# Best Security Information and Event Management (SIEM) Software for Medium-Sized Businesses

*By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)*


Products classified in the overall Security Information and Event Management (SIEM) category are similar in many regards and help companies of all sizes solve their business problems. However, medium-sized business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Medium-Sized Business Security Information and Event Management (SIEM) to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2&#39;s buying advisors to find the right solutions within the Medium-Sized Business Security Information and Event Management (SIEM) category.

In addition to qualifying for inclusion in the Security Information and Event Management (SIEM) Software category, to qualify for inclusion in the Medium-Sized Business Security Information and Event Management (SIEM) Software category, a product must have at least 10 reviews left by a reviewer from a medium-sized business.





## Top Security Information and Event Management (SIEM) Software at a Glance
| # | Product | Rating | Best For | What Users Say |
|---|---------|--------|----------|----------------|
| 1 | [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) | 4.6/5.0 (417 reviews) | Behavioral threat detection with real-time endpoint response | "[Crowdstrike Falcon: Proactive Security, Steep Learning Curve](https://www.g2.com/survey_responses/crowdstrike-falcon-endpoint-protection-platform-review-12958852)" |
| 2 | [ManageEngine ADAudit Plus](https://www.g2.com/products/manageengine-adaudit-plus/reviews) | 4.6/5.0 (59 reviews) | — | "[Easy Setup, Powerful Reporting, and Great Value](https://www.g2.com/survey_responses/manageengine-adaudit-plus-review-12999020)" |
| 3 | [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) | 4.3/5.0 (391 reviews) | Cloud-native SIEM with unified observability | "[Centralized Logging with Intuitive Dashboards](https://www.g2.com/survey_responses/sumo-logic-review-12948839)" |
| 4 | [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews) | 4.4/5.0 (273 reviews) | Cloud-native SIEM with Microsoft ecosystem integration | "[Easy Log Ingestion Across Formats with Seamless Sentinel Integrations](https://www.g2.com/survey_responses/microsoft-sentinel-review-13073395)" |
| 5 | [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews) | 4.7/5.0 (106 reviews) | Unified SIEM with embedded MXDR for MSPs | "[Valuable Visibility with Room for Improvement](https://www.g2.com/survey_responses/todyl-security-platform-review-9155307)" |
| 6 | [Check Point Infinity Platform](https://www.g2.com/products/check-point-infinity-platform/reviews) | 4.6/5.0 (109 reviews) | Unified threat prevention across hybrid security infrastructure | "[Excellent option  Harmony Platform for security central](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11868343)" |
| 7 | [Splunk Enterprise](https://www.g2.com/products/splunk-enterprise/reviews) | 4.3/5.0 (415 reviews) | Real-time log correlation with SPL query power | "[Excellent Enterprise Observability and Log Management Solution for Hybrid Cloud Infrastructure](https://www.g2.com/survey_responses/splunk-enterprise-review-12045230)" |
| 8 | [Panther](https://www.g2.com/products/panther/reviews) | 4.7/5.0 (49 reviews) | Detection-as-code SIEM with Python-based alerting | "[Panther’s SIEM + AI Makes Triage and Threat Hunting Fast and Seamless](https://www.g2.com/survey_responses/panther-review-12919421)" |
| 9 | [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews) | 4.4/5.0 (282 reviews) | Vendor-agnostic log correlation with custom rule creation | "[QRADAR Integrates Easily and Makes Logs &amp; Alerts Report-Ready](https://www.g2.com/survey_responses/ibm-qradar-siem-review-13061810)" |
| 10 | [Cynet](https://www.g2.com/products/cynet/reviews) | 4.7/5.0 (215 reviews) | — | "[Great MDR/XDR Platform](https://www.g2.com/survey_responses/cynet-review-9481539)" |

---
## What Are the Most Common Questions About Security Information and Event Management (SIEM) Software?
*AI-generated · Last updated: May 26, 2026*
### What Security Information And Event Management Siem tools with the fastest incident response capabilities and automation features for enterprise buyers assessing?
Based on G2 reviews, buyers evaluating **Security Information and Event Management (SIEM) Software** consistently call out fast investigation, alert correlation, and automation as the biggest drivers of response speed. According to verified users, Microsoft Sentinel helps teams centralize monitoring and use playbook-based automation, while Todyl Security Platform is frequently praised for responsive MXDR support and automated actions that help teams move quickly. G2 reviewers mention Panther for speeding detection and response through detection-as-code and AI-assisted triage, and Sumo Logic for real-time search and alerting that shortens investigations. Across reviews, the fastest response experiences usually come from products that reduce manual triage, centralize visibility, and make alerts easier to act on.

**Here are some of the top-rated products on G2:**

- [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews) – praised for MXDR support, automated response actions, and centralized security operations for MSPs and lean teams
- [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) – valued for real-time search, alerting, and faster root-cause analysis during incidents
- [Panther](https://www.g2.com/products/panther/reviews) – highlighted for AI triage and detection-as-code that helps small teams investigate and tune detections faster


### What security concerns and data privacy risks when implementing SIEM solutions before signing a long-term vendor contract?
Based on G2 reviews, the most common concerns before committing to a SIEM vendor are data handling, deployment complexity, access controls, and cost-related surprises tied to log storage or ingestion. According to verified users, several cloud-native platforms raise questions about cloud dependency, outage exposure, or how much control teams have over data retention and access. G2 reviewers mention that some buyers also watch for gaps in RBAC, missing monitoring for log-source health, and the effort required to normalize or tune data once it is ingested. Reviews also suggest validating how well a product handles integrations, documentation, and reporting, since weak setup guidance or fragmented data can create operational risk after signing a long-term contract.


### What highest rated Security Information And Event Management Siem software SIEM platforms for real-time threat detection in financial services for enterprise teams with?
Based on G2 reviews, enterprise teams looking for real-time threat detection typically favor SIEM platforms that combine centralized visibility, alert correlation, and fast investigation workflows. According to verified users, Microsoft Sentinel stands out for cloud-native monitoring across hybrid environments and strong integration with Microsoft security tools. G2 reviewers also describe Splunk Enterprise Security as a strong fit when teams need broad visibility, correlation across large data sets, and structured investigations, while Palo Alto Cortex XSIAM is noted for reducing alert noise and helping analysts focus on higher-priority threats. Across reviews, the strongest options for enterprise environments are the ones that unify logs from many sources, support faster triage, and reduce manual work during ongoing monitoring.


### What Security Information And Event Management Siem top SIEM platforms compared to traditional log management approaches for threat detection?
Based on G2 reviews, users draw a clear line between traditional log management and SIEM platforms built for threat detection. Traditional log tools are often praised for centralizing and searching records, but reviewers say SIEM products go further by correlating events, prioritizing suspicious activity, and supporting faster response. According to verified users, products like Microsoft Sentinel, Sumo Logic, and Panther help teams move beyond raw log collection by adding analytics, alerting, automation, and investigation workflows. G2 reviewers mention that the biggest advantage of SIEM over basic log management is context: instead of manually piecing together events from multiple systems, teams get clearer visibility into real threats, less switching between tools, and more structured triage.

**Here are some of the top-rated products on G2:**

- [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews) – used to centralize logs, detections, and automated response across cloud, on-prem, and hybrid environments
- [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) – combines centralized log management with security monitoring, dashboards, and anomaly detection
- [Panther](https://www.g2.com/products/panther/reviews) – supports detection-as-code, AI triage, and flexible investigations beyond basic log search


### What Security Information And Event Management Siem implementation challenges and common deployment failures to avoid for organizations in highly regulated software?
Based on G2 reviews, the most common SIEM implementation challenges are setup complexity, integration gaps, alert noise, and underestimating the tuning work required after launch. According to verified users, many platforms work well once deployed, but teams run into trouble when they expect out-of-the-box value without planning for normalization, rule tuning, and onboarding of many log sources. G2 reviewers mention that confusing dashboards, weak documentation, and complicated connector setup can slow adoption, especially for regulated organizations that need dependable reporting and audit readiness. Reviews also show that poor cost planning around data ingestion or retention can become a deployment failure of its own. Teams tend to succeed when they validate integrations early and assign time for alert refinement.


### How Which organizations detect advanced threats and security breaches in real time management?
Based on G2 reviews, organizations that detect advanced threats in real time usually rely on platforms that unify endpoint, cloud, identity, and network data rather than monitoring each area in isolation. According to verified users, Todyl Security Platform is frequently described as helping MSPs and lean security teams gain proactive visibility through SIEM, MXDR, and centralized monitoring. G2 reviewers also mention Microsoft Sentinel for hybrid visibility and automated response workflows, while Panther and Palo Alto Cortex XSIAM are noted for reducing alert fatigue and surfacing higher-priority incidents faster. Across reviews, the teams getting the best real-time results are the ones using platforms that correlate activity automatically, support investigation speed, and reduce the manual work of sorting through raw alerts.


### What most trusted SIEM tools by Security Operations Center managers based on user reviews?
Based on G2 reviews, SOC managers tend to trust SIEM platforms that consistently improve analyst efficiency, reduce alert noise, and provide clear investigation context. According to verified users, Todyl Security Platform earns trust for its responsive MXDR team, centralized management, and support for MSP and SOC workflows. G2 reviewers also frequently praise Sumo Logic for fast search, observability across environments, and quicker incident troubleshooting, while Panther is trusted for detection-as-code, AI-assisted triage, and strong support for modern security teams. Across reviews, trust is usually tied less to breadth of features alone and more to how reliably a platform helps teams investigate, prioritize, and respond without creating excessive operational overhead.

**Here are some of the top-rated products on G2:**

- [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews) – trusted for centralized security workflows, responsive support, and MXDR collaboration
- [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) – trusted for fast search, alerting, and cross-team visibility for operations and security
- [Panther](https://www.g2.com/products/panther/reviews) – trusted for modern SecOps workflows, strong support, and AI-powered investigations


### What compliance requirements drive security event monitoring and alerting strategies for organizations evaluating solutions?
Based on G2 reviews, compliance needs often shape how organizations evaluate event monitoring, log retention, reporting, and alerting. According to verified users, teams frequently mention audit readiness, security reporting, and visibility into user activity as major reasons for adopting SIEM platforms. G2 reviewers point to use cases tied to compliance reviews, internal audits, and controls tracking, especially where organizations need searchable historical logs, centralized dashboards, and easier evidence collection. Reviews of tools like Sumo Logic, EventSentry, and ManageEngine products show that buyers want alerting that supports both active threat response and proof of oversight. In practice, compliance-driven strategies focus on retaining the right logs, monitoring critical changes, and making reports easier to produce during reviews.


### What SIEM solutions that integrate seamlessly with existing security infrastructure and tools to identify the best?
Based on G2 reviews, the best-integrating SIEM solutions are usually the ones that connect quickly to existing cloud services, endpoint tools, and identity or firewall data sources without extensive custom work. According to verified users, Microsoft Sentinel is often chosen for smooth integration across Azure, Microsoft 365, Defender, and Entra environments. G2 reviewers also describe Todyl Security Platform as effective for consolidating multiple security functions and integrating Microsoft, firewall, and remote-access use cases, while Sumo Logic is praised for broad cloud integrations and centralized monitoring. Across reviews, strong integration usually means faster onboarding, better visibility across the environment, and less time spent stitching together separate dashboards during investigations.


### How what are the main challenges with managing security logs across multiple systems?
Based on G2 reviews, the biggest challenge with managing security logs across multiple systems is fragmentation. According to verified users, teams lose time when logs live in separate tools, use different schemas, or require manual correlation during investigations. G2 reviewers mention that alert noise, missed context, and inconsistent normalization also make it harder to spot meaningful issues quickly. Cost management is another recurring issue, especially when ingestion and retention grow faster than expected. Reviews repeatedly show that teams want one place to search, correlate, and retain logs without babysitting many connectors or switching dashboards. In practice, the hardest part is not collecting logs alone, but making them searchable, consistent, and actionable enough to support faster threat detection and response.




## G2 Grid® for Security Information and Event Management (SIEM) Software
![G2 Grid® for Security Information and Event Management (SIEM) Software plotting products by satisfaction and market presence](https://www.g2.com/categories/security-information-and-event-management-siem/grids.png?focus%5B%5D=68606&focus%5B%5D=5691&focus%5B%5D=58203&focus%5B%5D=122123&focus%5B%5D=112657&focus%5B%5D=70840&focus%5B%5D=27399&focus%5B%5D=10436)
Highlighted products: CrowdStrike Falcon Endpoint Protection Platform, ManageEngine ADAudit Plus, Check Point Infinity Platform, Microsoft Sentinel, Panther, Cynet, IBM QRadar SIEM, and Sumo Logic.
Underlying data: [Grid® JSON](https://www.g2.com/categories/security-information-and-event-management-siem/grids.json?focus%5B%5D=crowdstrike-falcon-endpoint-protection-platform&amp;focus%5B%5D=manageengine-adaudit-plus&amp;focus%5B%5D=check-point-infinity-platform&amp;focus%5B%5D=microsoft-sentinel&amp;focus%5B%5D=panther&amp;focus%5B%5D=cynet&amp;focus%5B%5D=ibm-ibm-qradar-siem&amp;focus%5B%5D=sumo-logic&amp;segment=mid-market)


## How Many Security Information and Event Management (SIEM) Software Products Does G2 Track?
**Total Products under this Category:** 119

### Category Stats (Jul 2026)
- **Average Rating**: 4.43/5 (↓0.01 vs Jun 2026) The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: ManageEngine ADAudit Plus (+3.84%) - Among all products in this category, ManageEngine ADAudit Plus recorded the largest rating increase compared to last month
*Last updated: July 14, 2026*


## How Does G2 Rank Security Information and Event Management (SIEM) Software Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 5,800+ Authentic Reviews
- 119+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


## Which Security Information and Event Management (SIEM) Software Is Best for Your Use Case?

- **Best for Small Businesses:** [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews)
- **Best for Mid-Market:** [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews)
- **Best for Enterprise:** [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews)
- **Highest User Satisfaction:** [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews)
- **Best Free Software:** [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews)


---

**Sponsored**

### NetWatch OPS

Netwatch OPS, Secure OPS, and AI Ops are three flagship products from netwatch.ai, designed to provide a unified and intelligent platform for managing and securing your entire IT environment. Each product serves a specific purpose, collectively enhancing the efficiency and security of IT operations. Netwatch OPS is a comprehensive monitoring solution that focuses on server, network, and application performance. It delivers real-time insights into hardware performance, network traffic, and application load, consolidating data across your infrastructure. This level of visibility ensures that systems operate at peak efficiency, allowing IT teams to identify and address issues before they escalate into significant problems. The tool is particularly beneficial for organizations that rely on complex IT infrastructures, enabling them to maintain optimal performance and minimize downtime. Secure OPS builds upon the foundational monitoring capabilities of Netwatch OPS by integrating advanced security features. This product continuously analyzes the IT environment for vulnerabilities, threats, and anomalies, providing proactive security insights. By identifying potential breaches before they occur, Secure OPS helps organizations safeguard their sensitive data and maintain compliance with industry regulations. This is especially crucial for businesses operating in sectors where data security is paramount, such as finance and healthcare. AI Ops leverages artificial intelligence and machine learning to automate the detection, analysis, and response to complex cybersecurity incidents. By synthesizing data from multiple sources, AI Ops prioritizes alerts based on severity and predicts potential issues, enabling rapid and effective responses. This automation not only reduces the burden on IT teams but also enhances the overall security posture of the organization. AI Ops is particularly useful for organizations facing a high volume of alerts, as it helps streamline incident management and ensures that critical threats are addressed promptly. The platform also features multi-channel alerting, delivering notifications via email, SMS, or integrations with collaboration tools like Slack and Microsoft Teams. Alerts are categorized by severity—Critical, Warning, or Information—allowing teams to prioritize their responses effectively. Additionally, incident escalation policies are embedded within the system, automating escalation procedures to ensure that critical issues receive prompt attention from the appropriate stakeholders. Together, Netwatch OPS, Secure OPS, and AI Ops form a comprehensive ecosystem that not only monitors and manages IT systems but also enhances security through intelligent automation and real-time analytics. This integrated approach positions netwatch.ai as a leader in innovative cybersecurity and IT operations management, providing organizations with the tools they need to navigate the complexities of modern IT environments.



