AlienVault Professional Threat Management S3000
The platform contains more than 30 open-source security tools built in and ready to go out of the box. We found this product to be quite easy to install.
This offers some exciting new features, including a full compliance manager, but more on that later. The LogLogic MX can collect data and logs from network devices, such as routers and firewalls, as well as many other sources, including intrusion detection system (IDS)/intrusion prevention system (IPS), Windows, Unix and load balancers.
The LogRhythm appliance combines log management, SIEM, file integrity monitoring and host activity monitoring into a single integrated platform.
McAfee Enterprise Security Manager (ESM)
This product features a powerful correlation engine that is driven by an ultralight proprietary backend database. The ESM is able to gather, store and analyze logs and data from a large amount of sources and then correlate events based on rules, possible risk or historical trends.
The Trustwave SIEM appliance is designed to collect, normalize, analyze and store events and logs from a wide array of network devices and security products.
CorreLog Correlation Server v5.1.0
The CorreLog Server is a web-based solution that leverages browser technology to present an easy-to-use, multi-platform interface that stresses point-and-click simplicity for the harried network administrator.
Prism Microsystems EventTracker v7.2
Like many other SIEM products, EventTracker Enterprise uses a client server paradigm, where client systems report back to a server, which consolidates and normalizes events for further processing.
GFI Software GFI EventsManager 2012
The product is designed to do exactly as the name implies – manage events – and in the case of SIEM, those events can originate from any number of network-attached devices in the typical enterprise, whether they are servers, PCs, firewalls, appliances and so forth.
NetIQ Sentinel 7
Using the SIEM methodologies, NetIQ
SolarWinds Log Event Manager v5.3
SolarWinds is one of the smaller players in the SIEM market, but as a vendor specializing in system management and reporting tools, the company has the intelligence to effectively create a SIEM product.
Tenable Network Security Log Correlation Engine v3.6
The latest iteration of LCE can be considered something that is part of a bigger picture. Tenable refers to this as a unified security monitoring (USM) approach. Through this option, the company combines security management with log analysis and vulnerability scanning.
Tripwire Log Center v6.5
Like other products in the SIEM realm, Log Center is part of a larger product line that unifies compliance and security management. Still, the product can be used for the standalone process of SIEM, which many businesses not bound by compliance regulation only look to do.
At the core, SIEM tools take data from sources and get useful, actionable information from it. The SC Magazine Labs team tested popular ones currently on the market.
SC Media arms cybersecurity professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.