Add to collection(s) Add to saved
  1. No category
Uploaded by daaskhan15

SIEM solution comparisons

advertisement 
SIEM Comparisons
Product overviews
Blumira
Blumira’s mission is to help SMBs and mid-market companies detect and respond to
cybersecurity threats faster to stop breaches and ransomware. Blumira’s all-in-one SIEM
platform combines logging with automated detection and response for better security
outcomes and consolidated security spend. Meet compliance controls, save time on security
tasks, focus on real threats, and protect against a breach faster than ever with Blumira. Blumira's
cloud SIEM can be deployed in hours with broad integration coverage across cloud, endpoint
protection, firewall and identity providers including Office 365, G Suite, Crowdstrike, Okta, Palo
Alto, Cisco FTD, Fortinet, and many others.
LogPoint
Logpoint is the creator of a reliable, innovative cybersecurity operations platform —
empowering organizations worldwide to thrive in a world of evolving threats. By combining
sophisticated technology and a profound understanding of customer challenges, LogPoint
bolsters security teams’ capabilities while helping them combat current and future threats.
Logpoint offers SIEM, UEBA, SOAR and SAP security technologies converged into a complete
platform that efficiently detects threats, minimizes false positives, autonomously prioritizes risks,
responds to incidents, and much more. Headquartered in Copenhagen, Denmark, with offices
around the world, Logpoint is a multinational, multicultural, and inclusive company.
ManageEngine Log360
ManageEngine Log360 is a unified solution that offers holistic organizational security by
bringing together crucial security capabilities like UEBA, DLP, CASB to improve visibility into your
organization's network. With a simple UI and quick search and filtering capabilities for your
device logs, you can easily gain insights into events on your network and plan automated
responses to manage them. ManageEngine Log360 helps you secure your IT environment by
detecting unauthorized security changes on your network and alerts the people responsible
(admins, helpdesk).
Splunk Enterprise Security
Splunk Enterprise Security (ES) is a data-centric, modern security information and event
management (SIEM) solution that delivers data-driven insights for full breadth visibility into your
security posture so you can protect your business and mitigate risk at scale. With unparalleled
search and reporting, advanced analytics, integrated intelligence, and prepackaged security
content, Splunk ES accelerates threat detection and investigation, letting you determine the
scope of high-priority threats to your environment so you can quickly take action. Built on an
open and scalable data platform, you can stay agile in the face of evolving threats and business
needs.
Microsoft Sentinel
Microsoft Sentinel lets you see and stop threats before they cause harm, with SIEM reinvented
for a modern world. Microsoft Sentinel is your birds-eye view across the enterprise. Put the
cloud and large-scale intelligence from decades of Microsoft security experience to work. Make
your threat detection and response smarter and faster with artificial intelligence (AI). Eliminate
security infrastructure setup and maintenance, and elastically scale to meet your security
needs—while reducing IT costs.
Features
Available
Not-available or No mention in documentation
Vendors
Blumira
~Total Features:
54
LogPoint MELog360
47
Features
AI/Machine Learning
API
Access Controls/Permissions
Activity Monitoring
Activity Tracking
Alerts / Escalation
Alerts/Notifications
Anomaly Detection
Application Management
Application Security
Archiving & Retention
Audit Management
Audit Trail
Automated Threat Response
51
Splunk
Sentinel
76
62
Bandwidth Monitoring
Behavior Tracking
Behavioral Analytics
CPU Monitoring
Capacity Analytics
Capacity Management
Change Management Software
Cloud Application Security
Compliance Management
Compliance Tracking
Configuration Management
Connectivity Management
Content Management System
(CMS) Software
Corrective and Preventive
Actions (CAPA)
Correlation Analysis
Customizable Reports
Data Visualization
Diagnostic Tools
Email Alerts
Endpoint Management
Event Logs
File Integrity Monitoring
IP Address Monitoring
IT, Server & Network Monitoring
Software
Incident Management Software
Intrusion Detection System
Investigation Management
Software
Inventory Management Software
Log Analysis
Log Collection
Log Management Software
Log Parsing
Mobile Network Monitoring
Network Analysis
Network Monitoring
PCI/DSS Compliance Software
Patch Management
Policy Management
Real Time Analytics
Real Time Data
Real Time Monitoring
Real Time Notifications
Real Time Reporting
Remediation Management
Reporting & Statistics
Reporting/Analytics
Risk Alerts
Risk Analytics
Risk Assessment
Risk Management Software
Risk Reporting
Risk Scoring
Role-Based Permissions
Root Cause Analysis
Search/Filter
Secure Data Storage
Sensitive Data Identification
Server Logs
Service Level Agreement
Management
Single Sign On Software
Statistical Modeling
Task Management Software
Third Party Integrations
Threat Intelligence
Threshold Alerts
Ticket Management
Tokenization
Uptime Reporting
User Management
Monitor VPN session
Virtual Honeypots
Visual Analytics
Vulnerability Protection
Vulnerability Scanning
Web Traffic Reporting
Whitelisting/Blacklisting
Workflow Management Software
Pricing
Exact costs will need to be determined by contacting the sales team of vendors.
