Best Security Information and Event Management (SIEM) Software26Security Information and Event Management Tools and Software (often shortened to SIEM) analyze security-related events and log data from network hardware and applications in real-time, performing event correlation and alerting managers to configuration changes of interest, vulnerabilities and potential threats.AlienVault USM1https://dudodiprj2sv7.cloudfront.net/product-logos/6i/pV/S7QULUJUMN0O.JPEGSplunk Enterprise2https://dudodiprj2sv7.cloudfront.net/vendor-logos/TV/SN/OCHMMR3XPSQF.pngLogRhythm3https://dudodiprj2sv7.cloudfront.net/product-logos/Ek/Lj/UJL9KDLZHSZW.pngSolarWinds Log & Event Manager4https://dudodiprj2sv7.cloudfront.net/vendor-logos/to/Kd/DXB2TUQPIR3A-180x180.PNGBetterCloud5https://dudodiprj2sv7.cloudfront.net/product-logos/lF/xa/L47SNWR9FIIZ.JPEGSymantec Critical System Protection6https://dudodiprj2sv7.cloudfront.net/product-logos/xP/G6/T6VTUKET0LL8.PNGIBM Security QRadar7https://dudodiprj2sv7.cloudfront.net/vendor-logos/pB/Jj/SEO8QKLQWG7P-180x180.JPEGSplunk Light8https://dudodiprj2sv7.cloudfront.net/vendor-logos/TV/SN/OCHMMR3XPSQF.pngMcAfee Enterprise Security Manager9https://dudodiprj2sv7.cloudfront.net/vendor-logos/eB/ri/277N5FG3B8SN-180x180.JPEGRSA Security Analytics10https://dudodiprj2sv7.cloudfront.net/product-logos/4M/z9/XBNFB0KTK19A.gifRackFoundry Total Security Management11https://dudodiprj2sv7.cloudfront.net/product-logos/Jl/h8/UUKVPXASSP28.PNGSplunk Cloud12https://dudodiprj2sv7.cloudfront.net/vendor-logos/TV/SN/OCHMMR3XPSQF.pngAlienVault OSSIM13https://dudodiprj2sv7.cloudfront.net/vendor-logos/Gr/1i/U8I0UCHEN0SA-180x180.JPEGLogz.io14https://dudodiprj2sv7.cloudfront.net/vendor-logos/ox/0Y/LEG7VIFHNBV0-180x180.JPEGTrustwave SIEM15https://dudodiprj2sv7.cloudfront.net/product-logos/lf/MQ/3QBR6AZXPXC7.jpegRSA enVision16https://dudodiprj2sv7.cloudfront.net/product-logos/4M/z9/0FTRIKT7HTQ6.gifAlert Logic Log Correlation and Analysis17https://dudodiprj2sv7.cloudfront.net/vendor-logos/6s/Kj/LNDO4FAX2DHG-180x180.JPEGThetaRay18https://dudodiprj2sv7.cloudfront.net/product-logos/Sh/Pg/FXFRTCBEQHEJ.jpegThreatStream OPTIC19https://dudodiprj2sv7.cloudfront.net/vendor-logos/J6/za/PO53OTDG59Q6-180x180.JPEGSqrrl20https://dudodiprj2sv7.cloudfront.net/product-logos/MM/2Z/952T1W1JWU86.jpegTIBCO LogLogic21https://dudodiprj2sv7.cloudfront.net/vendor-logos/kf/kH/RMNIMTW93FUN-180x180.PNGNetIQ Sentinel22https://dudodiprj2sv7.cloudfront.net/vendor-logos/Zm/IY/D5DAJSH3LPPI-180x180.GIFFileAudit23https://dudodiprj2sv7.cloudfront.net/product-logos/Uh/KY/TM6N6SGMI9VO.pngSematext Logsene24https://dudodiprj2sv7.cloudfront.net/vendor-logos/LT/Cm/WK32RTB0HSL6-180x180.PNGInterset25https://dudodiprj2sv7.cloudfront.net/product-logos/z7/Qj/368DR36H9QWV.jpeg

Security Information and Event Management (SIEM) Software

Best Security Information and Event Management (SIEM) Software

TrustMaps are two-dimensional charts that compare products based on satisfaction ratings and research frequency by prospective buyers. Products must have 10 or more ratings to appear on this TrustMap, and those above the median line are considered Top Rated.

Security Information and Event Management (SIEM) Software Overview

What is Security Information and Event Management Software?

