Best Security Information and Event Management (SIEM) Software

Security information and event management (SIEM) software combines a variety of security software components into one platform. Companies use SIEM products to centralize security operations into a single location. IT and security operations teams can gain access to the same information and alerts for more effective communication and planning. These products provide capabilities to identify and alert IT operations teams of anomalies detected in their systems. The anomalies may be new malware, unapproved access, or newly discovered vulnerabilities. They provide live analysis of functionality and security, storing logs and records for retrospective reporting. They also have tools for identity and access management to ensure only approved parties have access to sensitive systems. Forensic analysis tools help teams navigate historical logs, identify trends, and better fortify their networks.

SIEM tools may be confused with incident response software, but SIEM products provide a larger scope of security and IT management features. Most also do not have the ability to automate security remediation practices.

To qualify for inclusion in the SIEM category, a product must:

  • Aggregate and store IT security data
  • Assist in user provisioning and governance
  • Identify vulnerabilities in systems and endpoints
  • Monitor for anomalies within an IT system
G2 Crowd Grid® for Security Information and Event Management (SIEM)
Leaders
High Performers
Contenders
Niche
Momentum Leaders
Momentum Score
Market Presence
Satisfaction
Filters
Features
Star Rating

Security Information and Event Management (SIEM) reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Compare Security Information and Event Management (SIEM) Software
Results: 71
    G2 Crowd takes pride in showing unbiased ratings on user satisfaction. G2 Crowd does not allow for paid placement in any of our ratings.
    Sort By:

    Loom Systems delivers an advanced AI-powered log analysis platform that helps IT and DevOps teams predict and troubleshoot problems before they affect production. Loom predicts problems, provides their root cause and crowd-sources expert knowledge to recommend resolutions in real time. Loom is a Stevie® American Business Awards 2016 winner. Our platform mathematically models the analytical prowess of the human mind and infuses it with computational speed, accuracy and tirelessness. Our technology ingests every type of machine data, including unstructured data such as log files, learns its unique behavior over time, automatically detects anomalies and trends and recommends actions. Built for low-touch operational simplicity and usability, our solution empowers IT, DevOps, System Admins, NOC teams and Security specialists by transforming reactive users into proactive power-users. Our approach leads not only to lightning-fast identification and resolution of IT issues, but also to their prediction, allowing for preemptive measures to be taken. The four founders of Loom Systems share more than 50 combined years of experience generating actionable insights from Big Data. With deep technological and methodological background in elite technology intelligence units, as well as leadership positions at innovative companies in the private sector, they have spent their careers at the cutting edge of analytical process automation. After struggling daily with the tools currently in use in Big Data analysis, they've teamed up to create the definitive technological solution to the problem. Out of this effort grew Loom Systems - an end-to-end platform that mathematically models human analytical skills, and combines it with machines' calculation speed and diligence.

    Micro Focus Sentinel is a Security Information and Event Management (SIEM) solution that simplifies the deployment, management and day-to-day use of SIEM, readily adapts to dynamic enterprise environments and delivers actionable intelligence security professionals need to quickly understand their threat posture and prioritize response.

    Ostendios MyVCM is a cloud-based cybersecurity and information management platform that delivers an easy to use, cost-effective way for companies to demonstrate information security compliance to multiple industry standards and regulations.

    Make decisive, appropriate responses to incidents by automating identification and resolution processes.

    PacketViper's patented cybersecurity platform features integrated deception, defense and intelligence that helps our customers address cybersecurity challenges in a practical, high-impact manner. PacketViper sits inline at key network transition points throughout the network. Licenses are deployed in one of three models (on-premise, cloud/AWS and bring your own hardware BYOH).

    Powertech Event Manager is a real-time cybersecurity insight and response platform, designed to help your existing staff respond to critical security threats faster.

    PT Industrial Security Incident Manager is designed to detect hacker attacks on ICS/SCADA systems and help to investigate cybersecurity incidents at critical sites.

    SecBI uses network traffic analysis based on unsupervised and supervised machine learning to detect and investigate complex threats.

    SecureCircle provides a completely transparent cybersecurity solution which is always encrypted, trackable, and retractable, helping organizations to effectively secure data. SecureCircle helps companies within healthcare, finance, manufacturing, pharma, media, and government organizations meet data security and compliance requirements.

    The TippingPoint Security Management System provides global vision and security policy control for threat intelligence and enables comprehensive analysis and correlation.

    Leo TechnoSoft's Intelligence Driven SOC is an integrated stack of security solutions and offers security incident and event management (SIEM), identity and access management (IDM), privilege identity management (PIM) and cloud access security broker (CASB), which is built on security Big Data.

    Senseon's multiple threat-detection senses work together to detect malicious activity across an organisation's entire digital estate, covering the gaps that single point solutions create. Senseon is the next phase of AI for cyber defence, moving beyond rules-based systems that are too rigid to keep pace with emerging cyber threats and ineffective AI systems which cannot differentiate between unusual behaviour and malicious activity, often resulting in flooding security teams with false positive alerts.

    Trend Micro ServerProtect for Linux 3.0 offers comprehensive real-time protection for enterprise web-servers and file-servers, preventing them from spreading viruses, spyware, and other Web threats to internal or external endpoints. Managed through an intuitive portable Web-based console, ServerProtect provides centralized virus/malware scanning, pattern updates, event reporting, and configuration.

    SIMBUS is a complete privacy and security management software that is designed to help any size facility get and maintain compliance.

    cloud-based threat detection and management

    TraceAlert is a fully managed Security Information & Event Management (SIEM) solution.

    Unomaly is a solution for automating analysis of data produced by IT systems, applications and software no matter what it is or where it resides. Unomaly continuously learns what's normal through repetitions in data and universally and automatically detects any incident by the new and changing data it creates.

    Verodin safely instruments security directly on your enterprise network, dynamically assessing the cumulative effectiveness of your entire security portfolio.

    Vijilan will deploy and implement its fully managed service in record time, and as part of the service, Vijilan will monitor and respond to any threat or suspicious behavior on the network through its technologically advanced SOC and Incident Response Team (IRT) who operate around the clock.

    The network security emergency response service is to discover and confirm network security events such as hacking, denial of service attacks, unauthorized network communication, system operation, website page tampering, abnormal traffic attacks, network worm propagation, etc. Respond to disposal to reduce possible risks and losses. The service provides customers with professional technical guidance and resources to improve security, resist attacks and perform security repairs.