Security Analytics Software

Security Analytics Software Overview

What is Security Analytics Software?

Security analytics software are tools which provide proactive or exploratory network security via behavioral machine learning or analytics techniques. Alternately described as SA Platforms or network traffic analytics software, these tool collect, normalize, and analyze network traffic for threat behavior. Vendors specializing specifically in SA offer machine learning tools for applying security models to traffic across enterprise assets. While highly related to SIEM, security analytics software may provide more advanced tools for data mining or freeform analytics.

Features of Security Analytics Software

Security analytics platforms provide the following features, or target for analysis:
  • Ingested data from SIEM or other sources
  • User and entity behavior analytics (UEBA)
  • Automated or on-demand network traffic analysis
  • Model observed behavior against threat intelligence
  • Configure analytics to observe behavior against policy
  • Application access and analytics
  • DNS analysis tool
  • Email activity
  • Network packets
  • Identity and social persona
  • File access
  • Geolocation, IP context

Security Analytics Products

(1-25 of 57) Sorted by Most Reviews

LogRhythm NextGen SIEM Platform
29 ratings
18 reviews
The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management …
Sumo Logic
29 ratings
11 reviews
Sumo Logic is a log management offering from the San Francisco based company of the same name.
Palo Alto Networks WildFire
11 ratings
5 reviews
Palo Alto Network’s WildFire is a malware prevention service. It specializes in addressing zero-day threats through dynamic and static analysis, machine learning, and advanced sandbox testing environments.
4 ratings
5 reviews in Boston offers their enterprise-grade log analytics application, oriented towards providing data security and eliminating the need for capacity management.
KnowBe4 PhishER
8 ratings
3 reviews
KnowBe4 offers PhishER as a simple and easy-to-use web-based platform with critical functionality that serves as a phishing emergency room to identify and respond to user-reported messages. With automatic prioritization for emails, PhishER helps InfoSec and Security Operations team cut through the i…
Elastic Security (Elastic SIEM + Elastic Agent, formerly Endgame)
2 ratings
1 review
Elastic Security equips analysts to prevent, detect, and respond to threats. The free and open solution delivers SIEM, endpoint security, threat hunting, and cloud monitoring. The solution encompasses Elastic SIEM, which brings Elasticsearch to SIEM and threat hunting. The Elastic Agent (or Elastic …
OpenText Security Suite, powered by OpenText EnCase
0 ratings
1 review
OpenText Security Suite, powered by OpenText EnCase, is an endpoint security solution designed to provide 360-degree visibility across laptops, desktops and servers for proactive discovery of sensitive data, identification and remediation of threats and discreet, forensically-sound data collection a…
Splunk User Behavior Analytics (UBA)
0 ratings
1 review
Splunk supplies security analytics as a standalone solution or priced as an add-on for users of its popular SIEM products, to protect enterprises against unknown threats and malicious behavior, via the Splunk User Behavior Analytics (UBA) application.
IBM QRadar Advisor with Watson
0 ratings
1 review
IBM QRadar Advisor with Watson supports QRadar SIEM with Watson's AI guided automation as well as providing advanced analytics capabilities for evaluating suspicious user activity, conducting threat validation, and other analytics based tasks.
McAfee Advanced Threat Defense
13 ratings
1 review
McAfee Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike traditional sandboxes, it includes additional inspection capabilities that broaden detection and expose evasive threats. Tight integrat…
Cisco SecureX (formerly Threat Response)
3 ratings
1 review
Cisco Threat Response automates integrations across select Cisco Security products and accelerates key security operations functions: detection, investigation, and remediation. Threat Response integrates threat intelligence from Cisco Talos and third-party sources, which adds context from integrated…
Interset, developed by the company of the same name in Ottawa which was acquired by Micro Focus in February 2019, is a security analytics platform bringing artificial intelligence and machine learning to insider threat detection or related behavior-related security policy violations and threats.
Securonix SNYPR Platform
Securonix, from the Los Angeles-based company of the same name, offers the SNYPR Platform, an advanced analytics platform providing real time insights with identity data, threat hunting, and other security analytics capabilities. The SNYPR platform combines this with Securonix Response Bot, inciden…
Symantec Network Forensics: Security Analytics
Symantec Network Forensics: Security Analytics aims to give users complete security visibility, advanced network traffic analysis, and real-time threat detection with enriched, full-packet capture.
Rapid7 InsightIDR
In addition to their incident response service, Rapid7 offers InsightIDR, a relatively broad offering covering SIEM and user behavior and threat analytics.
Exabeam Security Management Platform
Exabeam headquartered in San Mateo, offers their SIEM platform, the The Exabeam Security Management Platform. The vendor states the modular Exabeam platform allows analysts to collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response. The Exabeam platform…
Symantec Content & Malware Analysis
Symantec Content & Malware Analysis is an application which provides advanced threat detection and threat hunting through advanced machine learning, based on intelligence gathered from ProxySG, threat intelligence services, and other sources.
Forcepoint UEBA Behavior Analytics
Forcepoint UEBA Behavior Analytics is a security analytics applications designed to provide additional advanced analytic functionality to enterprise security tools and context to SIEM data, from Forcepoint headquartered in Austin.
ArcSight Investigate
Micro Focus offers ArcSight Investigate, a proactive security and threat analytics and search application.
McAfee Investigator
McAfee Investigator is a security analytics application.
RSA NetWitness UEBA
RSA NetWitness UEBA is a security analytics application and part of the NetWitness network security and SIEM suite, from RSA Security.
SonicWall Analytics
SonicWall Analytics provides real-time insights into correlated security data and supports forensic investigation, security policy calibration and control, enrichment of connected firewall data, and drill down analytics.
Securonix User and Entity Behavior Analytics (UEBA)
Securonix headquartered in Addison offers the Securonix User and Entity Behavior Analytics (UEBA) tool, the company's core security analytics application providing AI-based and machine learning funcitons for analyzing and providing context to security data.
Fortinet offers user and entity behavior analytics (UEBA) technology via FortiInsight, the company's security analytics software.
Gurucul Risk Analytics (GRA)
Gurucul Risk Analytics (GRA) is a behavior based security analytics platform from Gurucul headquartered in El Segundo.