Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
It is not cheap.
Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market.
Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk.
There is not a license required for Wazuh.
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
We are using the free, open-source version of this solution.
We use the open-source version, so there is no charge for this solution.
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Microsoft Defender XDR is a comprehensive security solution that helps organizations manage devices and vendor security compliance.
Its primary use case includes email filtering, vulnerability management, and detecting threats launched via emails. The solution offers advanced threat-hunting capabilities, integration with other Microsoft products, centralized management, automation features, and comprehensive threat protection.
It improves visibility, automates routine tasks, and provides threat intelligence and compliance management. Microsoft Defender XDR is praised for its advanced capabilities, ease of use, and integration with other Microsoft products.
It has proven to be a comprehensive and effective security solution for organizations.
The solutions price is fair for what they offer.
The price of the solution is high compared to others and we have lost some customers because of it.
The solutions price is fair for what they offer.
The price of the solution is high compared to others and we have lost some customers because of it.
LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
Sumo Logic
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
Purchasing Sumo Logic through the AWS Marketplace was a simple step.
Purchasing the solution through the AWS Marketplace is very easy.
Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.
Please be cheaper and more simplified.
We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that.
Please be cheaper and more simplified.
We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that.
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.
The solution is open source, so it's free to use.
The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.
The solution is open source, so it's free to use.
The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.
Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer and ADAudit Plus into a single console to help you manage your Active Directory auditing and network security easily.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
Aggregation can help a lot in pushing down licensing costs.
ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.
Your organizations IT infrastructure generate huge amount of logs every day and these machine generated logs have vital information that can provide powerful insights and network security intelligence into user behaviors, network anomalies, system downtime, policy violations, internal threats, regulatory compliance, etc. However, the task of analyzing these event logs and syslogs without automated log analyzer tools can be both time-consuming and painful if done manually.
There is a yearly subscription for the solution.
ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license.
There is a yearly subscription for the solution.
ManageEngine EventLog Analyzer is a low-cost solution. It costs approximately $1,000 per month per server for a perpetual license.
Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.
You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points.
We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees.
You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points.
We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees.
Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs.
Our licensing fees are about $10,000 USD per month, which I think is fair.
It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value.
Our licensing fees are about $10,000 USD per month, which I think is fair.
It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value.
Snare customers consistently tell us that as the financial and reputational consequences of data breaches, cyber threats like malware and ransomware and the constant risks from insider threats increase that they have urgent and ongoing requirements for maintaining regulatory compliance, auditing and managing cyber threat detection and response. They also tell us that existing solutions like SIEM are often complex to implement and maintain, require specialised technical resources or are increasingly unaffordable or variable in their pricing. As a result of these increased requirements Prophecy International has created the Snare product suite.
Snare has reasonable pricing.
On a scale from one to ten, where one is cheap, and ten is expensive, I rate Snare's pricing a four out of ten.
Snare has reasonable pricing.
On a scale from one to ten, where one is cheap, and ten is expensive, I rate Snare's pricing a four out of ten.