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=1081&amp;secure%5Bchosen_at%5D=2026-07-14T19%3A30%3A21Z&amp;secure%5Bdisplayable_resource_id%5D=1081&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=page_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=1081&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=1424823&amp;secure%5Bresource_id%5D=1081&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fsecurity-information-and-event-management-siem%2Fmid-market&amp;secure%5Btoken%5D=dd41e6dd4f0913bf9fffa7a095d7fa459cbf2fdffe37a3514fbd41878c56e31e&amp;secure%5Burl%5D=https%3A%2F%2Fnetwatch.ai%2Fcontact&amp;secure%5Burl_type%5D=book_demo)

---

## What Are the Top-Rated Security Information and Event Management (SIEM) Software Products in 2026?
### 1. [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews)
Organizations today face a serious challenge: managing numerous security vendors and tools while confronting an ever-evolving threat landscape. Sophisticated adversaries are becoming smarter, faster, and more evasive, launching complex attacks that can strike in minutes or even seconds. Traditional security approaches struggle to keep pace, leaving businesses vulnerable. The CrowdStrike Falcon Platform addresses this by offering a unified, cloud-native solution. It consolidates previously siloed security solutions and incorporates third-party data into a single platform with one efficient and resource-conscious agent, leveraging advanced AI and real-time threat intelligence. This approach simplifies security operations, speeds analyst decision making, and enhances protection to stop the breach, allowing organizations to reduce risk with less complexity and lower costs. CrowdStrike&#39;s Falcon Platform includes: - Endpoint Security: Secure the endpoint, stop the breach - Identify Protection: Identity is the front line, defend it - Next-Gen SIEM: The future of SIEM, today - Data Protection: Real-time data protection from endpoint to cloud - Exposure Management: Understand risk to stop breaches - Charlotte AI: Powering the next evolution of the SOC


**Average Rating:** 4.6/5.0
**Total Reviews:** 417
**How Do G2 Users Rate CrowdStrike Falcon Endpoint Protection Platform?**

- **Activity Monitoring:** 9.5/10 (Category avg: 9.1/10)
- **Data Examination:** 8.8/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.0/10 (Category avg: 8.7/10)
- **Log Management:** 8.7/10 (Category avg: 9.1/10)

**Who Is the Company Behind CrowdStrike Falcon Endpoint Protection Platform?**

- **Seller:** [CrowdStrike](https://www.g2.com/sellers/crowdstrike)
- **Company Website:** https://www.crowdstrike.com
- **Year Founded:** 2011
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @CrowdStrike (110,809 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2497653/ (11,343 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Analyst, Cyber Security Analyst
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 43% Enterprise, 43% Mid-Market


#### What Are CrowdStrike Falcon Endpoint Protection Platform's Pros and Cons?

**Pros:**

- Features (113 reviews)
- Threat Detection (103 reviews)
- Ease of Use (98 reviews)
- Security (97 reviews)
- Detection (86 reviews)

**Cons:**

- Expensive (54 reviews)
- Complexity (39 reviews)
- Learning Curve (35 reviews)
- Limited Features (31 reviews)
- Pricing Issues (29 reviews)


### What Do G2 Reviewers Say About CrowdStrike Falcon Endpoint Protection Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise the **lightweight performance and powerful threat detection** of CrowdStrike Falcon, enhancing security without system lag.
- Users value the **powerful threat detection** capabilities of CrowdStrike Falcon, ensuring effective protection without sacrificing performance.
- Users appreciate the **ease of use** of CrowdStrike Falcon, benefiting from a lightweight agent that maximizes efficiency.
- Users value the **advanced real-time threat protection** of CrowdStrike Falcon, ensuring effective security without system performance impact.
- Users appreciate the **highly accurate detection** of CrowdStrike Falcon, effectively stopping modern attacks with minimal false positives.

**Cons:**

- Users find the **high cost** of CrowdStrike Falcon a barrier, especially for smaller teams and organizations.
- Users often face **initial complexity and a steep learning curve** with CrowdStrike Falcon, impacting accessibility for non-technical staff.
- Users face a **steep learning curve** with CrowdStrike&#39;s query language, making quick searches and investigations challenging.
- Users find the **limited features** of CrowdStrike Falcon costly for smaller organizations, as advanced options need extra licensing.
- Users find that **pricing issues** may limit access to advanced features for smaller organizations.

#### What Are Recent G2 Reviews of CrowdStrike Falcon Endpoint Protection Platform?

**"[Crowdstrike Falcon: Proactive Security, Steep Learning Curve](https://www.g2.com/survey_responses/crowdstrike-falcon-endpoint-protection-platform-review-12958852)"**

**Rating:** 5.0/5.0 stars
*— Ansh B.*

[Read full review](https://www.g2.com/survey_responses/crowdstrike-falcon-endpoint-protection-platform-review-12958852)

---

**"[Lightweight Deployment, Powerful Incident Response Visibility](https://www.g2.com/survey_responses/crowdstrike-falcon-endpoint-protection-platform-review-12952621)"**

**Rating:** 5.0/5.0 stars
*— Anup A.*

[Read full review](https://www.g2.com/survey_responses/crowdstrike-falcon-endpoint-protection-platform-review-12952621)

---


#### What Are G2 Users Discussing About CrowdStrike Falcon Endpoint Protection Platform?

- [How does Falcon prevent work?](https://www.g2.com/discussions/how-does-falcon-prevent-work) - 1 comment
- [Does CrowdStrike offer MFA?](https://www.g2.com/discussions/does-crowdstrike-offer-mfa) - 1 comment
- [What is OverWatch in CrowdStrike?](https://www.g2.com/discussions/what-is-overwatch-in-crowdstrike) - 1 comment
- [How much does CrowdStrike Falcon X cost?](https://www.g2.com/discussions/how-much-does-crowdstrike-falcon-x-cost)
- [What is MDR detection?](https://www.g2.com/discussions/what-is-mdr-detection)

### 2. [ManageEngine ADAudit Plus](https://www.g2.com/products/manageengine-adaudit-plus/reviews)
ADAudit Plus is a UBA-driven auditor that helps keep your AD, Azure AD, file systems (including Windows, NetApp, EMC, Synology, Hitachi, and Huawei), Windows servers, and workstations secure and compliant. ADAudit Plus transforms raw and noisy event log data into real-time reports and alerts, enabling you to get full visibility into activities happening across your Windows Server ecosystem in just a few clicks. More than 10,000 organizations across the world trust ADAudit Plus to: 1. Instantly notify them about changes in their Windows Server environments. 2. Continuously track Windows user logon activity. 3. Monitor the active and idle time spent by employees at their workstations. 4. Detect and troubleshoot AD account lockouts. 5. Provide a consolidated audit trail of privileged user activities across their domains. 6. Track changes and sign-ins in Azure AD. 7. Audit file accesses across Windows, NetApp, EMC, Synology, Hitachi, and Huawei file systems. 8. Monitor file integrity across local files residing on Windows systems. 9. Mitigate insider threats by leveraging UBA and response automation. 10. Generate audit-ready compliance reports for SOX, the GDPR, and other IT mandates.


**Average Rating:** 4.6/5.0
**Total Reviews:** 59
**How Do G2 Users Rate ManageEngine ADAudit Plus?**

- **Activity Monitoring:** 9.4/10 (Category avg: 9.1/10)
- **Data Examination:** 8.5/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.8/10 (Category avg: 8.7/10)
- **Log Management:** 8.8/10 (Category avg: 9.1/10)

**Who Is the Company Behind ManageEngine ADAudit Plus?**

- **Seller:** [Zoho](https://www.g2.com/sellers/zoho-b00ca9d5-bca8-41b5-a8ad-275480841704)
- **Year Founded:** 1996
- **HQ Location:** Austin, TX
- **Twitter:** @Zoho (137,880 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/38373/ (30,766 employees on LinkedIn®)
- **Phone:** +1 (888) 900-9646 

**Who Uses This Product?**
- **Top Industries:** Hospital &amp; Health Care, Information Technology and Services
- **Company Size:** 59% Mid-Market, 32% Enterprise


#### What Are ManageEngine ADAudit Plus's Pros and Cons?

**Pros:**

- Reporting (3 reviews)
- Dashboard Usability (2 reviews)
- Features (2 reviews)
- Dashboard Design (1 reviews)
- Detailed Information (1 reviews)

**Cons:**

- Alert Management (1 reviews)
- Data Overload (1 reviews)
- Expensive (1 reviews)
- False Positives (1 reviews)
- High Resource Usage (1 reviews)


### What Do G2 Reviewers Say About ManageEngine ADAudit Plus?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **comprehensive reporting tools** of ManageEngine ADAudit Plus, offering excellent visibility into AD environments.
- Users appreciate the **clean and intuitive dashboard** of ADAudit Plus, providing excellent visibility into Active Directory events.
- Users appreciate the **easy setup and extensive reporting options** of ManageEngine ADAudit Plus, enhancing their auditing experience.
- Users value the **insightful dashboard design** of ADAudit Plus, providing a clear overview of their Active Directory environment.
- Users value the **comprehensive dashboard and customizable reporting options** of ADAudit Plus for effective Active Directory management.

**Cons:**

- Users find the **limited alert levels** restrictive, wishing for a more customizable alert system to enhance monitoring.
- Users find the **data overload** challenging, making it hard to locate specific reports despite a helpful search feature.
- Users find the product **expensive** , especially considering the support quality and language clarity issues.
- Users find the **false positives** to be overwhelming, complicating report navigation despite having a useful search feature.
- Users are frustrated by the **high resource usage** of ManageEngine ADAudit Plus, which impacts system performance significantly.

#### What Are Recent G2 Reviews of ManageEngine ADAudit Plus?

**"[Easy Setup, Powerful Reporting, and Great Value](https://www.g2.com/survey_responses/manageengine-adaudit-plus-review-12999020)"**

**Rating:** 4.5/5.0 stars
*— Ryan A.*

[Read full review](https://www.g2.com/survey_responses/manageengine-adaudit-plus-review-12999020)

---

**"[Great Tool for Active Directory Auditing and Investigations](https://www.g2.com/survey_responses/manageengine-adaudit-plus-review-13001820)"**

**Rating:** 5.0/5.0 stars
*— Jose R.*

[Read full review](https://www.g2.com/survey_responses/manageengine-adaudit-plus-review-13001820)

---


#### What Are G2 Users Discussing About ManageEngine ADAudit Plus?

- [What does AD audit do?](https://www.g2.com/discussions/what-does-ad-audit-do)
- [Is Ad audit plus a SIEM?](https://www.g2.com/discussions/is-ad-audit-plus-a-siem)
- [What is ManageEngine Audit Plus?](https://www.g2.com/discussions/what-is-manageengine-audit-plus)
- [What does ADAudit plus do?](https://www.g2.com/discussions/what-does-adaudit-plus-do)

### 3. [Check Point Infinity Platform](https://www.g2.com/products/check-point-infinity-platform/reviews)
Check Point Infinity is the only fully consolidated cyber security architecture that provides unprecedented protection against Gen V mega-cyber attacks as well as future cyber threats across all networks, endpoint, cloud and mobile. The architecture is designed to resolve the complexities of growing connectivity and inefficient security.


**Average Rating:** 4.6/5.0
**Total Reviews:** 109
**How Do G2 Users Rate Check Point Infinity Platform?**

- **Ease of Use:** 9.1/10 (Category avg: 8.7/10)

**Who Is the Company Behind Check Point Infinity Platform?**

- **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies)
- **Year Founded:** 1993
- **HQ Location:** Redwood City, CA
- **Twitter:** @CheckPointSW (70,955 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,554 employees on LinkedIn®)
- **Ownership:** NASDAQ:CHKP

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 44% Enterprise, 37% Mid-Market


#### What Are Check Point Infinity Platform's Pros and Cons?

**Pros:**

- Cloud Security (20 reviews)
- Cloud Integration (16 reviews)
- Detection (16 reviews)
- Comprehensive Security (14 reviews)
- Cloud Services (13 reviews)

**Cons:**

- Learning Curve (10 reviews)
- Complexity (6 reviews)
- Improvement Needed (6 reviews)
- Poor Support Services (6 reviews)
- Limited Customization (5 reviews)


### What Do G2 Reviewers Say About Check Point Infinity Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **advanced security features** of Check Point Infinity Platform, effectively preventing future attacks on cloud applications.
- Users value the **cloud security features** of Check Point Infinity Platform for efficient audits and seamless management.
- Users highlight the **proactive threat detection** of Check Point Infinity Platform, ensuring robust security for cloud applications.
- Users appreciate the **comprehensive security** features of Check Point Infinity Platform, ensuring robust protection for cloud environments.
- Users appreciate the **advanced cloud security features** of Check Point Infinity, ensuring robust protection and ease of use.

**Cons:**

- Users find the **steep learning curve** challenging, particularly due to the complex setup and limited documentation.
- Users find the **complexity** of Check Point Infinity Platform&#39;s setup and documentation a challenge for effective management.
- Users feel the **improvement needed** in security shifting and support affects the effectiveness of the Check Point Infinity Platform.
- Users find the **poor support services** of Check Point Infinity Platform to be lacking and in need of improvement.
- Users find **limited customization** of rulesets and metrics hampers their ability to assess environments effectively.

#### What Are Recent G2 Reviews of Check Point Infinity Platform?

**"[Excellent option  Harmony Platform for security central](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11868343)"**

**Rating:** 4.5/5.0 stars
*— Tania V.*

[Read full review](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11868343)

---

**"[Seamless Hybrid Security Integration Across All Environments](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11954684)"**

**Rating:** 4.5/5.0 stars
*— Sonu S.*

[Read full review](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11954684)

---


#### What Are G2 Users Discussing About Check Point Infinity Platform?

- [How does Check Point Infinity help customers?](https://www.g2.com/discussions/how-does-check-point-infinity-help-customers)
- [What are the benefits of Check Point unified security architecture?](https://www.g2.com/discussions/what-are-the-benefits-of-check-point-unified-security-architecture)
- [What are the 4 components of the Infinity architecture?](https://www.g2.com/discussions/what-are-the-4-components-of-the-infinity-architecture)
- [What is Infinity Total protection?](https://www.g2.com/discussions/what-is-infinity-total-protection)

### 4. [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews)
Microsoft Sentinel lets you see and stop threats before they cause harm, with SIEM reinvented for a modern world. Microsoft Sentinel is your birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make your threat detection and response smarter and faster with artificial intelligence (AI). Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can: - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft -Respond to incidents rapidly with built-in orchestration and automation of common tasks


**Average Rating:** 4.4/5.0
**Total Reviews:** 273
**How Do G2 Users Rate Microsoft Sentinel?**

- **Activity Monitoring:** 8.9/10 (Category avg: 9.1/10)
- **Data Examination:** 8.5/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.5/10 (Category avg: 8.7/10)
- **Log Management:** 8.8/10 (Category avg: 9.1/10)

**Who Is the Company Behind Microsoft Sentinel?**

- **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft)
- **Year Founded:** 1975
- **HQ Location:** Redmond, Washington
- **Twitter:** @microsoft (13,091,739 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (231,632 employees on LinkedIn®)
- **Ownership:** MSFT

**Who Uses This Product?**
- **Who Uses This:** Security Analyst, Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 42% Enterprise, 31% Mid-Market


#### What Are Microsoft Sentinel's Pros and Cons?

**Pros:**

- Real-time Monitoring (27 reviews)
- Alerting (23 reviews)
- Dashboard Usability (21 reviews)
- Response Time (16 reviews)
- Data Management (15 reviews)

**Cons:**

- Cloud Dependency (12 reviews)
- Complex Configuration (12 reviews)
- Configuration Issues (11 reviews)
- Difficult Setup (10 reviews)
- Poor Interface Design (9 reviews)


### What Do G2 Reviewers Say About Microsoft Sentinel?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **real-time monitoring** feature of Microsoft Sentinel, enabling swift detection and response to security threats.
- Users value the **automated alert response** feature in Microsoft Sentinel, enhancing security and streamlining monitoring processes.
- Users appreciate the **intuitive dashboard usability** of Microsoft Sentinel, enabling efficient tracking and management of security analytics.
- Users value the **fast threat response** of Microsoft Sentinel, enhancing security and minimizing risks effectively.
- Users value the **seamless data management** features of Microsoft Sentinel, enhancing security and streamlining workflows efficiently.

**Cons:**

- Users express concerns about **cloud dependency** , noting connectivity issues and a reliance on Microsoft software.
- Users find the **complex configuration** of Microsoft Sentinel challenging without dedicated technical expertise, leading to a steep learning curve.
- Users face **configuration issues** with Microsoft Sentinel, requiring technical expertise and time for effective setup and integration.
- Users find the **difficult setup** of Microsoft Sentinel challenging, often requiring dedicated experts and training for effective use.
- Users face challenges with the **poor interface design** of Microsoft Sentinel, making navigation and understanding features difficult.

