Best Security Information and Event Management (SIEM) Software26Security Information and Event Management Tools and Software (often shortened to SIEM) analyze security-related events and log data from network hardware and applications in real-time, performing event correlation and alerting managers to configuration changes of interest, vulnerabilities and potential threats.AlienVault USM1https://media.trustradius.com/product-logos/LF/Ap/TPOL9A2198T5-180x180.JPEGSplunk Enterprise2https://media.trustradius.com/vendor-logos/gJ/c0/2GB5D7JTKHQN-180x180.JPEGIBM QRadar3https://media.trustradius.com/vendor-logos/yf/sf/DNSXTG99HOK3-180x180.JPEGLogRhythm NextGen SIEM Platform4https://media.trustradius.com/vendor-logos/YF/X9/J40ME3894TL8-180x180.JPEGSolarWinds Security Event Manager5https://media.trustradius.com/product-logos/jq/yq/RBQEX0DE9BPC-180x180.JPEGSumo Logic6https://media.trustradius.com/vendor-logos/iD/Ks/HOFFU00WSJLT-180x180.PNGSplunk Cloud7https://media.trustradius.com/vendor-logos/gJ/c0/2GB5D7JTKHQN-180x180.JPEGBetterCloud8https://media.trustradius.com/product-logos/N0/q4/L47SNWR9FIIZ-180x180.JPEGMcAfee Enterprise Security Manager9https://media.trustradius.com/vendor-logos/eB/ri/277N5FG3B8SN-180x180.JPEGAlienVault OSSIM10https://media.trustradius.com/vendor-logos/Sv/TO/0HHS1EUA42K7-180x180.JPEGSolarWinds Kiwi Syslog Server11https://media.trustradius.com/vendor-logos/to/Kd/DXB2TUQPIR3A-180x180.PNGArcsight Enterprise Security Manager (formerly HP Arcsight)12https://media.trustradius.com/vendor-logos/Zi/ju/TCH0JRTW622Q-180x180.JPEGRackFoundry Total Security Management13https://media.trustradius.com/product-logos/Gt/dO/UUKVPXASSP28-180x180.PNGSolarWinds MSP Threat Monitor14https://media.trustradius.com/vendor-logos/to/Kd/DXB2TUQPIR3A-180x180.PNGRSA NetWitness Platform15https://media.trustradius.com/vendor-logos/VR/tQ/QQ1UVO3W5C25-180x180.JPEGFortiSIEM16https://media.trustradius.com/vendor-logos/MZ/NA/I0WLZ36A46RB-180x180.JPEGTrustwave SIEM17https://media.trustradius.com/vendor-logos/2A/tk/VKTU2N003FWJ-180x180.jpgAnomali Threat Platform18https://media.trustradius.com/vendor-logos/J6/za/PO53OTDG59Q6-180x180.JPEGThetaRay19https://media.trustradius.com/product-logos/Sh/Pg/FXFRTCBEQHEJ.jpegSqrrl20https://media.trustradius.com/product-logos/MM/2Z/952T1W1JWU86.jpegNetIQ Sentinel21https://media.trustradius.com/vendor-logos/Zi/ju/TCH0JRTW622Q-180x180.JPEGSematext Logsene22https://media.trustradius.com/vendor-logos/LT/Cm/WK32RTB0HSL6-180x180.PNGSurfWatch Labs23https://media.trustradius.com/product-logos/32/LC/P2B07GXEZ5TP.pngLogsign24https://media.trustradius.com/product-logos/pW/tL/XXXBI3JXSMA8-180x180.JPEGAnchorPoint Integrated Threat Response25https://media.trustradius.com/product-logos/Mm/zn/CRDDCO10QF6W-180x180.PNG

Security Information and Event Management (SIEM) Software

Best Security Information and Event Management (SIEM) Software

TrustMaps are two-dimensional charts that compare products based on satisfaction ratings and research frequency by prospective buyers. Products must have 10 or more ratings to appear on this TrustMap.

Security Information and Event Management (SIEM) Software Overview

What is Security Information and Event Management Software?

Security Information and Event Management (SIEM) Software is a category of security software concerned with collating log and event data. A SIEM allows security analysts to look at a more comprehensive view of security logs and events that would be possible by looking at the log files of individual, point security tools. SIEM tools allow security analysts to gather and analyze logs and events from operating systems, applications, servers, network and security devices, intrusion management systems, etc.


