12 top SIEM tools rated and compared

Security information and event management tools are a core part of most companies' cyber defenses. Use this guide to find SIEM options that best match your needs.

1 2 Page 2
Page 2 of 2

Log & Event Manager does not offer machine-learning-based analytics or the same level of integration with third-party systems you can expect from the enterprise grade tools in this list. SolarWinds does offer USB device monitoring, designed to mitigate the risks posed by USB flash drives to your network.

  • Gartner PeerInsights rating: 4.2 stars
  • Target audience: Small- to medium-sized businesses
  • Notable features: Automated remediation and USB device monitoring.
  • Pricing: SolarWinds Log & Event Manager is priced starting at $4,585 for a perpetual license, which authorizes use with up to 30 nodes and includes one year of maintenance.

12. Splunk

Splunk might well be the most well-known entry in this list, and is the standard against which SIEM platforms are judged. Gartner’s PeerInsights ratings bear this out as a rating of 4.4 stars is backed by over 500 reviews, more than any other competing solution.

Splunk offers two versions of their platform. Splunk Enterprise may be installed on premises as a server application on a variety of Unix or Windows operating systems, or as a Docker container application. Splunk Cloud allows you to realize the benefits of Splunk in a SaaS environment, minimizing infrastructure and maintenance requirements. Both platform versions support customizable dashboards and reporting, anomaly detection, and a high degree of access control.

Perhaps Splunk’s biggest selling point is Splunkbase, its app store for the Splunk platform. Splunkbase apps can run on either Splunk Enterprise or Splunk Cloud, and add third-party integrations, analytics, or automation capabilities.

  • Gartner PeerInsights rating: 4.4 stars
  • Target audience: Organizations of all sizes.
  • Notable features: Splunkbase app store, well documented both by Splunk and the user community.
  • Pricing: $150 per 1Gb of data per month for Splunk Enterprise. Splunk Cloud begins at $810 monthly (or $8,100 billed annually) for up to 5Gb per day.

Copyright © 2018 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
Microsoft's very bad year for security: A timeline