#### What Are Recent G2 Reviews of Microsoft Sentinel?

**"[Easy Log Ingestion Across Formats with Seamless Sentinel Integrations](https://www.g2.com/survey_responses/microsoft-sentinel-review-13073395)"**

**Rating:** 4.5/5.0 stars
*— Sandip K.*

[Read full review](https://www.g2.com/survey_responses/microsoft-sentinel-review-13073395)

---

**"[Strong Centralized Visibility and Scalable Detection for Faster SOC Response](https://www.g2.com/survey_responses/microsoft-sentinel-review-12823175)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/microsoft-sentinel-review-12823175)

---


#### What Are G2 Users Discussing About Microsoft Sentinel?

- [What is Microsoft Sentinel used for?](https://www.g2.com/discussions/what-is-microsoft-sentinel-used-for) - 3 comments, 2 upvotes
- [Why should I use Azure Sentinel?](https://www.g2.com/discussions/why-should-i-use-azure-sentinel) - 1 comment
- [Which feature provides the extended detection and response capabilities of Azure Sentinel?](https://www.g2.com/discussions/which-feature-provides-the-extended-detection-and-response-capabilities-of-azure-sentinel)
- [What is the difference between Azure security Center and Azure Sentinel?](https://www.g2.com/discussions/what-is-the-difference-between-azure-security-center-and-azure-sentinel)
- [What does Azure Sentinel provide?](https://www.g2.com/discussions/what-does-azure-sentinel-provide)

### 5. [Cynet](https://www.g2.com/products/cynet/reviews)
Cynet is the unified, AI-powered cybersecurity platform that delivers robust and comprehensive protection for security teams while maximizing operational efficiency for managed service providers (MSPs). This platform consolidates a wide array of security capabilities into a single, user-friendly interface, ensuring that organizations can effectively safeguard their digital assets without the complexity often associated with multi-solution environments. Cynet’s platform simplifies security management by integrating various functionalities, such as endpoint protection, threat detection, and incident response, into one cohesive system. This integration not only streamlines operations but also allows organizations to allocate their resources more effectively, ultimately enhancing their overall security posture. One of the standout features of Cynet’s platform is its remarkable performance in the MITRE ATT&amp;CK Evaluations. Cynet delivered 100% visibility and 100% analytic coverage without requiring any configuration changes three years in a row. This capability ensures that organizations can monitor their environments comprehensively and respond to threats with precision. The platform’s built-in analytics and reporting tools provide actionable insights, enabling users to make informed decisions about their cybersecurity strategies. Additionally, Cynet offers 24/7 expert support, which is crucial for organizations that may not have in-house cybersecurity expertise. This round-the-clock assistance ensures that users can quickly address any security incidents or concerns, minimizing potential downtime and damage. The combination of advanced technology and dedicated support positions Cynet as a valuable partner for SMEs and service providers looking to enhance their cybersecurity measures. In summary, Cynet’s unified, AI-powered cybersecurity platform stands out in the crowded cybersecurity market by offering a unified solution tailored to the needs of MSPs. Its comprehensive features, exceptional performance in industry evaluations, and continuous expert support make it a compelling choice for organizations seeking to bolster their cybersecurity defenses while maintaining operational efficiency.


**Average Rating:** 4.7/5.0
**Total Reviews:** 215
**How Do G2 Users Rate Cynet?**

- **Activity Monitoring:** 9.4/10 (Category avg: 9.1/10)
- **Data Examination:** 8.8/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.1/10 (Category avg: 8.7/10)
- **Log Management:** 8.9/10 (Category avg: 9.1/10)

**Who Is the Company Behind Cynet?**

- **Seller:** [Cynet](https://www.g2.com/sellers/cynet)
- **Company Website:** https://www.cynet.com/
- **Year Founded:** 2014
- **HQ Location:** Boston, MA
- **LinkedIn® Page:** https://www.linkedin.com/company/cynet-security/ (332 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** SOC Analyst, Technical Engineer
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 58% Mid-Market, 30% Small-Business


#### What Are Cynet's Pros and Cons?

**Pros:**

- Ease of Use (48 reviews)
- Features (36 reviews)
- Threat Detection (34 reviews)
- Customer Support (32 reviews)
- Security (31 reviews)

**Cons:**

- Limited Customization (11 reviews)
- Feature Limitations (10 reviews)
- Lack of Customization (10 reviews)
- Limited Features (10 reviews)
- Missing Features (10 reviews)


### What Do G2 Reviewers Say About Cynet?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of Cynet&#39;s platform, appreciating its straightforward interface and comprehensive features.
- Users value the **unified platform** of Cynet for its simplicity and comprehensive endpoint protection and detection features.
- Users value Cynet&#39;s **comprehensive threat detection** , effectively monitoring and blocking threats while operating seamlessly in the background.
- Users commend Cynet for its **exceptional customer support** , ensuring a smooth deployment and effective threat management.
- Users praise Cynet for its **flawless threat monitoring and detection** , enhancing overall cybersecurity with seamless functionality.

**Cons:**

- Users find **limited customization** options in Cynet&#39;s reporting, leading to repetitive data management and unmet advanced user needs.
- Users find **feature limitations** in Cynet, especially in customization options and integrations with external tools.
- Users face a **lack of customization** in reporting, leading to limited options for tailored data presentation.
- Users note **limited features** , like restricted reporting customization and fewer third-party integrations, limiting overall flexibility.
- Users note a **lack of essential features** like web filtering and firewall options in Cynet&#39;s offerings.

#### What Are Recent G2 Reviews of Cynet?

**"[Cynet delivers a standout XDR at a reasonable price.](https://www.g2.com/survey_responses/cynet-review-13072458)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Computer &amp; Network Security*

[Read full review](https://www.g2.com/survey_responses/cynet-review-13072458)

---

**"[Great MDR/XDR Platform](https://www.g2.com/survey_responses/cynet-review-9481539)"**

**Rating:** 4.5/5.0 stars
*— JEROME J.*

[Read full review](https://www.g2.com/survey_responses/cynet-review-9481539)

---


#### What Are G2 Users Discussing About Cynet?

- [What is Cynet 360 AutoXDR™ used for?](https://www.g2.com/discussions/what-is-cynet-360-autoxdr-used-for)
- [What is cynet XDR?](https://www.g2.com/discussions/what-is-cynet-xdr) - 1 comment
- [What is cynet used for?](https://www.g2.com/discussions/what-is-cynet-used-for) - 1 comment
- [Is cynet 360 good?](https://www.g2.com/discussions/is-cynet-360-good) - 3 comments
- [How much does cynet cost?](https://www.g2.com/discussions/how-much-does-cynet-cost) - 1 comment

### 6. [Panther](https://www.g2.com/products/panther/reviews)
Panther is the AI SOC Platform that scales security expertise by embedding AI agents across your security operations with native access to your data lake, detection logic, and organizational knowledge. Unlike bolt-on tools, Panther&#39;s closed-loop architecture turns every alert into compounding intelligence that makes the system smarter over time. Request a demo today at: https://panther.com/product/request-a-demo/


**Average Rating:** 4.7/5.0
**Total Reviews:** 49
**How Do G2 Users Rate Panther?**

- **Activity Monitoring:** 9.3/10 (Category avg: 9.1/10)
- **Data Examination:** 9.4/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.9/10 (Category avg: 8.7/10)
- **Log Management:** 9.7/10 (Category avg: 9.1/10)

**Who Is the Company Behind Panther?**

- **Seller:** [Panther Labs](https://www.g2.com/sellers/panther-labs)
- **Company Website:** https://panther.com/
- **Year Founded:** 2018
- **HQ Location:** San Francisco, CA
- **Twitter:** @runpanther (4,437 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/runpanther/ (300 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Senior Security Engineer
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 53% Mid-Market, 29% Enterprise


#### What Are Panther's Pros and Cons?

**Pros:**

- Customer Support (13 reviews)
- Detection Efficiency (12 reviews)
- Ease of Use (12 reviews)
- Easy Integrations (11 reviews)
- Features (11 reviews)

**Cons:**

- Missing Features (5 reviews)
- Complexity (4 reviews)
- Alert Management (3 reviews)
- Complex Configuration (3 reviews)
- Dashboard Issues (3 reviews)


### What Do G2 Reviewers Say About Panther?
*AI-generated summary from verified user reviews*

**Pros:**

- Users rave about Panther&#39;s **exceptional customer support** , noting quick resolutions and a strong commitment to customer success.
- Users highlight Panther&#39;s **detection efficiency** , noting its robust functionality and effective AI for security operations.
- Users find Panther to have a **user-friendly interface** that makes navigation simple and intuitive for everyone.
- Users value the **easy integrations** of Panther, making setup seamless and enhancing overall operational efficiency.
- Users appreciate the **meaningful features** of Panther, highlighting its ease of use and constant improvements tailored to needs.

**Cons:**

- Users find Panther&#39;s **missing features** frustrating, particularly in detection rule management and response workflows.
- Users find the **complexity in version management and steep learning curve** challenging, especially for non-technical teams.
- Users feel the **Alert Management** lacks basic summaries and customization options, making it challenging to optimize alerts.
- Users find the **complex configuration** of Panther challenging, requiring extensive customization for effective deployment and integration.
- Users express concerns over the **immaturity of dashboard features** , limiting complex analysis and customization options in Panther.

#### What Are Recent G2 Reviews of Panther?

**"[Panther’s SIEM + AI Makes Triage and Threat Hunting Fast and Seamless](https://www.g2.com/survey_responses/panther-review-12919421)"**

**Rating:** 5.0/5.0 stars
*— Richard E.*

[Read full review](https://www.g2.com/survey_responses/panther-review-12919421)

---

**"[Panther Makes Security Operations Simpler and Faster](https://www.g2.com/survey_responses/panther-review-12890548)"**

**Rating:** 5.0/5.0 stars
*— Busra K.*

[Read full review](https://www.g2.com/survey_responses/panther-review-12890548)

---


#### What Are G2 Users Discussing About Panther?

- [What is Panther used for?](https://www.g2.com/discussions/what-is-panther-used-for) - 1 comment

### 7. [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews)
Outsmart threats with an end-to-end award-winning security suite; proven to prevent, endure and recover from both known &amp; unknown IT hazards faced by SoCs in the modern-day.


**Average Rating:** 4.4/5.0
**Total Reviews:** 282
**How Do G2 Users Rate IBM QRadar SIEM?**

- **Activity Monitoring:** 8.7/10 (Category avg: 9.1/10)
- **Data Examination:** 8.3/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.4/10 (Category avg: 8.7/10)
- **Log Management:** 8.8/10 (Category avg: 9.1/10)

**Who Is the Company Behind IBM QRadar SIEM?**

- **Seller:** [IBM](https://www.g2.com/sellers/ibm)
- **Year Founded:** 1911
- **HQ Location:** Armonk, New York, United States
- **Twitter:** @IBMSecurity (74,660 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (328,202 employees on LinkedIn®)
- **Ownership:** SWX:IBM

**Who Uses This Product?**
- **Who Uses This:** SOC Analyst, Security Engineer
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 52% Enterprise, 29% Mid-Market


#### What Are IBM QRadar SIEM's Pros and Cons?

**Pros:**

- Ease of Use (23 reviews)
- Integrations (19 reviews)
- Features (18 reviews)
- Easy Integrations (15 reviews)
- User Interface (15 reviews)

**Cons:**

- UX Improvement (11 reviews)
- Expensive (9 reviews)
- Cost (7 reviews)
- Dashboard Issues (7 reviews)
- Time-Consuming (7 reviews)


### What Do G2 Reviewers Say About IBM QRadar SIEM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find IBM QRadar SIEM to be **user-friendly** , facilitating seamless integration and management of security operations.
- Users value the **flexibility in integration** with multiple log sources, enhancing functionality and threat management capabilities.
- Users appreciate the **advanced threat detection and centralized log management** features of IBM QRadar SIEM, enhancing security measures.
- Users value the **easy integrations** of IBM QRadar SIEM, enhancing functionality and streamlining security operations.
- Users find the **user-friendly interface** of IBM QRadar SIEM easy for non-tech individuals to navigate effectively.

**Cons:**

- Users highlight the **poor UX in the new UI** of QRadar SIEM, which complicates offense searches and reporting.
- Users find IBM QRadar SIEM to be **expensive** , which can be a challenge for smaller organizations seeking value.
- Users find the **high cost** of IBM QRadar SIEM challenging, especially for smaller organizations needing support and services.
- Users face **dashboard issues** with QRadar, noting limitations in editing and customization that hinder usability.
- Users experience **time-consuming search processes** due to log fetching failures and complicated query handling in QRadar SIEM.

#### What Are Recent G2 Reviews of IBM QRadar SIEM?

**"[QRADAR Integrates Easily and Makes Logs &amp; Alerts Report-Ready](https://www.g2.com/survey_responses/ibm-qradar-siem-review-13061810)"**

**Rating:** 4.5/5.0 stars
*— Zahid A.*

[Read full review](https://www.g2.com/survey_responses/ibm-qradar-siem-review-13061810)

---

**"[Strong Correlation, Mature Security Monitoring, and Compliance Reporting](https://www.g2.com/survey_responses/ibm-qradar-siem-review-12986703)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/ibm-qradar-siem-review-12986703)

---



### 8. [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews)
Sumo Logic, Inc. unifies and analyzes enterprise data, translating it into actionable insights through one AI-powered cloud-native log analytics platform. This single source of truth enables Dev, Sec and Ops teams to simplify complexity, collaborate efficiently and accelerate data-driven decisions that drive business value. Customers around the world rely on the Sumo Logic SaaS Log Analytics Platform for trusted insights to ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. For more information, visit: SUMOLOGIC.COM


**Average Rating:** 4.3/5.0
**Total Reviews:** 391
**How Do G2 Users Rate Sumo Logic?**

- **Activity Monitoring:** 9.1/10 (Category avg: 9.1/10)
- **Data Examination:** 9.0/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.2/10 (Category avg: 8.7/10)
- **Log Management:** 9.4/10 (Category avg: 9.1/10)

**Who Is the Company Behind Sumo Logic?**

- **Seller:** [Sumo Logic](https://www.g2.com/sellers/sumo-logic)
- **Company Website:** https://www.sumologic.com
- **Year Founded:** 2010
- **HQ Location:** Redwood City, CA
- **Twitter:** @SumoLogic (6,542 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1037816/ (838 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 48% Mid-Market, 37% Enterprise


#### What Are Sumo Logic's Pros and Cons?

**Pros:**

- Ease of Use (54 reviews)
- Log Management (44 reviews)
- Features (32 reviews)
- Insights (30 reviews)
- Real-time Monitoring (29 reviews)

**Cons:**

- Expensive (18 reviews)
- Difficult Learning (16 reviews)
- Learning Curve (16 reviews)
- Learning Difficulty (16 reviews)
- Slow Performance (16 reviews)


### What Do G2 Reviewers Say About Sumo Logic?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** in Sumo Logic, appreciating its simple learning curve and effective configurations.
- Users value the **ease of searching and configuring logs** with Sumo Logic, enhancing their monitoring experience.
- Users appreciate the **Continuous Intelligence feature** of Sumo Logic for transforming data into actionable insights rapidly.
- Users value the **powerful visualization and flexible analytics** of Sumo Logic, enhancing operational efficiency and responsiveness.
- Users appreciate the **real-time monitoring** capabilities of Sumo Logic, which enhance insights and simplify data management.

**Cons:**

- Users cite Sumo Logic as **expensive** , raising concerns over whether the high cost is justified by its benefits.
- Users find the **difficult learning** curve with Sumo Logic hampers their ability to use its features efficiently.
- Users find the **steep learning curve** of Sumo Logic challenging, especially with complex queries and setup requirements.
- Users face a **steep learning curve** with Sumo Logic, especially when mastering its complex query language and analytics setup.
- Users experience **slow performance** with Sumo Logic, facing delays in alerts and a cumbersome interface that hinders efficiency.

#### What Are Recent G2 Reviews of Sumo Logic?

**"[Centralized Logging with Intuitive Dashboards](https://www.g2.com/survey_responses/sumo-logic-review-12948839)"**

**Rating:** 4.5/5.0 stars
*— Sudarshan B.*

[Read full review](https://www.g2.com/survey_responses/sumo-logic-review-12948839)

---

**"[AI Activity Monitoring That Makes Auditing and Debugging Easy](https://www.g2.com/survey_responses/sumo-logic-review-12888562)"**

**Rating:** 4.5/5.0 stars
*— Vishal S.*

[Read full review](https://www.g2.com/survey_responses/sumo-logic-review-12888562)

---


#### What Are G2 Users Discussing About Sumo Logic?

- [What is Cloud SOAR used for?](https://www.g2.com/discussions/what-is-cloud-soar-used-for) - 1 comment, 1 upvote
- [Is Sumo Logic a SIEM?](https://www.g2.com/discussions/is-sumo-logic-a-siem)
- [What is Sumo Logic used for?](https://www.g2.com/discussions/what-is-sumo-logic-used-for)
- [Who are Sumo Logic competitors?](https://www.g2.com/discussions/who-are-sumo-logic-competitors) - 1 comment
- [How much does Sumo Logic cost?](https://www.g2.com/discussions/how-much-does-sumo-logic-cost)

### 9. [Elastic Security](https://www.g2.com/products/elastic-elastic-security/reviews)
Modernize your SOC with AI Security is a data problem. Your team needs to detect, investigate, and respond to threats quickly. Elastic Security unifies next-gen SIEM and XDR with native automation, with AI built into every step. Built on Elasticsearch, the open-source search platform trusted by millions, Elastic provides complete visibility across your environment. Our data mesh architecture streamlines analysis to raise team productivity and reduce attacker dwell time. Bolster your defenses - Detect threats faster by analyzing data from across your attack surface - Stop attacks with the industry&#39;s best-rated XDR protection - Close the loop faster with Elastic Workflows, blending scripted automation with agentic AI reasoning - Get more accurate AI assistance, grounded in your data using Elasticsearch&#39;s leading relevance capabilities With Elastic Security, your SOC team can use generative AI to distill alerts, automate repetitive tasks, and get tailored guidance, all with your choice of LLM and full transparency into reasoning and sources. SOC leaders choose Elastic Security when they need a unified, open platform ready to run on any cloud, on-prem, or air-gapped.