However, with further research of online reviews, each product has been placed in a
price category indicated by the number of dollar signs on a scale of 1-4. 1 dollar sign
being on the lowest end of pricing and 4-dollar signs on the highest end of pricing.
Blumira
$$-Estimated cost:
Around $640-$800 (2350-2938 AED) per month for 40-50 employees
Pricing plan:
Advanced plan for coverage of all on-premises and cloud integrations
$16/employee per month
LogPoint
$$$Estimated cost:
Must contact sales team for price quote
Pricing plan:
Licensing based on the number of devices sending data, not on the volume of your data or
events per second.
ManageEngine Log360
$$-Estimated cost:
Must contact sales team for price quote
Pricing plan:
Base pricing based on number of Domain controllers, Windows servers, Windows Workstations,
and Syslog devices.
Additional pricing for add-on features such as Active Directory reporting, UEBA, O365 auditing,
File server auditing, Threat Analytics, etc.
Splunk Enterprise Security
$$$$
Estimated cost:
Must contact sales team for price quote
Pricing plan:
SOAR and UEBA are not included in the base plan
Workload pricing: Pricing gets based on the compute capacity consumed for search and
analytics workloads. Splunk Cloud Platform workloads are measured with Splunk Virtual
Compute (SVCs) units while Splunk Enterprise and Data Stream Processor workloads are
measured with virtual Central Processing Units (vCPUs)
Ingest pricing: Ingest Pricing offers volume-based pricing to customers based on GB/day data
ingestion into Splunk products. If customers need to use more data, they can purchase the next
ingest level available.
Microsoft Sentinel
$$$Estimated cost:
Must contact sales team for price quote
Pricing plan:
Tier
Sentinel Price
Total Price
Effective Price
Savings
$3.44 per GB
Log Analytics
Price
$3.956 per GB
Pay-As-You-Go
$7.40 per GB
$7.40 per GB
N/A
100 GB per day
$172 per day
$337.12 per day
$5.10 per GB
31%
200 GB per day
$309.60 per day
$632.96 per day
$4.72 per GB
36%
300 GB per day
$447.20 per day
$928.80 per day
$509.12 per
day
$942.56 per
day
$1,376 per day
$4.59 per GB
38%
Pros and Cons
Vendors
Blumira
LogPoint
ME Log360
Splunk ES
Sentinel
Pros
Ideal for SMBs
(Small-Medium
sized businesses)
Support has
positive reviews
Cheap but
effective
Easy to implement
Highly
customizable
Easy to implement
Very user friendly
Tokenization
feature included
Good license
model – based on
number of devices
instead of volume
of data
Very user friendly
24/7 Security
Operations Team
support
1 year data
retention included
in plan
Unlimited data
ingestion, pricing
based on
employees
Limited
customization
Unrecognized
brand
Ideal for SMBs
(Small-Medium
sized businesses)
Simple UI
Complex to setup
and manage
Cons
Support has
negative reviews
Products have
previously been
exploited by
attackers
Most number of
features and
flexibility in the
current SIEM
market
Most recognized
brand in SIEM
market
Highly
customizable
Best data analysis
capabilities
Ideal if business
already invested in
MS and Azure
products
Alerts from Azure
Activity Logs, O365
Audit Logs,
SharePoint activity,
Teams, M365
Defender are free
data sources
Easy to implement
Best UI and
dashboard
customizability
Great at
processing large
volumes of data
Very costly –
additional costs for
more features
Steep learning
curve involved due
to complexities
Requires expertise
to implement
Data retention
beyond 90 days
will be charged
Costs can go up
fast with additional
features
Related documents
flyer - CERCS
flyer - CERCS
Assignment 6 pricing - University of San Diego Home Pages
Assignment 6 pricing - University of San Diego Home Pages
Examining Marketing and Business The Functions of Marketing Marketing I
Examining Marketing and Business The Functions of Marketing Marketing I
Journal Assignment 7 Due Session 14
Journal Assignment 7 Due Session 14
Checklist for Business Plan
Checklist for Business Plan
Download
advertisement