SIEM is a management layer sitting on top of existing systems and security controls that unifies data from these disparate systems and allows them to be analyzed and cross-referenced from a single user interface.

SIEM Features & Capabilities

  • Centralized event and log data collation

  • Log data correlation

  • Event and log normalization

  • Deployment flexibility

  • Integration with identity and access management tools

  • Custom dashboards and views

  • Host and network-based intrusion detection

Type of Data Collected

The data that is collected and correlated are generally log files. Log management products were created many years ago to collect the large volumes of logs created by the various systems in a large enterprise data center. A large data center can produce terabytes of plain text log files. The volumes are such that it is extremely difficult to consume the data.


SIEM systems are designed to correlate a subset of the most important data, to highlight the most critical data. Unfortunately, the myriad operating systems and applications and servers all produce log files in a slightly different human-readable format, and these have to be normalized in machine-readable format that the SIEM can understand and parse.


One of the most difficult aspects of deriving value from a SIEM is the difficulty of tuning the system by balancing correlation rules that catch all possible attacks and do not produce too many false positives which can be very difficult to manage.

Pricing Information

Pricing for SIEM software can vary widely from about $5k to over $100k, depending largely on the quantity of events and logs being monitored. In addition to software expense, the total cost of ownership will include maintenance, professional services, hardware, personnel, and training.

Security Information and Event Management (SIEM) Products

Listings (1-25 of 44)

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
Top Rated
631 Ratings

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, inclu…

Splunk Enterprise

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
Top Rated
288 Ratings

Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes IR via the SmarResponse Automation Framework, UEBA via the CloudAI security analytics tool, NetMon network forensics, and other features providing a t…

15 Ratings

BetterCloud is a SaaS Application Management and Security Platform that is designed to enable IT to centralize, orchestrate, and operationalize day-to-day administration and control for SaaS applications. The vendor says thousands of customers rely on BetterCloud to centralize data and controls, sur…

OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform providing: Asset discov…

SolarWinds Threat Monitor empowers MSSPs of all sizes by reducing the complexity and cost of threat detection, response, and reporting. You get an all-in-one security operations center (SOC) that is unified, scalable, and affordable.

5 Ratings

Fortinet offers security information and event management via FortiSIEM, their product line featuring asset discovery and rapid assessment for location of threat and their remediation.

We don't have enough ratings and reviews to provide an overall score.

Israeli company ThetaRay offers security information and event management (SIEM) software.

We don't have enough ratings and reviews to provide an overall score.

Sqrrl, from the Cambridge, Massachusetts based company of the same name, is a security information and event management platform (SIEM).

We don't have enough ratings and reviews to provide an overall score.

NetIQ Sentinel is security information and event management (SIEM) from Houston-based NetIQ, part of Micro Focus.

We don't have enough ratings and reviews to provide an overall score.

Sematext Logsene is security information and event management (SIEM) software from Sematext Group in Brooklyn, New York.

We don't have enough ratings and reviews to provide an overall score.

SurfWatch Labs in Sterling, Virginia offers a security information and event management (SIEM) platform.

We don't have enough ratings and reviews to provide an overall score.

As an all-in-one SIEM solution, Logsign is primarily focused on Security Intelligence, Log Management and Compliance Reporting. According to the vendor, Logsign aims to:Unify the view and monitoring of cloud and local dataIncrease awareness via security-oriented dashboardsProvide clear understanding…

We don't have enough ratings and reviews to provide an overall score.

AnchorPoint’s Integrated Threat Response (ITR) service is a combination of advanced security tools, threat intelligence, and expert action. This service focuses on detection and response. The primary purpose of ITR is to decrease attacker dwell time in an organization’s network. According to the ve…

TrustRadius Top Rated for 2019

2019 Top Rated Security Information and Event Management (SIEM) Software

There are plenty of options out there, but here's our shortlist of the best Security Information and Event Management (SIEM) Software. These products won a Top Rated award for having excellent customer satisfaction ratings. The list is based purely on reviews; there is no paid placement, and analyst opinions do not influence the rankings. To qualify, a product must have 10 or more recent reviews and a trScore of 7.5 or higher, indicating above-average satisfaction for business technology. The products with the highest trScores appear first on the list. Read more about the Top Rated criteria.