**Average Rating:** 4.5/5.0
**Total Reviews:** 23
**How Do G2 Users Rate Elastic Security?**

- **Activity Monitoring:** 9.7/10 (Category avg: 9.1/10)
- **Data Examination:** 8.3/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.8/10 (Category avg: 8.7/10)
- **Log Management:** 9.8/10 (Category avg: 9.1/10)

**Who Is the Company Behind Elastic Security?**

- **Seller:** [Elastic](https://www.g2.com/sellers/elastic)
- **Company Website:** https://www.elastic.co
- **Year Founded:** 2012
- **HQ Location:** San Francisco, CA
- **Twitter:** @elastic (65,200 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/814025/ (5,079 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services
- **Company Size:** 61% Mid-Market, 52% Small-Business


#### What Are Elastic Security's Pros and Cons?

**Pros:**

- Integrations (7 reviews)
- Ease of Use (5 reviews)
- Features (5 reviews)
- Easy Integrations (4 reviews)
- Efficiency Improvement (3 reviews)

**Cons:**

- Limitations (4 reviews)
- Complex Implementation (3 reviews)
- Complexity (3 reviews)
- Complex Setup (3 reviews)
- Integration Issues (3 reviews)


### What Do G2 Reviewers Say About Elastic Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **seamless integrations** of Elastic Security, enhancing their security monitoring and investigative efficiency.
- Users commend the **ease of use** of Elastic Security, appreciating its straightforward setup and seamless integration.
- Users value the **flexibility and depth** of Elastic Security, appreciating its comprehensive, tailored security capabilities across platforms.
- Users value the **easy integrations** of Elastic Security, enhancing efficiency in monitoring and incident management systems.
- Users value the **improved efficiency** of investigations in Elastic Security, making data actionable and streamlined for security monitoring.

**Cons:**

- Users struggle with the **steep learning curve and administrative overhead** of Elastic Security, impacting efficiency and scalability.
- Users find the **complex implementation** of Elastic Security challenging, requiring significant expertise and ongoing administrative effort.
- Users struggle with the **complexity** of Elastic Security, facing challenges in maintenance, learning, and automation capabilities.
- Users find the **complex setup** of Elastic Security challenging, requiring significant knowledge and ongoing maintenance efforts.
- Users experience **integration issues** with inconsistent fields across log sources, complicating threat intelligence correlation.

#### What Are Recent G2 Reviews of Elastic Security?

**"[Powerful, Customisable Security Platform for Complex Environments](https://www.g2.com/survey_responses/elastic-security-review-12341245)"**

**Rating:** 4.5/5.0 stars
*— Jennifer S.*

[Read full review](https://www.g2.com/survey_responses/elastic-security-review-12341245)

---

**"[Seamless SIEM Solution with AI and Outstanding Support](https://www.g2.com/survey_responses/elastic-security-review-12438374)"**

**Rating:** 5.0/5.0 stars
*— Jordan J.*

[Read full review](https://www.g2.com/survey_responses/elastic-security-review-12438374)

---



### 10. [Blumira Automated Detection &amp; Response](https://www.g2.com/products/blumira-automated-detection-response/reviews)
Blumira is an integrated security operations platform built for growing teams and the partners supporting them to gain complete visibility into their environment, identify and address risk faster, and deliver advanced security and compliance. The platform includes: - Managed Detections for automated threat hunting to identify attacks early - AI Investigation with 98.5% accurate, human-in-the-loop triage validated against real cases - Rapid Response with automation and 1-click actions to contain and block threats immediately - One Year of Data Retention with unlimited log ingestion to satisfy compliance requirements - Advanced Reporting and dashboards for forensics and easy investigation - Endpoint &amp; Identity Protection (EDR/ITDR) for real-time remediation across devices and users - 24/7 Security Operations support for critical priority issues


**Average Rating:** 4.6/5.0
**Total Reviews:** 122
**How Do G2 Users Rate Blumira Automated Detection &amp; Response?**

- **Activity Monitoring:** 8.7/10 (Category avg: 9.1/10)
- **Data Examination:** 8.4/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.0/10 (Category avg: 8.7/10)
- **Log Management:** 8.7/10 (Category avg: 9.1/10)

**Who Is the Company Behind Blumira Automated Detection &amp; Response?**

- **Seller:** [Blumira](https://www.g2.com/sellers/blumira)
- **Company Website:** https://www.blumira.com
- **Year Founded:** 2018
- **HQ Location:** Ann Arbor, Michigan
- **Twitter:** @blumira (1 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/blumira/ (67 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** IT Manager
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 51% Mid-Market, 36% Small-Business


#### What Are Blumira Automated Detection &amp; Response's Pros and Cons?

**Pros:**

- Ease of Use (33 reviews)
- Customer Support (20 reviews)
- Setup Ease (20 reviews)
- Alerting (16 reviews)
- Alert Management (16 reviews)

**Cons:**

- Limited Customization (11 reviews)
- Alert System (7 reviews)
- Expensive (6 reviews)
- Faulty Detection (6 reviews)
- Inefficient Alert System (6 reviews)


### What Do G2 Reviewers Say About Blumira Automated Detection &amp; Response?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Blumira, finding workflows intuitive for quick problem-solving and support.
- Users commend Blumira&#39;s **excellent customer support** , enhancing integration and simplifying security processes with effective alerts.
- Users appreciate the **easy setup** of Blumira, making integration with core services quick and hassle-free.
- Users find the **valuable email alerts** of Blumira essential for enhancing security awareness and user training.
- Users value the **valuable and clear email alerts** from Blumira, enhancing their security awareness and response actions.

**Cons:**

- Users find the **limited customization** in Blumira&#39;s workflows restricts flexibility for unique security needs.
- Users feel that the **customization of alerts** needs improvement to manage false positives effectively and reduce frustration.
- Users find Blumira&#39;s pricing model to be **prohibitively expensive** , limiting its accessibility for some customers.
- Users face issues with **faulty detection** , experiencing false positives that frustrate and waste time during reviews.
- Users find the **inefficient alert system** cumbersome, as false positives waste time and cause unnecessary frustration.

#### What Are Recent G2 Reviews of Blumira Automated Detection &amp; Response?

**"[Breeze From Sales to Onboarding With an Intuitive, Easy-to-Configure UI](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-12984186)"**

**Rating:** 5.0/5.0 stars
*— Blake C.*

[Read full review](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-12984186)

---

**"[A well-rounded detection system with fantastic support](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-10479545)"**

**Rating:** 5.0/5.0 stars
*— Jeremy A.*

[Read full review](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-10479545)

---


#### What Are G2 Users Discussing About Blumira Automated Detection &amp; Response?

- [What are the benefits and drawbacks of using Blumira for threat detection?](https://www.g2.com/discussions/what-are-the-benefits-and-drawbacks-of-using-blumira-for-threat-detection)
- [What is cloud SIEM?](https://www.g2.com/discussions/what-is-cloud-siem)
- [What does the term Siem stand for?](https://www.g2.com/discussions/what-does-the-term-siem-stand-for)
- [What does Blumira do?](https://www.g2.com/discussions/what-does-blumira-do)
- [What is Blumira automated detection &amp; response?](https://www.g2.com/discussions/what-is-blumira-automated-detection-response)

### 11. [Datadog](https://www.g2.com/products/datadog/reviews)
Datadog is the monitoring, security and analytics platform for developers, IT operations teams, security engineers and business users in the cloud age. The SaaS platform integrates and automates infrastructure monitoring, application performance monitoring and log management to provide unified, real-time observability of our customers&#39; entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.


**Average Rating:** 4.4/5.0
**Total Reviews:** 713
**How Do G2 Users Rate Datadog?**

- **Activity Monitoring:** 8.9/10 (Category avg: 9.1/10)
- **Data Examination:** 8.6/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.2/10 (Category avg: 8.7/10)
- **Log Management:** 9.5/10 (Category avg: 9.1/10)

**Who Is the Company Behind Datadog?**

- **Seller:** [Datadog](https://www.g2.com/sellers/datadog)
- **Company Website:** https://www.datadoghq.com/
- **Year Founded:** 2010
- **HQ Location:** New York
- **Twitter:** @datadoghq (51,207 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1066442/ (9,386 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, DevOps Engineer
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 47% Mid-Market, 34% Enterprise


#### What Are Datadog's Pros and Cons?

**Pros:**

- Ease of Use (158 reviews)
- Monitoring (150 reviews)
- Real-time Monitoring (129 reviews)
- Features (98 reviews)
- Analytics (94 reviews)

**Cons:**

- Expensive (102 reviews)
- Pricing Issues (81 reviews)
- Learning Curve (75 reviews)
- Cost (72 reviews)
- Learning Difficulty (56 reviews)


### What Do G2 Reviewers Say About Datadog?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Datadog, enabling intuitive dashboard setup and effortless monitoring across platforms.
- Users appreciate the **ease of monitoring** with Datadog, enjoying intuitive features and excellent enterprise support.
- Users appreciate the **real-time monitoring** capabilities of Datadog, streamlining application oversight and enhancing efficiency.
- Users value the **robust features** of Datadog, particularly appreciating its user-friendly interface and extensive integrations.
- Users appreciate the **intuitive dashboard creation** in Datadog, enhancing their analytics and monitoring capabilities effortlessly.

**Cons:**

- Users find Datadog&#39;s pricing **excessively expensive** , suggesting it should be more affordable for its offerings.
- Users find **pricing issues** with Datadog, citing high costs and unpredictable scaling as major concerns.
- Users find the **steep learning curve** challenging, especially with rapidly evolving features and the website&#39;s performance issues.
- Users express concern over **high and unpredictable costs** , feeling that Datadog&#39;s pricing is excessive for its value.
- Users find the **learning difficulty** of Datadog challenging, especially for new users needing training to navigate effectively.

#### What Are Recent G2 Reviews of Datadog?

**"[Datadog: Unified Logs, Metrics &amp; Traces for Real-Time Visibility and Faster Debugging](https://www.g2.com/survey_responses/datadog-review-13049319)"**

**Rating:** 4.5/5.0 stars
*— Anshul S.*

[Read full review](https://www.g2.com/survey_responses/datadog-review-13049319)

---

**"[Faster incident detection and root-cause analysis, leading to better customer experience.](https://www.g2.com/survey_responses/datadog-review-12850013)"**

**Rating:** 4.5/5.0 stars
*— Bertrand P.*

[Read full review](https://www.g2.com/survey_responses/datadog-review-12850013)

---


#### What Are G2 Users Discussing About Datadog?

- [How good is Datadog?](https://www.g2.com/discussions/how-good-is-datadog)
- [Does Datadog use AWS?](https://www.g2.com/discussions/does-datadog-use-aws) - 2 comments
- [What can Datadog monitor?](https://www.g2.com/discussions/what-can-datadog-monitor)
- [What is the use of Datadog?](https://www.g2.com/discussions/what-is-the-use-of-datadog) - 3 comments

### 12. [Splunk Enterprise](https://www.g2.com/products/splunk-enterprise/reviews)
Find out what is happening in your business and take meaningful action quickly with Splunk Enterprise. Automate the collection, indexing and alerting of machine data that&#39;s critical to your operations. Uncover the actionable insights from all your data — no matter the source or format. Leverage artificial intelligence and machine learning for predictive and proactive business decisions.


**Average Rating:** 4.3/5.0
**Total Reviews:** 415
**How Do G2 Users Rate Splunk Enterprise?**

- **Activity Monitoring:** 9.1/10 (Category avg: 9.1/10)
- **Data Examination:** 8.4/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.1/10 (Category avg: 8.7/10)
- **Log Management:** 9.3/10 (Category avg: 9.1/10)

**Who Is the Company Behind Splunk Enterprise?**

- **Seller:** [Cisco](https://www.g2.com/sellers/cisco)
- **Year Founded:** 1984
- **HQ Location:** San Jose, CA
- **Twitter:** @Cisco (720,366 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,545 employees on LinkedIn®)
- **Ownership:** NASDAQ:CSCO

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 64% Enterprise, 27% Mid-Market


#### What Are Splunk Enterprise's Pros and Cons?

**Pros:**

- Ease of Use (46 reviews)
- Log Management (31 reviews)
- Integrations (26 reviews)
- Features (25 reviews)
- Dashboards (23 reviews)

**Cons:**

- Expensive (32 reviews)
- Learning Curve (29 reviews)
- Slow Performance (19 reviews)
- Complexity (18 reviews)
- Pricing Issues (18 reviews)


### What Do G2 Reviewers Say About Splunk Enterprise?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Splunk Enterprise, enabling quick access and effective data analysis workflows.
- Users value the **robust data ingestion** capabilities of Splunk Enterprise for automated log analysis across diverse sources.
- Users value the **seamless integrations** of Splunk Enterprise, enhancing data management across diverse systems effortlessly.
- Users value the **flexibility and powerful data analysis features** of Splunk Enterprise for handling diverse large datasets.
- Users value the **dynamic dashboards** of Splunk Enterprise, enabling insightful data visualization and effective troubleshooting.

**Cons:**

- Users find Splunk Enterprise to be **expensive** , particularly for large organizations and new users requiring training.
- Users find the **learning curve steep** for Splunk Enterprise, making it challenging for new users to grasp quickly.
- Users experience **slow performance** with Splunk Enterprise, sometimes facing crashes and delays in saved searches.
- Users find the **complex configuration** of Splunk Enterprise challenging, impacting performance and usability for end users.
- Users note the **heavy license costs** of Splunk Enterprise, causing concerns about affordability and performance with large data.

#### What Are Recent G2 Reviews of Splunk Enterprise?

**"[SPL search and dashboards are really useful](https://www.g2.com/survey_responses/splunk-enterprise-review-12547655)"**

**Rating:** 4.0/5.0 stars
*— Nishith J.*

[Read full review](https://www.g2.com/survey_responses/splunk-enterprise-review-12547655)

---

**"[Excellent Enterprise Observability and Log Management Solution for Hybrid Cloud Infrastructure](https://www.g2.com/survey_responses/splunk-enterprise-review-12045230)"**

**Rating:** 4.5/5.0 stars
*— RaviShankar S.*

[Read full review](https://www.g2.com/survey_responses/splunk-enterprise-review-12045230)

---


#### What Are G2 Users Discussing About Splunk Enterprise?

- [What is Splunk Enterprise used for?](https://www.g2.com/discussions/what-is-splunk-enterprise-used-for) - 1 comment
- [What is the difference between Splunk Enterprise and Splunk Enterprise Security?](https://www.g2.com/discussions/splunk-enterprise-what-is-the-difference-between-splunk-enterprise-and-splunk-enterprise-security) - 1 comment
- [What are Splunk Enterprise components?](https://www.g2.com/discussions/what-are-splunk-enterprise-components) - 1 comment
- [Which apps ship with Splunk Enterprise?](https://www.g2.com/discussions/which-apps-ship-with-splunk-enterprise) - 1 comment
- [What does Splunk Enterprise do?](https://www.g2.com/discussions/what-does-splunk-enterprise-do) - 1 comment

### 13. [Rapid7 Next-Gen SIEM](https://www.g2.com/products/rapid7-next-gen-siem/reviews)
Rapid7 InsightIDR is a SaaS SIEM for modern threat detection and response. InsightIDR enables security analysts to work more efficiently and effectively, by unifying diverse data sources, providing early and reliable out of the box detections, and delivering rich visual investigations and automation to expedite response. With a lightweight cloud deployment and intuitive UI and onboarding experience, InsightIDR customers recognize an accelerated return on their investment and start seeing valuable insights from Day 1. With InsightIDR, teams can advance their threat detection and response program without adding headcount.


**Average Rating:** 4.4/5.0
**Total Reviews:** 67
**How Do G2 Users Rate Rapid7 Next-Gen SIEM?**

- **Activity Monitoring:** 9.2/10 (Category avg: 9.1/10)
- **Data Examination:** 8.6/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.9/10 (Category avg: 8.7/10)
- **Log Management:** 9.2/10 (Category avg: 9.1/10)

**Who Is the Company Behind Rapid7 Next-Gen SIEM?**

- **Seller:** [Rapid7](https://www.g2.com/sellers/rapid7)
- **Year Founded:** 2000
- **HQ Location:** Boston, MA
- **Twitter:** @rapid7 (124,405 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/39624/ (3,274 employees on LinkedIn®)
- **Ownership:** NASDAQ:RPD

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 66% Mid-Market, 31% Enterprise


#### What Are Rapid7 Next-Gen SIEM's Pros and Cons?

**Pros:**

- Ease of Use (2 reviews)
- Easy Integrations (2 reviews)
- Integrations (2 reviews)
- Threat Detection (2 reviews)
- Visibility (2 reviews)

**Cons:**

- Limited Features (2 reviews)
- Alerting Issues (1 reviews)
- Alert Management (1 reviews)
- Difficult Customization (1 reviews)
- Difficult Setup (1 reviews)


### What Do G2 Reviewers Say About Rapid7 Next-Gen SIEM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **ease of use** of Rapid7 Next-Gen SIEM with simple implementation and clear alerts.
- Users value the **easy integrations** of Rapid7 Next-Gen SIEM, enhancing connectivity with various third-party tools effortlessly.
- Users appreciate the **pre-built integrations** of Rapid7 Next-Gen SIEM, simplifying connections with various third-party tools.
- Users value the **seamless integration of UEBA and deception tools** for effective threat detection and faster investigations.
- Users appreciate the **visibility** Rapid7 Next-Gen SIEM offers, enabling easy log search and clear alert generation.

