Security information and event management (SIEM) tools are used to collect, aggregate and correlate log data for unified analysis and reporting. Typically, these tools can take logs from many sources, normalize them and build a database that allows detailed reporting and analysis. While forensic analysis of network events may be a feature of a SIEM, it is not the only feature, nor is it the primary focus of the tool.
Offerings recognized in this category paint a picture for users to better understand events influencing the security of networks, systems and data.
FINALIST | BEST SIEM SOLUTION
ARCSIGHT
Company: Micro Focus
Noteworthy: Correlation engine delivers real-time detection of both known and unknown, elusive threats, through machine learning-based behavioral analysis and big data threat hunting.
FINALIST | BEST SIEM SOLUTION
INSIGHTIDR
Company: Rapid7
Noteworthy: As a cloud SIEM, eliminates deployment and on-going management burdens that hinder analyst effectiveness, with an intuitive user interface and out-of-the-box detections.
FINALIST | BEST SIEM SOLUTION
LOGRHYTHM NEXTGEN
Company: LogRhythm
Noteworthy: Log and event management, advanced analytics, and risk-based monitoring and prioritization capabilities reduce alarm fatigues so analysts focus on mitigating high impact events.
FINALIST | BEST SIEM SOLUTION
SECURONIX NEXT-GEN SIEM
Company: Securonix
Noteworthy: Unified platform features signature-less detection algorithms that perform real-time analysis of event logs at big data scale as well as the use of behavior analytics capabilities to mine, enrich and analyze data.
FINALIST | BEST SIEM SOLUTION
SUMO LOGIC CLOUD SIEM
Company: Sumo Logic
Noteworthy: Automated security operations, cloud-native scalability, modern analyst experience, and cloud and modern application context are accessible for all SecOps, ITOps and DevOps users on a single platform.
