack) was the only vendor that provided the features we were looking for at a reasonable cost. Ever since then it has been a wonderful experience dealing with the company and the product.

After years of search of a good SIEM and testing some ones, we found LogPoint as a SIEM that our requirements fullfill.

The overall experience with Rapid7 is exceptional. The support & engineering team work efficiently to resolve problems/issues should any arise in a timely manner. The integrations to ingest data from other solutions natively are simple and Rapid7 also supports ingestion of raw data if the integrations exist. Rapid7 also accepts ideas from its customers, and if accepted they plan a roadmap to develop the feature within the product.

The overall experience with the product is great. SolarWinds Security Event Manager is a ready-to-use and affordable solution. Easy to use and simple interface with important information makes it more useful for day to day job

Outstanding product with lots of integrated features to make threat hunting simpler and more exciting for an Analyst. FortiSIEM has the capability to do performance monitoring for the devices through CMDB and if an agent is installed on endpoints or servers, we can do File integrity monitoring as well which is a key feature of FortiSIEM. With the help of the inbuilt UEBA feature in FortiSIEM we can get complete logs of end-user behavior and get more details on the incidents happening in the organization.

Our overall experience with Exabeam Fusion has been brilliant. From threat analysis to custom correlation rules, fusion is more friendly. Also, with the recent AI integration, it has taken a step forward and are one of the first vendors to integrate Gen-AI with SIEM

Started using ArcSight some 12 years back and I must say it has not disappointed me. Being the 1st SIEM solution I have worked on makes it close to my heart. Also, the way the product has evolved over the years and the amount of flexibility it provides is way beyond the expectations of any user using SIEM solutions. The connectors, log ingestion support for a wide variety of log sources, and flexibility of modifying configurations of connector parameters to meet our requirements are a few standout features from an ingestion point of view. The Active channels to search for logs with filters and inline filters are really helpful. Feasibility of creating our own dashboards adds on to better visibility for the SOC room. Now comes the most important feature i.e. correlation. With a powerful correlation engine, the extent to which rules can be created gives me immense satisfaction. Now the rules and arb packages are available in the marketplace which gives a better understanding of use case coverage and help in ensuing that applicable use cases are in place. Be it network modeling or segregating the devices based on Zones, the solution provides 360 views of what is happening the environment and how best it can be protected. Last but not least, the ease with which the custom connectors can be built and tested in this solution is very satisfying. This supports literally all the different log formats and post going through raw logs, custom connector creation, and normalization seems to be a piece of cake. In a nutshell, the number of features ArcSight ESM possessed is something which everyone can keep on learning no matter how long they have worked on this product.

As a cybersecurity professional, Splunk has been invaluable being one of the top SIEM tools on the market. Very intuitive, easy to analyze, and my job wouldn't be possible without it.

All too often these days I feel that any of our vendors who are true giants in the IT world just look at anything below a mega-corporation as small potato not worth a great deal of their time and you often end up in a take it or leave it situation with them. This has not been my experience with Manage Engine. Working with them is like working with a smaller company who still has the personal touch. Reaching someone in their support group when I need is fast and easy, they go out of their way to accommodate customization requests, and have really been responsive to everything I have ever needed. They are simply my favorite vendor to work with as I know I will get the support and assistance I need every time.

It's easy to figure this out and has a very nice interface! Has a lot of nice features for both those that like to dig into the logs and for management to view dashboards.

My overall experience with Sentinel has been extremely positive. This powerful tool has consistently exceeded me and my coworkers expectations. The platform is extremely user friendly, the community is always active, the GitHub repo is always up to date and the training provided by sentinel experts is great. The ease of use, paired with great threat protection and detection capabilities are what I think make this tool an "Industry Standard Tool"

Outstanding product and extremely good Sales Engineering team.

It is Unified Security Management Anywhere providing many features Threat detection, Incident response, compliance management, vulnerability assessment, asset discovery, file integrity monitoring

Great experience. Easy to use. Software was affordable, and the general installation was simple. Make sure your system has enough resources though.