**Cons:**

- Users find the **limited features** of Rapid7 Next-Gen SIEM make alert creation and setup challenging.
- Users find the **limited alerting capabilities** challenging, complicating the creation of timely and effective alerts.
- Users find the **limited alert management capabilities** challenging, particularly for creating and configuring pattern-based alerts.
- Users find **difficult customization** in Rapid7 Next-Gen SIEM hampers alert creation and complicates pattern-based setups.
- Users find the **difficult setup** of Rapid7 Next-Gen SIEM hampers their ability to create alerts effectively.

#### What Are Recent G2 Reviews of Rapid7 Next-Gen SIEM?

**"[Easiest SIEM Implementation with Transparent Pricing](https://www.g2.com/survey_responses/rapid7-next-gen-siem-review-12182908)"**

**Rating:** 5.0/5.0 stars
*— Joevanne V.*

[Read full review](https://www.g2.com/survey_responses/rapid7-next-gen-siem-review-12182908)

---

**"[Intuitive, High-Performance SIEM with Great Support and Cost-Effective Value](https://www.g2.com/survey_responses/rapid7-next-gen-siem-review-12711350)"**

**Rating:** 4.5/5.0 stars
*— Nihal J.*

[Read full review](https://www.g2.com/survey_responses/rapid7-next-gen-siem-review-12711350)

---


#### What Are G2 Users Discussing About Rapid7 Next-Gen SIEM?

- [What is InsightIDR used for?](https://www.g2.com/discussions/what-is-insightidr-used-for)
- [What is rapid7 InsightVM?](https://www.g2.com/discussions/what-is-rapid7-insightvm)
- [Is rapid7 a SIEM?](https://www.g2.com/discussions/is-rapid7-a-siem)
- [What is rapid7 used for?](https://www.g2.com/discussions/insightidr-what-is-rapid7-used-for)
- [What is InsightIDR?](https://www.g2.com/discussions/what-is-insightidr)

### 14. [Coralogix](https://www.g2.com/products/coralogix/reviews)
Coralogix is a modern, full-stack observability platform transforming how businesses process and understand their data. Our unique architecture powers in-stream analytics without reliance on indexing or hot storage. We specialize in comprehensive monitoring of logs, metrics, trace and security events, enhancing operational efficiency and reducing total cost of ownership by up to 70%. Coralogix stands out for its simple pricing model, based solely on data volume ingested and retained, and offers free, fast customer support with less than 30 second response time and 1 hour resolution time. Our platform covers the entire range of observability with features such as APM, RUM, SIEM, Kubernetes monitoring and more, all streamlined for quick integration and immediate value. Components within the stream store the system state to provide stateful insights and real-time alerting without ever needing to index the data — so there are never any trade-offs to achieve observability. Once ingested, parsed, and enriched, data is written remotely to an archive bucket controlled by the client. The archive can be queried directly at any time, from the platform UI or via CLI, giving users infinite retention with full control over, and access to, their data. View and query your data from any dashboard using any syntax. Coralogix has successfully completed relevant security and privacy compliances by BDO including GDPR, SOC 2, PCI, HIPAA, and ISO 27001/27701.


**Average Rating:** 4.6/5.0
**Total Reviews:** 339
**How Do G2 Users Rate Coralogix?**

- **Activity Monitoring:** 8.7/10 (Category avg: 9.1/10)
- **Data Examination:** 8.7/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.8/10 (Category avg: 8.7/10)
- **Log Management:** 9.0/10 (Category avg: 9.1/10)

**Who Is the Company Behind Coralogix?**

- **Seller:** [Coralogix](https://www.g2.com/sellers/coralogix)
- **Company Website:** https://www.coralogix.com
- **Year Founded:** 2014
- **HQ Location:** San Francisco, CA
- **Twitter:** @Coralogix (4,102 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/3763125/ (588 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, DevOps Engineer
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 53% Mid-Market, 34% Enterprise


#### What Are Coralogix's Pros and Cons?

**Pros:**

- Ease of Use (82 reviews)
- Log Management (70 reviews)
- Customer Support (65 reviews)
- Real-time Monitoring (57 reviews)
- User Interface (57 reviews)

**Cons:**

- Learning Curve (25 reviews)
- Missing Features (25 reviews)
- Difficult Learning (24 reviews)
- Slow Performance (24 reviews)
- Learning Difficulty (22 reviews)


### What Do G2 Reviewers Say About Coralogix?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find **Coralogix easy to use** , appreciating its quick setup, integrations, and efficient dashboard for data analysis.
- Users value the **seamless integration of logs, metrics, and alerts** for efficient root-cause analysis and monitoring.
- Users value the **excellent customer support** of Coralogix, praising its responsiveness and efficiency in resolving issues.
- Users value the **real-time monitoring** capabilities of Coralogix, enhancing understanding of user behavior and incident response.
- Users love the **intuitive user interface** of Coralogix, making log search and export exceptionally easy.

**Cons:**

- Users find the **learning curve steep** , making it challenging for beginners to navigate and utilize Coralogix effectively.
- Users find the **missing feature for exporting logs** frustrating, as it complicates the search process for beginners.
- Users find **difficult learning** an obstacle with Coralogix, especially for beginners navigating its numerous options and concepts.
- Users often face **slow performance** with Coralogix, leading to frustration and delays in accessing important logs.
- Users find the **learning difficulty** significant, especially with advanced features and the overwhelming UI for beginners.

#### What Are Recent G2 Reviews of Coralogix?

**"[Coralogix Game Changer Logging Tool](https://www.g2.com/survey_responses/coralogix-review-11633887)"**

**Rating:** 4.5/5.0 stars
*— Shakti V.*

[Read full review](https://www.g2.com/survey_responses/coralogix-review-11633887)

---

**"[Reliable Log Monitoring with Room for Improvement](https://www.g2.com/survey_responses/coralogix-review-12091026)"**

**Rating:** 4.5/5.0 stars
*— Aayush M.*

[Read full review](https://www.g2.com/survey_responses/coralogix-review-12091026)

---



### 15. [EventSentry](https://www.g2.com/products/eventsentry/reviews)
EventSentry is a hybrid Security Information and Event Management (SIEM) solution designed to assist users in monitoring and managing their IT infrastructure effectively. By combining real-time event log monitoring with comprehensive system health and network monitoring, EventSentry provides a holistic view of servers and endpoints, enabling organizations to maintain robust security and operational efficiency. This SIEM solution is particularly beneficial for IT security teams, system administrators, and compliance officers who require a centralized platform to oversee their network&#39;s security posture. It caters to various industries, including finance, healthcare, and technology, where data integrity and security are paramount. The product is designed for organizations of all sizes, from small businesses to large enterprises, looking to enhance their security monitoring capabilities while ensuring system health. One of the standout features of EventSentry is its security event log normalization and correlation engine. This functionality transforms cryptic Windows security events into easily understandable reports, providing users with valuable insights that go beyond raw event data. The descriptive email alerts generated by the system offer additional context, allowing users to respond swiftly to potential security incidents. This capability is crucial for organizations that need to comply with regulatory requirements and maintain a proactive security stance. Moreover, EventSentry includes 200 compliance and security checks that strengthen security settings and reduce the attack surface - proactively identifying issues before they become liabilities. Malware &amp; Ransomware attacks can be mitigated and detected in real time with innovative process activity monitoring and a flexible anomaly detection engine that can reveal suspicious patterns across any log source. EventSentry supports various integrations, making it adaptable to existing IT environments. This flexibility allows organizations to incorporate the SIEM solution seamlessly into their current systems, enhancing their overall security framework without significant disruption. The multi-tenancy feature further enables organizations to manage multiple clients or departments from a single platform, making it an ideal choice for managed service providers or organizations with diverse operational needs. In summary, EventSentry stands out in the SIEM category by providing a comprehensive approach to security and system monitoring. Its combination of real-time log analysis, health monitoring, and user-friendly reporting equips organizations with the tools necessary to safeguard their digital assets effectively. By leveraging this hybrid SIEM solution, users can achieve a clearer understanding of their security landscape, facilitating informed decision-making and enhancing overall cybersecurity resilience.


**Average Rating:** 4.6/5.0
**Total Reviews:** 49
**How Do G2 Users Rate EventSentry?**

- **Activity Monitoring:** 9.0/10 (Category avg: 9.1/10)
- **Data Examination:** 8.8/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.0/10 (Category avg: 8.7/10)
- **Log Management:** 9.0/10 (Category avg: 9.1/10)

**Who Is the Company Behind EventSentry?**

- **Seller:** [NETIKUS.NET ltd](https://www.g2.com/sellers/netikus-net-ltd)
- **Company Website:** https://www.eventsentry.com
- **Year Founded:** 2002
- **HQ Location:** Chicago, Illinois
- **Twitter:** @netikus (971 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2327447/ (4 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Financial Services
- **Company Size:** 54% Mid-Market, 28% Small-Business


#### What Are EventSentry's Pros and Cons?

**Pros:**

- Customer Support (4 reviews)
- Alerting System (3 reviews)
- Implementation Ease (3 reviews)
- Pricing (3 reviews)
- Robust Support (3 reviews)

**Cons:**

- Learning Curve (2 reviews)
- Learning Difficulty (2 reviews)
- Log Management (2 reviews)
- Log Management Issues (2 reviews)
- Dashboard Issues (1 reviews)


### What Do G2 Reviewers Say About EventSentry?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend the **top-tier customer support** of EventSentry, highlighting quick and knowledgeable responses from the team.
- Users value the **reliable alerting system** of EventSentry, allowing important notifications while filtering out irrelevant ones.
- Users find **implementation easy** with EventSentry, benefiting from simple deployment and intuitive, resource-efficient setup.
- Users appreciate the **affordable pricing** of EventSentry, finding it offers excellent performance and support for their needs.
- Users praise the **world-class support** of EventSentry, highlighting quick, knowledgeable responses from the team.

**Cons:**

- Users note a **steep initial learning curve** with EventSentry, but helpful resources are available for support.
- Users find the **initial learning curve steep** , although there are helpful resources available to ease the process.
- Users find the **Linux log handling and detection rules** of EventSentry lacking and in need of improvement.
- Users find **log management issues** with EventSentry, particularly regarding Linux logs and outdated aggregation capabilities.
- Users find the **dashboard issues** in EventSentry hinder report generation and server management.

#### What Are Recent G2 Reviews of EventSentry?

**"[Cost-Effective Compliance Solution that can pass an audit!](https://www.g2.com/survey_responses/eventsentry-review-12816650)"**

**Rating:** 4.5/5.0 stars
*— AJ J.*

[Read full review](https://www.g2.com/survey_responses/eventsentry-review-12816650)

---

**"[Granular Local Monitoring with Deep Security Auditing](https://www.g2.com/survey_responses/eventsentry-review-12895715)"**

**Rating:** 4.5/5.0 stars
*— Chuck K.*

[Read full review](https://www.g2.com/survey_responses/eventsentry-review-12895715)

---


#### What Are G2 Users Discussing About EventSentry?

- [What is EventSentry used for?](https://www.g2.com/discussions/what-is-eventsentry-used-for) - 1 comment

### 16. [Google Security Operations](https://www.g2.com/products/google-security-operations/reviews)
Google Security Operations offers a unified experience across SIEM, SOAR, and threat intelligence to drive better detection, investigation, and response. Collect security telemetry data, apply threat intel to identify high priority threats, drive response with playbook automation, case management, and collaboration. It also provides Gemini-native agentic defense to help autonomously handle workflows like alert triage, threat hunting, and detection engineering. Google Security Operations also supports AI Threat Defense to monitor, detect, and respond to threats from code you do not own or cannot patch.


**Average Rating:** 4.4/5.0
**Total Reviews:** 47
**How Do G2 Users Rate Google Security Operations?**

- **Activity Monitoring:** 10.0/10 (Category avg: 9.1/10)
- **Data Examination:** 10.0/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.1/10 (Category avg: 8.7/10)
- **Log Management:** 9.7/10 (Category avg: 9.1/10)

**Who Is the Company Behind Google Security Operations?**

- **Seller:** [Google](https://www.g2.com/sellers/google)
- **Year Founded:** 1998
- **HQ Location:** Mountain View, CA
- **Twitter:** @google (31,899,995 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1441/ (341,888 employees on LinkedIn®)
- **Ownership:** NASDAQ:GOOG

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 42% Enterprise, 39% Mid-Market


#### What Are Google Security Operations's Pros and Cons?

**Pros:**

- Security (8 reviews)
- Ease of Use (6 reviews)
- Threat Detection (5 reviews)
- Comprehensive Security (3 reviews)
- Easy Integrations (3 reviews)

**Cons:**

- Expensive (6 reviews)
- Learning Curve (4 reviews)
- Complexity (3 reviews)
- Learning Difficulty (2 reviews)
- Limited Customization (2 reviews)


### What Do G2 Reviewers Say About Google Security Operations?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Google Security Operations to provide **excellent cybersecurity** with its user-friendly interface and scalable performance.
- Users love the **ease of use** of Google Security Operations, appreciating its straightforward threat detection and secure integration.
- Users appreciate the **high-speed threat detection** capabilities of Google Security Operations, facilitating swift and secure incident response.
- Users value the **comprehensive security features** of Google Security Operations for threat detection and response.
- Users value the **easy integrations** of Google Chronicle Security, enhancing their security management with seamless compatibility.

**Cons:**

- Users find the service **expensive** and complex, especially for large organizations requiring more time for training and setup.
- Users face a **steep learning curve** with Google Security Operations, especially if unfamiliar with Google Cloud services.
- Users find the **complexity of implementation** in Google Security Operations challenging and time-consuming for organizations.
- Users find the **learning difficulty** to be challenging, taking more time to master compared to other tools.
- Users find the **limited customization** options in Google Security Operations hinder adaptability to specific security needs.

#### What Are Recent G2 Reviews of Google Security Operations?

**"[Google SecOps: Intuitive UI and Powerful AI-Driven Detection with Gemini](https://www.g2.com/survey_responses/google-security-operations-review-11259633)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Insurance*

[Read full review](https://www.g2.com/survey_responses/google-security-operations-review-11259633)

---

**"[Fast, Scalable Platform That Speeds Up Security Investigations](https://www.g2.com/survey_responses/google-security-operations-review-12789503)"**

**Rating:** 4.5/5.0 stars
*— Ankith T.*

[Read full review](https://www.g2.com/survey_responses/google-security-operations-review-12789503)

---



### 17. [Palo Alto Cortex XSIAM](https://www.g2.com/products/palo-alto-cortex-xsiam/reviews)
Product Description: Palo Alto Networks&#39; Cortex XSIAM is an AI-driven security operations platform designed to transform traditional Security Operations Centers by integrating and automating key functions such as data centralization, threat detection, and incident response. By leveraging machine learning and automation, it enables organizations to detect and respond to threats more efficiently, reducing manual workloads and improving overall security posture. Key Features and Functionality: - Data Centralization: Aggregates data from various sources into a unified platform, providing comprehensive visibility across the enterprise. - AI-Powered Threat Detection: Utilizes machine learning algorithms to identify anomalies and potential threats in real-time. - Automated Incident Response: Streamlines response processes through automation, enabling rapid mitigation of security incidents. - Integrated SOC Capabilities: Combines functions such as Extended Detection and Response , Security Orchestration, Automation, and Response , Attack Surface Management , and Security Information and Event Management into a cohesive platform, eliminating the need for multiple disparate tools. - Scalability: Designed to handle large volumes of data and adapt to the evolving needs of modern enterprises. Primary Value and Problem Solved: Cortex XSIAM addresses the challenges of disjointed data, weak threat defense, and heavy reliance on manual work in traditional SOCs. By centralizing data and automating security operations, it simplifies processes, enhances threat detection accuracy, and accelerates incident response times. This transformation enables organizations to proactively outpace threats, reduce operational costs, and achieve a more robust security posture.