Security Information and Event Management (SIEM) Software is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools. SIEM tools allow security analysts to gather and analyze logs and events from operating systems, applications, servers, network and security devices, intrusion management systems, etc.


SIEM is a management layer sitting on top of existing systems and security controls that unifies data from these disparate systems and allows them to be analyzed and cross-referenced from a single user interface.

Type of Data Collected

The data that is collected and correlated are generally log files. Log management products were created many years ago to collect the large volumes of logs created by the various systems in a large enterprise data center. A large data center can produce terabytes of plain text log files. The volumes are such that it is extremely difficult to consume the data. SIEM systems are designed to correlate a subset of the most important data, to highlight the most critical data. Unfortunately, the myriad operating systems and applications and servers all produce log files in a slightly different human-readable format, and these have to be normalized in machine-readable format that the SIEM can understand and parse.


One of the most difficult aspects of deriving value from a SEIM, is the difficulty of tuning the system by balancing correlation rules that catch all possible attacks and do not produce too many false positives which can be very difficult to manage.

Security Information and Event Management (SIEM) Products

Listings (1-25 of 38)

AlienVault USM

311 Ratings

Unified Security Management (USM) is AlienVault’s comprehensive approach to security monitoring, delivered in a unified platform. The USM platform includes five core security capabilities that provide resource-constrained organizations with all the security essentials needed for effective threat...

Splunk Enterprise

171 Ratings

Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

LogRhythm

25 Ratings

LogRhythm, from the company of the same name in Boulder, Colorado, is security information and event management (SIEM) software.

SolarWinds Log & Event Manager

31 Ratings

SolarWinds LEM is security information and event management (SIEM) software.

BetterCloud

5 Ratings

BetterCloud is a SaaS Application Management and Security Platform that is designed to enable IT to centralize, orchestrate, and operationalize day-to-day administration and control for SaaS applications. The vendor says thousands of customers rely on BetterCloud to centralize data and controls,...

Symantec Critical System Protection

7 Ratings

Symantec Critical System Protection is endpoint security and antivirus software.

IBM Security QRadar

15 Ratings

IBM Security QRadar is security information and event management (SIEM) Software.

McAfee Enterprise Security Manager

22 Ratings

McAfee Enterprise Security Manager is security information and event management (SIEM) software, from McAfee / Intel Security.

RSA Security Analytics

4 Ratings

RSA Security Analytics is security information and event management (SIEM) from RSA, EMC's security division.

RackFoundry Total Security Management

4 Ratings

RackFoundry Total Security Management offers a complete solution featuring powerful firewall, VPN, Intrusion Detection/Prevention, SIEM, automated vulnerability scanning and log management that is monitored by the vendor’s security operations center. According to the vendor, it is the first...

AlienVault OSSIM

12 Ratings

OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform providing: Asset...

Logz.io

2 Ratings

Logz.io in Boston offers their enterprise-grade log analytics application, oriented towards providing data security and eliminating the need for capacity management.

Trustwave SIEM

4 Ratings

Trustwave SIEM, as the name would suggest, is security information and event management (SIEM) software, from Chicago-based Trustwave.

RSA enVision

3 Ratings

RSA enVision is security information and event management software from the security division of EMC.

ThetaRay

We don't have enough ratings and reviews to provide an overall score.

Israeli company ThetaRay offers security information and event management (SIEM) software.

ThreatStream OPTIC

We don't have enough ratings and reviews to provide an overall score.

ThreatStream OPTIC, from ThreatStream in Redwood City, California, is a security information and event management (SIEM) option.

Sqrrl

We don't have enough ratings and reviews to provide an overall score.

Sqrrl, from the Cambridge, Massachusetts based company of the same name, is a security information and event management platform (SIEM).

TIBCO LogLogic

We don't have enough ratings and reviews to provide an overall score.

LogLogic, now from TIBCO (since the 2012 acquisition), is security information and event management (SIEM) software.

NetIQ Sentinel

We don't have enough ratings and reviews to provide an overall score.

NetIQ Sentinel is security information and event management (SIEM) from Houston-based NetIQ, part of Micro Focus.

FileAudit

We don't have enough ratings and reviews to provide an overall score.

FileAudit from French company IS Decisions is security information and event management software.

Sematext Logsene

We don't have enough ratings and reviews to provide an overall score.

Sematext Logsene is security information and event management (SIEM) software from Sematext Group in Brooklyn, New York.

Interset

We don't have enough ratings and reviews to provide an overall score.

Interset, from the company of the same name in Ottawa, is security information and event management (SIEM) software.