2 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.7 out of 101
46 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.4 out of 101

Likelihood to Recommend

Anomali Threat Platform

Being the best threat intelligence platform/tool on the market, it is fantastic in terms of performance and it has taken a lot of burden of curating and weeding through false positives off of our team freeing them up to focus on manual threat hunting and content building.
No photo available

SolarWinds Security Event Manager

SolarWinds Log & Event Manager is very well suited in a heterogeneous enterprise setting (multiple locations/campuses) where you would have various brands/manufacturers of devices represented. While it doesn't require a full-time admin, it does take a little time to add/update/remove nodes in, configure data collection settings, and generate custom reports. Because of this, it may not be a perfect fit for a small to medium-sized business due to the initial investment of time and cost.
Roger Mialkowski profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

Anomali Threat Platform
SolarWinds Security Event Manager
8.5
Centralized event and log data collection
Anomali Threat Platform
SolarWinds Security Event Manager
9.6
Correlation
Anomali Threat Platform
SolarWinds Security Event Manager
9.7
Event and log normalization
Anomali Threat Platform
SolarWinds Security Event Manager
9.4
Deployment flexibility
Anomali Threat Platform
SolarWinds Security Event Manager
8.2
Integration with Identity and Access Management Tools
Anomali Threat Platform
SolarWinds Security Event Manager
8.2
Custom dashboards and views
Anomali Threat Platform
SolarWinds Security Event Manager
5.8
Host and network-based intrusion detection
Anomali Threat Platform
SolarWinds Security Event Manager
8.8

Pros

Anomali Threat Platform

  • Fantastic UI
  • STAXXX for sharing intelligence
  • Threat Intelligence feeds
  • Automation and collaboration cuts work down for the analysts
No photo available

SolarWinds Security Event Manager

  • Incredibly easy to set up. It was deployed and had log sources pointed to it and performing basic correlations within a day.
  • Auto-response. The automated responses that are available after deploying the agent give you incredible control to respond to events on your network.
  • User-friendly interface. Some SIEMs can be daunting to learn how to use and get acclimated to, but LEM has an intuitive layout and is very easy to pick up and use.
No photo available

Cons

Anomali Threat Platform

No answers on this topic

SolarWinds Security Event Manager

  • Flash-based UI can lag, HTML5 would be preferred
  • Availability for custom widgets, but you need a bit of training to get things done right unless you have time for trial and error.
  • It only knows what it knows for account lockouts. If a source machine isn't available in the Event Viewer ID that triggers the alert, it does not have any extra tools to help it determine the issue.
No photo available

Alternatives Considered

Anomali Threat Platform

No answers on this topic

SolarWinds Security Event Manager

In the past I have used Qradar, McAfee ESM, and RSA Security Analytics.
PROS:Compared to these products, LEM is by far the most user friendly and easiest to deploy. LEM's ability to automate response and remediation also seems a cut above these products. LEM also ranks up at the top in terms of reliability. Very rarely have we had to resolve issues that prevented LEM from doing it's job.
CONS: LEM is unfortunately lacking in the ability to create custom parsers like other SIEM solutions can. This means if LEM is unable to parse logs coming from a network appliance, you won't be able to view them until Solarwinds releases their official parser for that product. Complex correlations can also test the limits of LEM due to the way that logs are parsed into event type rather than log source type. Trying to correlate all of your IPS events in a complex correlation? This my prove to be difficult in LEM.
No photo available

Return on Investment

Anomali Threat Platform

  • After the Initial startup cost, it has overall had a positive impact by increasing efficiency of the team and freeing up analysts to do manual threat hunting
No photo available

SolarWinds Security Event Manager

  • We did not have to purchase Cisco's successor to MARS, that is a large ROI.
  • We did not have the ability to know when users locked their accounts by bad password attempts, now we know before they call us.
Scott Reese profile photo

Screenshots

Anomali Threat Platform

Pricing Details

Anomali Threat Platform

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

SolarWinds Security Event Manager

General

Free Trial
Yes
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Add comparison