**Average Rating:** 4.4/5.0
**Total Reviews:** 64
**How Do G2 Users Rate Palo Alto Cortex XSIAM?**

- **Activity Monitoring:** 9.2/10 (Category avg: 9.1/10)
- **Data Examination:** 8.4/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.4/10 (Category avg: 8.7/10)
- **Log Management:** 9.1/10 (Category avg: 9.1/10)

**Who Is the Company Behind Palo Alto Cortex XSIAM?**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Company Website:** https://www.paloaltonetworks.com
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,951 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (22,313 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 49% Enterprise, 29% Mid-Market


#### What Are Palo Alto Cortex XSIAM's Pros and Cons?

**Pros:**

- Ease of Use (50 reviews)
- Threat Detection (37 reviews)
- Integrations (28 reviews)
- Cybersecurity (27 reviews)
- Features (27 reviews)

**Cons:**

- Expensive (28 reviews)
- Difficult Learning (17 reviews)
- Complexity (14 reviews)
- Integration Issues (14 reviews)
- UX Improvement (12 reviews)


### What Do G2 Reviewers Say About Palo Alto Cortex XSIAM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Palo Alto Cortex XSIAM to be **easy to understand and user-friendly** , enhancing their security product integration experience.
- Users value the **effective threat detection** capabilities of Palo Alto Cortex XSIAM, identifying both known and unknown risks.
- Users value the **easy integrations** with multiple systems, enhancing the functionality and efficiency of Palo Alto Cortex XSIAM.
- Users value the **rapid incident response capabilities** of Palo Alto Cortex XSIAM, enhancing overall cybersecurity effectiveness.
- Users appreciate the **intuitive dashboard and easy threat detection** features of Cortex XSIAM, enhancing overall security management.

**Cons:**

- Users find the **cost of Palo Alto Cortex XSIAM to be prohibitively expensive** , affecting its overall value and accessibility.
- Users find the **difficult learning** curve of Palo Alto Cortex XSIAM challenging, especially for non-technical users.
- Users find the **complexity** of Palo Alto Cortex XSIAM overwhelming, requiring significant time and expertise to effectively manage.
- Users face significant **integration issues** with Palo Alto Cortex XSIAM, affecting overall usability and performance negatively.
- Users face **significant UX challenges** with Palo Alto Cortex XSIAM, citing a less intuitive interface and limited customization.

#### What Are Recent G2 Reviews of Palo Alto Cortex XSIAM?

**"[Palo Alto Cortex XSIAM Streamlines SOC Work with Smart Noise Reduction and Automation](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-12626074)"**

**Rating:** 5.0/5.0 stars
*— Rohan K.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-12626074)

---

**"[Streamlines Security Operations with Automation](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-13067964)"**

**Rating:** 4.0/5.0 stars
*— Ronald D.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-13067964)

---


#### What Are G2 Users Discussing About Palo Alto Cortex XSIAM?

- [What is IBM Security ReaQta used for?](https://www.g2.com/discussions/what-is-ibm-security-reaqta-used-for)
- [What does QRadar stand for?](https://www.g2.com/discussions/what-does-qradar-stand-for) - 1 comment, 1 upvote
- [How do I use IBM QRadar?](https://www.g2.com/discussions/how-do-i-use-ibm-qradar) - 1 comment
- [What are the key component of IBM QRadar?](https://www.g2.com/discussions/what-are-the-key-component-of-ibm-qradar) - 1 comment
- [What is IBM QRadar Siem?](https://www.g2.com/discussions/what-is-ibm-qradar-siem) - 1 comment

### 18. [LogRhythm SIEM](https://www.g2.com/products/exabeam-logrhythm-siem/reviews)
Rapidly deploy LogRhythm SIEM, the leading self-hosted SIEM, to secure your organization with powerful detections, synchronized threat intelligence, automated workflows, and achieve faster, more accurate threat detection, investigation, and response (TDIR).


**Average Rating:** 4.2/5.0
**Total Reviews:** 137
**How Do G2 Users Rate LogRhythm SIEM?**

- **Activity Monitoring:** 8.9/10 (Category avg: 9.1/10)
- **Data Examination:** 8.4/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.3/10 (Category avg: 8.7/10)
- **Log Management:** 9.0/10 (Category avg: 9.1/10)

**Who Is the Company Behind LogRhythm SIEM?**

- **Seller:** [Exabeam](https://www.g2.com/sellers/exabeam)
- **Year Founded:** 2013
- **HQ Location:** Broomfield, CO
- **Twitter:** @exabeam (5,374 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/exabeam (793 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Information Security Analyst, Cyber Security Analyst
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 40% Mid-Market, 40% Enterprise



#### What Are Recent G2 Reviews of LogRhythm SIEM?

**"[More than a SIEM](https://www.g2.com/survey_responses/logrhythm-siem-review-10516628)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Banking*

[Read full review](https://www.g2.com/survey_responses/logrhythm-siem-review-10516628)

---

**"[LogRhythm SIEM - Best Solution In Market](https://www.g2.com/survey_responses/logrhythm-siem-review-11463953)"**

**Rating:** 5.0/5.0 stars
*— Vishwa  K.*

[Read full review](https://www.g2.com/survey_responses/logrhythm-siem-review-11463953)

---


#### What Are G2 Users Discussing About LogRhythm SIEM?

- [What are some SIEM tools?](https://www.g2.com/discussions/what-are-some-siem-tools)
- [What does a SIEM platform do?](https://www.g2.com/discussions/what-does-a-siem-platform-do)
- [How does Siem LogRhythm work?](https://www.g2.com/discussions/how-does-siem-logrhythm-work)
- [What is LogRhythm software?](https://www.g2.com/discussions/what-is-logrhythm-software)

### 19. [FortiSIEM](https://www.g2.com/products/fortisiem/reviews)
The complexity of managing network and security operations is resulting in increases in breaches worldwide. Discovery, isolation, and remediation of these incidents are measured in hundreds of days. And with a dwindling pool of skilled cyber security personnel able to manage the wide array of devices and data sources to protect their network assets, success requires a new approach. FortiSIEM provides organizations of all sizes with a comprehensive, holistic, and scalable solution for security, performance, and compliance management, from IoT to the cloud. FortiSIEM expands network visibility through the Fortinet Security Fabric&#39;s integrations with the leading security products present in most networks today.


**Average Rating:** 4.3/5.0
**Total Reviews:** 40
**How Do G2 Users Rate FortiSIEM?**

- **Activity Monitoring:** 8.7/10 (Category avg: 9.1/10)
- **Data Examination:** 7.9/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.6/10 (Category avg: 8.7/10)
- **Log Management:** 8.7/10 (Category avg: 9.1/10)

**Who Is the Company Behind FortiSIEM?**

- **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet)
- **Year Founded:** 2000
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @Fortinet (151,422 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,279 employees on LinkedIn®)
- **Ownership:** NASDAQ: FTNT

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 46% Mid-Market, 29% Enterprise


#### What Are FortiSIEM's Pros and Cons?

**Pros:**

- Alerting (1 reviews)
- Log Management (1 reviews)
- Threat Detection (1 reviews)
- Troubleshooting (1 reviews)
- Visibility (1 reviews)

**Cons:**

- Complex Configuration (1 reviews)
- Complex Setup (1 reviews)
- Difficult Customization (1 reviews)
- Learning Curve (1 reviews)
- Poor Interface Design (1 reviews)


### What Do G2 Reviewers Say About FortiSIEM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **real-time visibility** of FortiSIEM, enhancing threat detection and troubleshooting across the infrastructure.
- Users value the **real-time log correlation and visibility** of FortiSIEM, enhancing threat detection and troubleshooting efficiency.
- Users appreciate the **real-time threat detection** capabilities of FortiSIEM, enhancing security management and troubleshooting efficiency.
- Users appreciate the **real-time correlation of logs and metrics** in FortiSIEM, enhancing threat detection and troubleshooting efficiency.
- Users appreciate the **single-pane-of-glass visibility** of FortiSIEM, enhancing real-time threat detection and troubleshooting capabilities.

**Cons:**

- Users find the **initial setup and customization complex** and report a steep learning curve for advanced usage.
- Users find the **initial setup complex** and note that the interface requires time to learn for effective use.
- Users find the **difficult customization** of FortiSIEM challenging, particularly with its complex setup and user interface.
- Users find that the **learning curve** for setup and customization in FortiSIEM can be quite complex and challenging.
- Users find the **poor interface design** of FortiSIEM challenging, leading to a steep learning curve for effective use.

#### What Are Recent G2 Reviews of FortiSIEM?

**"[Unified Visibility and Real-Time Insights All in One Platform](https://www.g2.com/survey_responses/fortisiem-review-12189812)"**

**Rating:** 5.0/5.0 stars
*— Yogeshwaran R.*

[Read full review](https://www.g2.com/survey_responses/fortisiem-review-12189812)

---

**"[Unified Visibility and Faster Threat Detection with FortiSIEM](https://www.g2.com/survey_responses/fortisiem-review-12097381)"**

**Rating:** 4.5/5.0 stars
*— Seid H.*

[Read full review](https://www.g2.com/survey_responses/fortisiem-review-12097381)

---


#### What Are G2 Users Discussing About FortiSIEM?

- [What is FortiSIEM used for?](https://www.g2.com/discussions/what-is-fortisiem-used-for)

### 20. [Splunk Enterprise Security](https://www.g2.com/products/splunk-enterprise-security/reviews)
Splunk Enterprise Security (ES) is a data-centric, modern security information and event management (SIEM) solution that delivers data-driven insights for full breadth visibility into your security posture so you can protect your business and mitigate risk at scale. With unparalleled search and reporting, advanced analytics, integrated intelligence, and prepackaged security content, Splunk ES accelerates threat detection and investigation, letting you determine the scope of high-priority threats to your environment so you can quickly take action. Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Our extensive ecosystem of Splunk, partner, and community-built integrations as well as flexible deployment options ensure your technology investments are working in tandem with Splunk ES whilst meeting you wherever you are on your cloud, multi-cloud, or hybrid journey.


**Average Rating:** 4.3/5.0
**Total Reviews:** 223
**How Do G2 Users Rate Splunk Enterprise Security?**

- **Activity Monitoring:** 8.8/10 (Category avg: 9.1/10)
- **Data Examination:** 8.5/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.1/10 (Category avg: 8.7/10)
- **Log Management:** 9.3/10 (Category avg: 9.1/10)

**Who Is the Company Behind Splunk Enterprise Security?**

- **Seller:** [Cisco](https://www.g2.com/sellers/cisco)
- **Year Founded:** 1984
- **HQ Location:** San Jose, CA
- **Twitter:** @Cisco (720,366 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,545 employees on LinkedIn®)
- **Ownership:** NASDAQ:CSCO

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 59% Enterprise, 30% Mid-Market


#### What Are Splunk Enterprise Security's Pros and Cons?

**Pros:**

- Ease of Use (15 reviews)
- Easy Integrations (13 reviews)
- Threat Detection (13 reviews)
- Features (12 reviews)
- User Interface (11 reviews)

**Cons:**

- Expensive (17 reviews)
- Complex Setup (8 reviews)
- Complex Implementation (6 reviews)
- Complexity (6 reviews)
- Difficult Learning (6 reviews)


### What Do G2 Reviewers Say About Splunk Enterprise Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **user-friendly interface** of Splunk Enterprise Security, allowing efficient monitoring and log analysis.
- Users appreciate the **easy integrations** with various platforms, enhancing their log management experience significantly.
- Users highly value the **impressive threat detection** capabilities of Splunk Enterprise Security, enhancing early identification of potential issues.
- Users value the **powerful analytics and security features** of Splunk Enterprise Security, enhancing their monitoring and investigative capabilities.
- Users appreciate the **user-friendly interface** of Splunk Enterprise Security, enabling efficient monitoring and attractive dashboard creation.

**Cons:**

- Users find the **high cost** of Splunk Enterprise Security a significant barrier, limiting its adoption among smaller organizations.
- Users find the **complex setup** of Splunk Enterprise Security challenging and resource-intensive, often needing additional support for implementation.
- Users find the **complex implementation** of Splunk Enterprise Security to be time-intensive and requiring specialized expertise.
- Users find the **setup and complexity** of Splunk Enterprise Security can be time-consuming and challenging to navigate.
- Users find the **difficult learning curve** of Splunk Enterprise Security challenging, especially for those new to data analysis.

#### What Are Recent G2 Reviews of Splunk Enterprise Security?

**"[Powerful Visibility and Investigations with Splunk Enterprise Security](https://www.g2.com/survey_responses/splunk-enterprise-security-review-12695107)"**

**Rating:** 4.0/5.0 stars
*— Akil S.*

[Read full review](https://www.g2.com/survey_responses/splunk-enterprise-security-review-12695107)

---

**"[Powerful Threat Detection and Investigation with Splunk Enterprise Security](https://www.g2.com/survey_responses/splunk-enterprise-security-review-12982814)"**

**Rating:** 5.0/5.0 stars
*— Priyanshu S.*

[Read full review](https://www.g2.com/survey_responses/splunk-enterprise-security-review-12982814)

---


#### What Are G2 Users Discussing About Splunk Enterprise Security?

- [What is Splunk User Behavior Analytics used for?](https://www.g2.com/discussions/what-is-splunk-user-behavior-analytics-used-for)
- [What does Splunk Enterprise do?](https://www.g2.com/discussions/splunk-enterprise-security-what-does-splunk-enterprise-do)
- [What is the difference between Splunk Enterprise and Splunk Enterprise Security?](https://www.g2.com/discussions/what-is-the-difference-between-splunk-enterprise-and-splunk-enterprise-security) - 1 comment
- [Which Splunk app is used for enterprise security?](https://www.g2.com/discussions/which-splunk-app-is-used-for-enterprise-security)
- [What is Splunk Enterprise Security?](https://www.g2.com/discussions/what-is-splunk-enterprise-security)

### 21. [LevelBlue USM Anywhere](https://www.g2.com/products/levelblue-usm-anywhere/reviews)
LevelBlue USM Anywhere is a cloud-based security management solution that accelerates and centralizes threat detection, incident response, and compliance management for your cloud, hybrid cloud, and on-premises environments. USM Anywhere includes purpose-built cloud sensors that natively monitor your Amazon Web Services (AWS) and Microsoft Azure cloud environments. On premises, lightweight virtual sensors run on Microsoft Hyper-V and VMware ESXi to monitor your virtual private cloud and physical IT infrastructure. With USM Anywhere, you can rapidly deploy sensors into your cloud and on-premises environments while centrally managing data collection, security analysis, and threat detection from the AlienVault Secure Cloud. Five Essential Security Capabilities in a Single SaaS Platform AlienVault USM Anywhere provides five essential security capabilities in a single SaaS solution, giving you everything you need for threat detection, incident response, and compliance management—all in a single pane of glass. With USM Anywhere, you can focus on finding and responding to threats, not managing software. An elastic, cloud-based security solution, USM Anywhere can readily scale to meet your threat detection needs as your hybrid cloud environment changes and grows. 1. Asset Discovery 2. Vulnerability Assessment 3. Intrusion Detection 4. Behavioral Monitoring 5. SIEM


**Average Rating:** 4.4/5.0
**Total Reviews:** 102
**How Do G2 Users Rate LevelBlue USM Anywhere?**

- **Activity Monitoring:** 8.9/10 (Category avg: 9.1/10)
- **Data Examination:** 8.4/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.3/10 (Category avg: 8.7/10)
- **Log Management:** 8.9/10 (Category avg: 9.1/10)

**Who Is the Company Behind LevelBlue USM Anywhere?**

- **Seller:** [LevelBlue](https://www.g2.com/sellers/levelblue-49a2e3c1-ca90-4308-b899-08973f657bae)
- **HQ Location:** Dallas, Texas, United States
- **LinkedIn® Page:** https://www.linkedin.com/company/levelbluecyber/ (782 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Financial Services
- **Company Size:** 62% Mid-Market, 20% Small-Business



#### What Are Recent G2 Reviews of LevelBlue USM Anywhere?

**"[Comprehensive cloud security and monitoring platform](https://www.g2.com/survey_responses/levelblue-usm-anywhere-review-11718892)"**

**Rating:** 5.0/5.0 stars
*— Luis Emmanuel M.*

[Read full review](https://www.g2.com/survey_responses/levelblue-usm-anywhere-review-11718892)

---

**"[Impressive Cloud Based SIEM](https://www.g2.com/survey_responses/levelblue-usm-anywhere-review-9698214)"**

**Rating:** 4.5/5.0 stars
*— Goodness  I.*

[Read full review](https://www.g2.com/survey_responses/levelblue-usm-anywhere-review-9698214)

---


#### What Are G2 Users Discussing About LevelBlue USM Anywhere?

- [How has AlienVault USM supported your cybersecurity efforts, and what features do you rely on most?](https://www.g2.com/discussions/how-has-alienvault-usm-supported-your-cybersecurity-efforts-and-what-features-do-you-rely-on-most)
- [What is AlienVault USM (from AT&amp;T Cybersecurity) used for?](https://www.g2.com/discussions/what-is-alienvault-usm-from-at-t-cybersecurity-used-for)

### 22. [SolarWinds Security Event Manager](https://www.g2.com/products/solarwinds-security-event-manager/reviews)
Security Event Manager (SEM) is a powerful, real-time Security Information and Event Management (SIEM) solution designed to act as a virtual Security Operations Center (SOC). It provides active monitoring and automated threat detection across multi-vendor network devices, servers, workstations, and applications. SEM is delivered as a downloadable virtual appliance for rapid deployment, and allows IT teams to centralize log data and enable real-time event correlation right out of the box. SEM goes beyond simple alerting by offering automated remediation actions. When suspicious behavior is detected, the platform can automatically block malicious IPs, disable compromised user accounts, kill unauthorized applications, or detach unmanaged USB devices via its integrated USB Defender. This immediate response capability significantly reduces the window of vulnerability during a cyber-attack. To ensure deep visibility, SEM features built-in File Integrity Monitoring (FIM), allowing you to track sensitive file changes, deletions, and registry modifications. The platform also streamlines audit preparation with hundreds of pre-built, out-of-the-box compliance reports for major regulatory frameworks, including HIPAA, PCI DSS, SOX, ISO, DISA STIGs, and FISMA. With its intuitive text-based searching and integrated threat intelligence feed, SEM normalizes disparate log data into a readable format. This enables faster forensic analysis and historical searching, helping your team identify patterns from known bad actors and strengthen your overall security posture. Whether you are managing internal threats or external breaches, SolarWinds SEM provides the essential tools to detect, respond, and report with confidence. For organizations seeking tailored security control, SEM is highly effective as a standalone SIEM tool, providing dedicated log management and incident response. However, for those looking to eliminate silos between security and IT operations, SEM can also function as a core component of SolarWinds Observability.


