Try our new research platform with insights from 80,000+ expert users
2017-06-08T07:26:00Z

New SIEM Reviews -- What Users Say in Q2 2017

it_user326337 - PeerSpot reviewer
  • 3
Published:Jun 8, 2017
Product comparison that may be of interest to you
PeerSpot user

1 Comment

AG
Real User
Top 10
2017-06-10T04:05:17Z
Jun 10, 2017
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: December 2024.
824,053 professionals have used our research since 2012.
Related Questions
Liam Brandt - PeerSpot reviewer
Mar 22, 2023
Mar 22, 2023
I´m not sure about this affirmation. There are a lot of other tools used.
See 2 answers
VS
Mar 14, 2023
Hi, in my opinion, because it is still the best at giving you visibility of what's happening in your IT infrastructure, and at detecting threats. Visibility and detection may seem simple tasks. but actually, they require a lot of capabilities in understanding, integrating, logging, and alarms from a huge multitude of devices. Such tasks go under the line of log ingestion, normalization, etc., and that is far from easy. QRadar has done a lot of work in that direction. Another aspect is event correlation. And here, either you write the correlation rules yourself, spending $$$$ of professional services, and by the way, it'll take forever to test, implement and maintain up to date, or your access to a very long list of preset correlation rules, that are already available and waiting to be activated. Finally, visibility and threat detection is just the beginning of a journey pointed at becoming aware of what's happening in your IT and taking relevant and effective action. There are several other technologies that have to be used to minimize exposure, and contain, and remediate relations to an attack. I believe IBM has a few of those, that can be integrated. But whichever you use at the end of this journey, if the original feed is not correct, not relevant, or not complete, you missed your goal in the first place.My 5 cents :)VS
Jairo Willian Pereira - PeerSpot reviewer
Mar 22, 2023
I´m not sure about this affirmation. There are a lot of other tools used.
Julia Miller - PeerSpot reviewer
Oct 18, 2022
Oct 18, 2022
The solution is costly and the price differs depending on the vendor you use.
2 out of 4 answers
reviewer1136397 - PeerSpot reviewer
Feb 6, 2022
I can't speak to the exact pricing. I've never looked at its commercial costs.
reviewer1409433 - PeerSpot reviewer
May 12, 2022
Licensing is mostly dependent on the EPS, events per second. Depending upon the number of products that are integrated with the platform, we have to come to an optimal EPS value. I'm not very sure about the financials, however, the licensing cost cannot be as much as that for Sentinel, which is not very low. For customers who need medium EPS values, we advise QRadar. The basic out the box cost covers, the EPS value that you have specified, and then some archiving maybe. It should include at least six months of archiving and other functionalities. Most of the customers will go for the standard package and we don't have to go for extra archival or enhanced DPS. 10% to 15% of DPS can always be increased. It will not completely shut down the system, however, it'll start sending us notifications that the DPS is getting increased and then we can go for a higher licensing.
Related Articles
Julia Miller - PeerSpot reviewer
Mar 19, 2024
Mar 19, 2024
Today, Security Information and Event Management (SIEM) solutions play a pivotal role in bolstering organizational defenses against an array of cybersecurity threats. Through the lens of real-world success stories and an evaluation of top SIEM technologies, this comprehensive article illustrates the transformative impact of SIEM systems across industries and highlights leading solutions, includ...
Ertugrul Akbas - PeerSpot reviewer
Jan 24, 2023
Jan 24, 2023
It is important to retain logs for a significant amount of time in order to be able to investigate and analyze past attacks. This allows security teams to identify patterns and trends that can aid in the detection and prevention of future attacks. The retention period will vary depending on the organization's specific requirements and regulations, but it is generally recommended to keep logs f...
Product Comparisons
Related Articles
Julia Miller - PeerSpot reviewer
Mar 19, 2024
Top SIEM Solutions & Success Stories: Strengthening Cybersecurity in Diverse Industries
Today, Security Information and Event Management (SIEM) solutions play a pivotal role in bolsteri...
Ertugrul Akbas - PeerSpot reviewer
Jan 24, 2023
Features of Today's SIEMs – Requirements for Today’s Attacks and Breaches
It is important to retain logs for a significant amount of time in order to be able to investiga...
Download Free Report
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Splunk, IBM, LogRhythm, and more! Updated: December 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.