**Average Rating:** 4.0/5.0
**Total Reviews:** 71
**How Do G2 Users Rate SolarWinds Security Event Manager?**

- **Activity Monitoring:** 9.2/10 (Category avg: 9.1/10)
- **Data Examination:** 8.5/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.2/10 (Category avg: 8.7/10)
- **Log Management:** 8.9/10 (Category avg: 9.1/10)

**Who Is the Company Behind SolarWinds Security Event Manager?**

- **Seller:** [SolarWinds Worldwide LLC](https://www.g2.com/sellers/solarwinds-worldwide-llc)
- **Year Founded:** 1999
- **HQ Location:** Austin, TX
- **Twitter:** @solarwinds (19,570 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/166039/ (2,824 employees on LinkedIn®)
- **Ownership:** NYSE: SWI

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 51% Enterprise, 39% Mid-Market


#### What Are SolarWinds Security Event Manager's Pros and Cons?

**Pros:**

- Detection Efficiency (1 reviews)
- Ease of Use (1 reviews)

**Cons:**

- Licensing Cost (1 reviews)
- Poor Customer Support (1 reviews)


### What Do G2 Reviewers Say About SolarWinds Security Event Manager?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **high detection efficiency** of SolarWinds Security Event Manager, streamlining their security management tasks.
- Users appreciate the **ease of use** for admins, finding device addition to be simple and straightforward.

**Cons:**

- Users find the **licensing costs complex** , and support options limited, particularly in certain regions.
- Users express frustration with **poor customer support** , noting limited expert assistance and unhelpful online resources.

#### What Are Recent G2 Reviews of SolarWinds Security Event Manager?

**"[Network Monitroing Tools Software](https://www.g2.com/survey_responses/solarwinds-security-event-manager-review-9315556)"**

**Rating:** 4.5/5.0 stars
*— AFTAB A.*

[Read full review](https://www.g2.com/survey_responses/solarwinds-security-event-manager-review-9315556)

---

**"[Powerful Security, Clunky Interface](https://www.g2.com/survey_responses/solarwinds-security-event-manager-review-12727479)"**

**Rating:** 5.0/5.0 stars
*— dennis s.*

[Read full review](https://www.g2.com/survey_responses/solarwinds-security-event-manager-review-12727479)

---


#### What Are G2 Users Discussing About SolarWinds Security Event Manager?

- [What is SolarWinds Security Event Manager used for?](https://www.g2.com/discussions/what-is-solarwinds-security-event-manager-used-for)
- [What is Access rights Manager?](https://www.g2.com/discussions/what-is-access-rights-manager) - 1 comment

### 23. [Pandora FMS](https://www.g2.com/products/pandora-fms/reviews)
Pandora FMS is a unified monitoring and observability platform designed to consolidate visibility, alerting, reporting, and automation across heterogeneous IT environments. Instead of combining multiple point tools for networks, servers, applications, and cloud services, Pandora FMS centralizes data collection and operational workflows in a single console, reducing integration effort and operational complexity in on-premise, hybrid, and multi-cloud architectures. The platform collects telemetry using multiple methods, including agents, remote checks, standard protocols (e.g., SNMP/WMI), APIs, and log/event ingestion. This enables teams to monitor infrastructure and services end-to-end, correlate signals, and maintain consistent alerting policies and dashboards across distributed estates. Pandora FMS also supports capacity and trend analysis to anticipate resource constraints and identify recurring patterns, and includes AI-assisted capabilities for anomaly detection and automated thresholds to surface hard-to-spot operational signals. Pandora FMS is extensible through a large plugin ecosystem (500+ plugins and integrations), covering a wide range of enterprise and infrastructure technologies such as SAP, Oracle, Citrix, JBoss, VMware, AWS, SQL Server, Red Hat, and WebSphere. This extensibility helps organizations standardize monitoring across legacy and modern stacks without redesigning their monitoring approach per technology. Core capabilities: -Unified monitoring for networks, servers, applications, cloud services, endpoints, and logs -Centralized alerting, event correlation, dashboards, and scheduled reporting -Flexible data collection via agents, remote checks, APIs, and plugins -Scalability for distributed environments and large numbers of monitored elements -Analytics for trend/capacity planning plus AI-assisted anomaly detection and dynamic thresholds -A key differentiator is direct vendor support, which simplifies escalation and ensures continuity of expertise for deployment, tuning, and ongoing operations.


**Average Rating:** 4.6/5.0
**Total Reviews:** 212
**How Do G2 Users Rate Pandora FMS?**

- **Activity Monitoring:** 10.0/10 (Category avg: 9.1/10)
- **Data Examination:** 8.3/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.1/10 (Category avg: 8.7/10)
- **Log Management:** 10.0/10 (Category avg: 9.1/10)

**Who Is the Company Behind Pandora FMS?**

- **Seller:** [Pandora FMS](https://www.g2.com/sellers/pandora-fms)
- **Company Website:** https://pandorafms.com/
- **Year Founded:** 2004
- **HQ Location:** Madrid, Spain
- **Twitter:** @pandorafms (5,458 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/pandora-pfms/ (56 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Data Analyst
- **Top Industries:** Information Technology and Services, Telecommunications
- **Company Size:** 50% Mid-Market, 37% Small-Business


#### What Are Pandora FMS's Pros and Cons?

**Pros:**

- Monitoring (138 reviews)
- Ease of Use (114 reviews)
- Real-time Monitoring (96 reviews)
- Flexibility (64 reviews)
- Network Monitoring (61 reviews)

**Cons:**

- Learning Curve (44 reviews)
- Complex Setup (32 reviews)
- Learning Difficulty (29 reviews)
- Complex Configuration (27 reviews)
- Difficult Learning (27 reviews)


### What Do G2 Reviewers Say About Pandora FMS?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **reliable remote monitoring** capabilities of Pandora FMS, enhancing the security of their digital systems.
- Users highlight the **ease of use** of Pandora FMS, enabling efficient monitoring and management of systems effortlessly.
- Users value the **real-time monitoring** of Pandora FMS for timely alerts and comprehensive insights across IT systems.
- Users praise the **flexibility** of Pandora FMS, adapting seamlessly to diverse environments and monitoring specific needs effectively.
- Users value the **real-time network monitoring** of Pandora FMS, providing control and immediate alerts for issues.

**Cons:**

- Users find the **learning curve challenging** due to complex scripts and OID procedures in Pandora FMS.
- Users find the **complex setup** of Pandora FMS challenging, leading to a steep learning curve for new users.
- Users find it challenging to navigate **learning difficulties** due to the complex setup and configuration processes.
- Users report a **complex configuration** process, requiring time and technical expertise for effective use of Pandora FMS.
- Users find the **difficult learning** curve frustrating, particularly with setup complexity and navigating the interface.

#### What Are Recent G2 Reviews of Pandora FMS?

**"[Fast Deployment, Easy to Use, and Strong Performance Even in the Community Version](https://www.g2.com/survey_responses/pandora-fms-review-12677659)"**

**Rating:** 5.0/5.0 stars
*— David D.*

[Read full review](https://www.g2.com/survey_responses/pandora-fms-review-12677659)

---

**"[Why we decided to bet on PandoraFMS](https://www.g2.com/survey_responses/pandora-fms-review-7666873)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Commercial Real Estate*

[Read full review](https://www.g2.com/survey_responses/pandora-fms-review-7666873)

---


#### What Are G2 Users Discussing About Pandora FMS?

- [What are the benefits and drawbacks of using Pandora FMS for IT monitoring?](https://www.g2.com/discussions/what-are-the-benefits-and-drawbacks-of-using-pandora-fms-for-it-monitoring)

### 24. [Graylog](https://www.g2.com/products/graylog/reviews)
Graylog is a log management and security information and event management (SIEM) solution designed to assist security and IT teams in detecting, investigating, and responding to potential threats with increased efficiency. By leveraging advanced technologies such as scalable log management, real-time data correlation, and explainable artificial intelligence (AI), Graylog transforms complex data sets into actionable insights, enabling organizations to make informed decisions swiftly. The platform caters to a diverse range of users, from small businesses to large enterprises, all of whom require enhanced visibility and control over their IT environments. Graylog is particularly beneficial for security analysts and IT professionals who need to sift through vast amounts of log data to identify anomalies, track incidents, and ensure compliance with various regulatory standards. Its user-friendly interface and powerful analytical tools streamline the process of threat detection and response, making it an essential asset for organizations aiming to bolster their cybersecurity posture. Key features of Graylog include automated workflows that simplify repetitive tasks, anomaly detection capabilities that flag unusual patterns in data, and guided investigations that assist users in navigating complex security incidents. The platform also offers AI-driven summaries that distill critical information, allowing analysts to focus on high-priority issues without getting bogged down by excessive data. These features collectively enhance the speed and accuracy of threat responses, ensuring that security teams remain in control of their environments. Graylog&#39;s versatility is evident in its range of products, which includes Graylog Security, Enterprise, API Security, and Open solutions. Each product is tailored to meet the specific needs of different organizations, providing clarity and context across various operational landscapes. With a user base of over 60,000 organizations globally, Graylog has established itself as a trusted partner in the realm of cybersecurity and log management, helping teams navigate the complexities of modern threats while maintaining a clear focus on their objectives.


**Average Rating:** 4.4/5.0
**Total Reviews:** 106
**How Do G2 Users Rate Graylog?**

- **Activity Monitoring:** 8.7/10 (Category avg: 9.1/10)
- **Data Examination:** 8.3/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.5/10 (Category avg: 8.7/10)
- **Log Management:** 9.2/10 (Category avg: 9.1/10)

**Who Is the Company Behind Graylog?**

- **Seller:** [Graylog](https://www.g2.com/sellers/graylog)
- **Company Website:** https://www.graylog.org
- **Year Founded:** 2009
- **HQ Location:** Houston, US
- **Twitter:** @graylog2 (9,115 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/sales/company/2783090?_ntb=deUf18mKRvS5YlRE65XIhw%3D%3D (127 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 44% Mid-Market, 31% Small-Business


#### What Are Graylog's Pros and Cons?

**Pros:**

- Cost Optimization (1 reviews)
- Debugging (1 reviews)
- Detailed Information (1 reviews)
- Insights (1 reviews)
- Pricing (1 reviews)

**Cons:**

- Complexity (1 reviews)
- Debugging Difficulties (1 reviews)
- Integration Issues (1 reviews)
- Learning Curve (1 reviews)
- Time Consumption (1 reviews)


### What Do G2 Reviewers Say About Graylog?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **cost optimization** of Graylog, appreciating its reliability and adherence to industry standards.
- Users find the **detailed debugging information** invaluable, ensuring successful troubleshooting in complex situations.
- Users find Graylog&#39;s **detailed API information** invaluable for effective debugging, preventing potential dead ends in complex processes.
- Users find the **detailed API information** in Graylog invaluable for effective debugging during complex processes.
- Users value Graylog for its **reliable and cost-effective pricing** , ensuring it meets essential industry standards.

**Cons:**

- Users find the **complexity** of Graylog can waste time during debugging and API review, hindering productivity.
- Users face **debugging difficulties** with Graylog, often wasting time on troubleshooting instead of improving efficiency.
- Users experience **integration issues** with Graylog, finding it challenging to connect with various platforms effectively.
- Users often find Graylog&#39;s **steep learning curve** frustrating, as it complicates workflows and debugging efforts.
- Users find that using Graylog can lead to **time consumption** during debugging and reviewing API responses, hindering efficiency.

#### What Are Recent G2 Reviews of Graylog?

**"[Graylog 7.1: Lightweight Upgrade with a Much Easier Collector Experience](https://www.g2.com/survey_responses/graylog-review-12839643)"**

**Rating:** 5.0/5.0 stars
*— Ludwick M.*

[Read full review](https://www.g2.com/survey_responses/graylog-review-12839643)

---

**"[Easy to Integrate, Essential for Supervision](https://www.g2.com/survey_responses/graylog-review-12818294)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Computer &amp; Network Security*

[Read full review](https://www.g2.com/survey_responses/graylog-review-12818294)

---


#### What Are G2 Users Discussing About Graylog?

- [What is your experience with Graylog in managing log data, and what features do you find most useful?](https://www.g2.com/discussions/what-is-your-experience-with-graylog-in-managing-log-data-and-what-features-do-you-find-most-useful) - 1 comment
- [What is Graylog used for?](https://www.g2.com/discussions/what-is-graylog-used-for)
- [Is Graylog a SIEM?](https://www.g2.com/discussions/is-graylog-a-siem)
- [How much does Graylog cost?](https://www.g2.com/discussions/how-much-does-graylog-cost)
- [Who uses Graylog?](https://www.g2.com/discussions/who-uses-graylog)

### 25. [Adlumin](https://www.g2.com/products/adlumin/reviews)
Adlumin, an N-able Company, provides enterprise-grade cybersecurity for organizations of all sizes through its innovative Security Operations as a Service platform. With an agnostic approach, the Adlumin platform seamlessly integrates with existing tech stacks, and its flexible management options enable it to be self-managed by an internal team, or fully managed by Adlumin experts. The Adlumin platform stops cyber threats early with deep learning models tailored to each environment. It maximizes resource efficiency by optimizing existing technology and streamlining workflows across teams. Adlumin transforms risk into resilience by identifying and addressing vulnerabilities, while cybersecurity experts proactively uncover and neutralize threats before they can do damage. Adlumin empowers organizations to take control of their digital security making advanced protection accessible to all.


**Average Rating:** 4.7/5.0
**Total Reviews:** 63
**How Do G2 Users Rate Adlumin?**

- **Activity Monitoring:** 9.7/10 (Category avg: 9.1/10)
- **Data Examination:** 9.2/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.0/10 (Category avg: 8.7/10)
- **Log Management:** 9.5/10 (Category avg: 9.1/10)

**Who Is the Company Behind Adlumin?**

- **Seller:** [N-able](https://www.g2.com/sellers/n-able)
- **Company Website:** https://www.n-able.com
- **HQ Location:** Morrisville, North Carolina
- **Twitter:** @Nable (15,859 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/n-able (2,287 employees on LinkedIn®)
- **Ownership:** NYSE: NABL

**Who Uses This Product?**
- **Top Industries:** Financial Services, Banking
- **Company Size:** 56% Mid-Market, 23% Small-Business


#### What Are Adlumin's Pros and Cons?

**Pros:**

- Analytics (1 reviews)
- Detailed Analysis (1 reviews)
- Detailed Explanation (1 reviews)
- Ease of Management (1 reviews)
- Ease of Use (1 reviews)

**Cons:**

- Poor Customer Support (1 reviews)


### What Do G2 Reviewers Say About Adlumin?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **detailed analytic reports** in Adlumin, praising its reliability and user-friendly interface.
- Users value the **detailed analytic reports** from Adlumin, finding them reliable and easy to use.
- Users find the **detailed analytic reports** of Adlumin reliable and easy to use, enhancing their experience significantly.
- Users value the **ease of management** with Adlumin, finding it reliable and user-friendly for detailed analytics.
- Users find Adlumin&#39;s interface **easy to use** , enhancing their experience with detailed analytic reports.

**Cons:**

- Users feel that the **customer support quality** is adequate but leaves room for improvement in responsiveness.

#### What Are Recent G2 Reviews of Adlumin?

**"[Great platform and easy to use](https://www.g2.com/survey_responses/adlumin-review-12981429)"**

**Rating:** 4.0/5.0 stars
*— KAWSER A.*

[Read full review](https://www.g2.com/survey_responses/adlumin-review-12981429)

---

**"[Comprehensive security monitoring and simplified compliance reporting.](https://www.g2.com/survey_responses/adlumin-review-13050164)"**

**Rating:** 4.0/5.0 stars
*— Dom H.*

[Read full review](https://www.g2.com/survey_responses/adlumin-review-13050164)

---




## What Is Security Information and Event Management (SIEM) Software?

[System Security Software](https://www.g2.com/categories/system-security)

## What Software Categories Are Similar to Security Information and Event Management (SIEM) Software?

- [Incident Response Software](https://www.g2.com/categories/incident-response)
- [Log Analysis Software](https://www.g2.com/categories/log-analysis)
- [Security Orchestration, Automation, and Response (SOAR) Software](https://www.g2.com/categories/security-orchestration-automation-and-response-soar)


---

## How Do You Choose the Right Security Information and Event Management (SIEM) Software?

### What You Should Know About SIEM Software

### What is security information and event management (SIEM) software?

Security Information and Event Management (SIEM) is a centralized system for threat detection that aggregates security alerts from multiple sources, simplifying threat response and compliance reporting. SIEM software is one of the most commonly used tools for security administrators and security incident response professionals. They provide a single platform capable of facilitating event and threat protection, log analysis and investigation, and threat remediation. Some cutting-edge tools provide additional functionality for creating response workflows, data normalization, and advanced threat protection.

SIEM platforms help security programs operate by collecting security data for future analysis, storing these data points, correlating them to security events, and facilitating analysis of those events.

Security teams can define rules for typical and suspicious activities with SIEM tools. Advanced Next-Gen SIEM solutions leverage [machine learning](https://www.g2.com/articles/what-is-machine-learning) and [AI](https://www.g2.com/articles/what-is-artificial-intelligence) to refine behavior models continuously, enhancing [User and Entity Behavior Analytics (UEBA)](https://www.g2.com/categories/user-and-entity-behavior-analytics-ueba) and reducing false positives. These systems analyze data against set rules and behavioral patterns, flagging notable events when anomalies are detected.

Companies using SIEM solutions deploy sensors across digital assets to automate data collection. Sensors relay information back to the SIEM’s log and event database. When additional security incidents arise, the SIEM platform detects anomalies. It correlates similar logs to provide context and threat information for security teams as they attempt to remediate any existing threats or vulnerabilities.

#### **What does SIEM stand for?**

SIEM stands for security information and event management (SIEM), which is a combination of two different acronyms for security technology: security information monitoring (SIM) and security event management (SEM).

SIM is the practice of collecting, aggregating, and analyzing security data, typically in the form of logs. SIM tools automate this process and document security information for other sources, such as [intrusion detection systems](https://www.g2.com/categories/intrusion-detection-and-prevention-systems-idps), [firewalls](https://www.g2.com/categories/firewall-software), or [routers](https://www.g2.com/categories/routers). Event logs and their associated informational components are recorded and stored for long periods for either retrospective analysis or compliance requirements.

SEM is a family of security software for discovering, analyzing, visualizing, and responding to threats as they arise. SEM is a core component of a security operations system. While SIM tools are designed for log collection and storage, SEM tools typically rely on SQL databases to store specific logs and other event data as they are generated in real time by security devices and IT systems. They usually also provide the functionality to correlate and analyze event data, monitor systems in real time, and alert security teams of abnormal activity.

SIEM combines the functionality of SIM and SEM to centralize control over log storage, event management, and real-time analysis. SIM and SEM have become defunct technologies, as SIEM’s rise has provided dual-purpose functionality. SIEM vendors offer a single tool capable of performing data aggregation, information correlation, and event management.

### Types of SIEM solutions

#### **Traditional SIEM**

Traditional SIEM tools are deployed on-premises with sensors placed on IT assets to analyze events and collect system logs. The data is used to develop baseline references and identify indicators of compromise. The SIEM product alerts security teams for intervention when a system becomes compromised.&amp;nbsp;

#### **Cloud or virtual SIEM**

Cloud-based and virtualized SIEM software are tools typically used to secure cloud infrastructure and services a cloud provider delivers. These tools are often less expensive than on-premises solutions and more accessible to implement, as no physical labor is required. They are ideal for companies without local IT infrastructure.

#### [**Managed SIEM services**](https://www.g2.com/categories/managed-siem-services)

Companies that do not have a full-fledged security program may choose managed SIEM services to aid in management and reduce work for internal employees. These SIEM services are delivered by managed service providers who provide the customer data and dashboards with security information and activity, but the provider handles implementation and remediation.&amp;nbsp;

### What are the common features of SIEM systems?

The following are some core features within SIEM software that can help users collect security data, analyze logs, and detect threats:

**Activity monitoring:** SIEM systems document the actions from endpoints within a network. The system alerts users of incidents and abnormal activities and documents the access point. Real-time tracking will document these for analysis as an event takes place.

**Asset management:** These SIEM features keep records of each network asset and its activity. The feature may also refer to the discovery of new assets accessing the network.

**Log management:** This functionality documents and stores event logs in a secure repository for reference, analysis, or compliance reasons.

**Event management:** As events occur in real time, the SIEM software alerts users of incidents. This allows security teams to intervene manually or trigger an automated response to resolve the issue.

[**Automated response**](https://www.g2.com/categories/security-information-and-event-management-siem/f/automated-response) **:** Response automation reduces the time spent diagnosing and resolving issues manually. The features are typically capable of quickly resolving common network security incidents.

**Incident reporting:** Incident reports document cases of abnormal activity and compromised systems. These can be used for forensic analysis or as a reference point for future incidents.

**Threat intelligence:** Threat intelligence feeds integrate information to train SIEM systems to detect emerging and existing threats. These threat feeds store information related to potential threats and vulnerabilities to ensure issues are discovered and teams are provided with the information necessary to resolve the problems as they occur.

[**Vulnerability assessment**](https://www.g2.com/categories/security-information-and-event-management-siem/f/vulnerability-assessment) **:** Vulnerability assessment tools may scan networks for potential vulnerabilities or audit data to discover non-compliant practices. Mainly, they’re used to analyze an existing network and IT infrastructure to outline access points that can be easily compromised.

[**Advanced analytics**](https://www.g2.com/categories/security-information-and-event-management-siem/f/advanced-analytics) **:** Advanced analytics features allow users to customize analysis with granular or individually specific metrics pertinent to the business’ resources.

[**Data examination**](https://www.g2.com/categories/security-information-and-event-management-siem/f/data-examination) **:** Data examination features typically facilitate the forensic analysis of incident data and event logs. These features allow users to search databases and incident logs to gain insights into vulnerabilities and incidents.

### What are the benefits of using SIEM products?

Below are a few of the main reasons SIEM software is commonly used to protect businesses of all sizes:

**Data aggregation and correlation:** SIEM systems and companies collect vast amounts of information from an entire network environment. This information is gathered from virtually anything interacting with a network, from endpoints and servers to firewalls and antivirus tools. It is either given directly to the SIEM or using agents (decision-making programs designed to identify irregular information). The platform is set up to deploy agents and collect and store similar information together according to security policies set in place by administrators.

**Incident alerting:** As information comes in from a network’s various connected components, the SIEM system correlates it using rule-based policies. These policies inform agents of normal behavior and threats. If any action violates these policies or malware or intrusion is discovered. At the same time, the SIEM platform monitors network activity; it is labeled as suspicious, security controls restrict access, and administrators are alerted.

**Security analysis:** Retrospective analysis may be performed by searching log data during specific periods or based on specific criteria. Security teams may suspect a certain misconfiguration or kind of malware caused an event. They may also suspect an unapproved party went undetected at a specific time. Teams will analyze the logs and look for specific characteristics in the data to determine whether their suspicion was right. They may also discover vulnerabilities or misconfigurations that leave them susceptible to attack and remediate them.

### Software related to SIEM tools

Many network and system security solutions involve collecting and analyzing event logs and security information. SIEM systems are typically the most all-encompassing solutions available, but many other security solutions may integrate with them for added functionality or complementary use. These are a few different technology categories related to SIEM software.

[Threat intelligence software](https://www.g2.com/categories/threat-intelligence) **:** Threat intelligence software is an informational service that provides SIEM tools and other information security systems with up-to-date information on web-based threats. They can inform the system of zero-day threats, new forms of malware, potential exploits, and different kinds of vulnerabilities.

[Incident response software](https://www.g2.com/categories/incident-response) **:** SIEM systems may facilitate incident response, but these tools are specifically designed to streamline the remediation process or add investigative capabilities during security workflow processes. Incident response solutions will not provide the same compliance maintenance or log storage capabilities. Still, they can be used to increase a team’s ability to tackle threats as they emerge.

[Network security policy management (NSPM) software](https://www.g2.com/categories/network-security-policy-management-nspm) **:** NSPM software has some overlapping functionality to ensure security hardware and IT systems are correctly configured but cannot detect and resolve threats. They are typically used to ensure devices like firewalls or DNS filters are functioning correctly and in alignment with the security rules put in place by security teams.

[Intrusion detection and prevention systems (IDPS)](https://www.g2.com/categories/intrusion-detection-and-prevention-systems-idps) **:** While SIEM systems specialize in log management, alerting, and correlation, IDPS provide additional detection and protection features to prevent unapproved parties from accessing sensitive systems and network breaches. However, they will not facilitate the analysis and forensic investigation of logs with the same level of detail as an SIEM system.

[Managed security services providers](https://www.g2.com/categories/managed-security-services) **:** Various managed security services are available for businesses without the resources or staff necessary to operate a full-fledged security administration and operations team. Managed services are a viable option and will provide companies with skilled staff to protect their customers’ systems and keep their sensitive information protected.

### Challenges with SIEM software

**Staffing:** There is an existing shortage of skilled security professionals. Managing SIEM products and maintaining a well-rounded security posture requires dedicated personnel with highly specialized skills. Some smaller or growing companies may not have the means to recruit, hire, and retain qualified security pros. In such cases, businesses can consider managed services to outsource the labor.&amp;nbsp;

**Compliance:** Some industries have specific compliance requirements determined by various governing bodies, but SIEM software can be used across several industries to maintain compliance standards. Many industry-specific compliance requirements exist, but most require security teams to protect sensitive data, restrict access to unapproved parties, and monitor changes made to identities, information, or privileges. For example, SIEM systems can maintain GDPR compliance by verifying security controls and data access, facilitating long-term storage of log data, and notifying security staff of security incidents, as GDPR requires.

### Which companies should buy SIEM solutions?

**Vertical industries:** Vertical industries, such as healthcare and financial services, often have additional compliance requirements related to data protection and privacy. SIEM is an ideal solution for outlining requirements, mapping threats, and remediating vulnerabilities.&amp;nbsp;

**SaaS business:** SaaS businesses utilizing resources from a cloud service provider are still responsible for a significant portion of the security efforts required to protect a cloud-native business. These companies may jump for cloud-native SIEM tools but will benefit from any SIEM to prevent, detect, and respond to threats.&amp;nbsp;

### How to choose the best SIEM software

#### Requirements Gathering (RFI/RFP) for Security Information and Event Management (SIEM) Software

The first step to purchasing a SIEM solution is to outline the options. Companies should be sure whether they need a cloud-based or on-premises solution. They should also outline the number of interconnected devices they need and whether they want physical or virtual sensors to secure them. Additional and possibly obvious requirements should include budgetary considerations, staffing limitations, and required integrations_.&amp;nbsp;_

#### **Compare Security Information and Event Management (SIEM) Software Products**

##### **Create a long list**

Once the requirements are outlined, buyers should prioritize the tools and identify the ones with as many features as possible that fit the budget window. It is recommended to restrict the list to products with desired features, pricing, and deployment methods to identify a dozen or so options. For example, if the business needs a cloud-native SIEM for less than $10k a year, half of the SIEM options will be eliminated.&amp;nbsp;

When choosing a SIEM provider, focus on the vendor’s experience, reputation, and specific functionality relevant to your security needs. Core capabilities ensure essential threat detection, while next-gen features add advanced intelligence and automation, allowing for a more proactive security posture. Here’s a breakdown to guide your selection:

**Core SIEM capabilities**

- Threat detection: Look for SIEMs with robust threat detection, which uses rules and behavioral analytics, along with threat feed integration, to accurately identify potential threats.
- Threat intelligence and security alerting: Leading SIEMs incorporate threat intelligence feeds, aggregate security data, and alert you when suspicious activities are detected, ensuring real-time updates on evolving threats.
- Compliance reporting: Compliance support is crucial, especially for meeting standards like HIPAA, PCI, and FFIEC. SIEMs streamline compliance assessment and reporting, helping prevent costly non-compliance.
- Real-time notifications: Swift alerts are vital; SIEMs that notify you of breaches immediately enable faster responses to potential threats.
- Data aggregation: A centralized view of all network activities ensures no area is left unmonitored, which is crucial for comprehensive threat visibility as your organization scales.
- Data normalization: SIEMs that normalize incoming data make it easier to analyze security events and extract actionable insights from disparate sources.

**Next-gen SIEM capabilities**

- Data collection and management: Next-gen SIEMs pull data from the cloud, on-premises, and external devices, consolidating insights across the entire IT environment.
- Cloud delivery: Cloud-based SIEMs use scalable storage, accommodating large data volumes without the limitations of on-premises hardware.
- User and entity behavior analytics (UEBA): By establishing normal user behavior and identifying deviations, UEBA helps detect insider threats and new, unknown threats.
- Security orchestration and automation response (SOAR): SOAR automates incident response, integrates with IT infrastructure, and enables coordinated responses across firewalls, email servers, and access controls.
- Automated attack timelines: Next-gen SIEMs automatically create visual attack timelines, simplifying investigation and triage, even for less experienced analysts.

Selecting an SIEM vendor with both core and next-gen capabilities offers your organization a comprehensive and agile approach to security, meeting both current and future requirements.

##### **Create a short list**

Narrowing down a short list can be tricky, especially for the indecisive, but these decisions must be made. Once the long list is limited to affordable products with the desired features, it’s time to search for third-party validation. For each tool, the buyer must analyze end-user reviews, analyst reports, and empirical security evaluations. Combining these specified factors should help rank options and eliminate poorly performing products. _&amp;nbsp;_

##### **Conduct demos**

With the list narrowed down to three to five possible products, businesses can contact vendors and schedule demos. This will help them get first-hand experience with the product, ask targeted questions, and gauge the vendors&#39; quality of service.&amp;nbsp;

Here are some essential questions to guide your decision:

- Will the tool enhance log collection and management?: 

Effective log collection is foundational. Look for compatible software across systems and devices, offering a user-friendly dashboard for streamlined monitoring.

- Does the tool support compliance efforts?

Even if compliance isn&#39;t a priority, choosing an SIEM that facilitates auditing and reporting can future-proof your operations. Look for tools that simplify compliance processes and reporting.

- Can the tool leverage past security events in threat response?

One of SIEM’s strengths is using historical data to inform future threat detection. Ensure the tool offers in-depth analytics and drill-down capabilities to analyze and act on past incidents.

- Is the incident response fast and automated?

Timely, effective responses are critical. The tool should provide customizable alerts that notify your team immediately when needed so you can confidently leave the dashboard.&amp;nbsp;

#### Selection of Security Information and Event Management (SIEM) Software

##### **Choose a selection team**

Decision-makers need to involve subject matter experts from all teams that will use the system in choosing a selection team. For backup software, this primarily involves product managers, developers, IT, and security staff. Any manager or department-level leader should also include individuals managing any solution the backup product will be integrating with.&amp;nbsp;

##### **Negotiation**

The seniority of the negotiation team may vary depending on the maturity of the business. It is advisable to include relevant directors or managers from the security and IT departments as well as from any other cross-functional departments that may be impacted.

##### **Final decision**

If the company has a chief information security officer (CISO), that individual will likely decide.&amp;nbsp;If not, companies must trust their security professionals’ ability to use and understand the product.&amp;nbsp;

### How much does SIEM software cost?

Potential growth should be considered if the buyer chooses a cloud-based SIEM tool that offers pricing on the SaaS pay-as-you-use model. Some solutions are inexpensive at the start and offer affordable, low-tier pricing. Alternatively, some may rapidly increase pricing and fees as the company and storage need to scale. Some vendors provide permanently free backup products for individuals or small teams.

**Cloud SIEM_:_** SIEM as a service pricing may vary, but it traditionally scales as storage increases. Additional costs may come from increased features such as automated remediation, security orchestration, and integrated threat intelligence.&amp;nbsp;

**On-premises SIEM:** On-premises solutions are typically more expensive and require more effort and resources. They will also be more costly to maintain and require dedicated staff. Still, companies with high compliance requirements should adopt on-premises security regardless.&amp;nbsp;

#### Return on Investment (ROI)

Cloud-based SIEM solutions will provide a quicker ROI, similar to their lower average cost. The situation is pretty cut and dry since there is much lower initial investment and lower demand for dedicated staffing.&amp;nbsp;

However, for on-premises systems, the ROI will depend on the scale and scope of business IT systems. Hundreds of servers will require hundreds of sensors, potentially more, as time wears on computing equipment. Once implemented, they must be operated and maintained by (expensive) security professionals.



