SIEM Software

With over 11,000 installations Business LOG is the most requested tool by companies looking for a flexible and efficient log management suite. Available in “On-Premise� or “SaaS� Versions, with Agent Methods and Log Collection Agent less. Business LOG provides complete log analysis, reports and alerts, a powerful log search engine and a flexible log storage option.

Datadog is the monitoring, security and analytics platform for developers, IT operations teams, security engineers and business users in the cloud age. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring and log management to provide unified, real-time observability of our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.

Sumo Logic offers a cloud solution for log management and metrics monitoring for IT and security teams of organizations of all sizes. Faster troubleshooting with integrated logs, metrics and traces. One platform. Many use cases. Increase your troubleshooting effectiveness. Sumo Logic helps you reduce downtime and move from reactive to proactive monitoring with cloud-based modern analytics powered by machine learning. Quickly detect Indicators of Compromise (IoCs), accelerate investigation, and ensure compliance using Sumo Logic Security Analytics. Enable data-driven business decisions and predict and analyze customer behavior using Sumo Logic’s real-time analytics platform. The Sumo Logic platform helps you make data-driven decisions and reduce the time to investigate security and operational issues so you can free up resources for more important activities.

Go from data to business outcomes faster than ever before with Splunk. Splunk Enterprise makes it simple to collect, analyze and act upon the untapped value of the big data generated by your technology infrastructure, security systems and business applications—giving you the insights to drive operational performance and business results. Collect and index log and machine data from any source. Combine your machine data with data in your relational databases, data warehouses and Hadoop and NoSQL data stores. Multi-site clustering and automatic load balancing scale to support hundreds of terabytes of data per day, optimize response times and provide continuous availability. The Splunk platform makes it easy to customize Splunk Enterprise to meet the needs of any project. Developers can build custom Splunk applications or integrate Splunk data into other applications. Apps from Splunk, our partners and our community enhance and extend the power of the Splunk platform.

Turn data into answers with Splunk deployed and managed securely, reliably and scalably as a service. With your IT backend managed by our Splunk experts, you can focus on acting on your data. Splunk-provisioned and managed infrastructure delivers a turnkey, cloud-based data analytics solution. Go live in as little as two days. Managed software upgrades ensure you always have the latest functionality. Tap into the value of your data in days with fewer requirements to turn data into action. Splunk Cloud meets the FedRAMP security standards, and helps U.S. federal agencies and their partners drive confident decisions and decisive actions at mission speeds. Drive productivity and contextual insights with Splunk’s mobile apps, augmented reality and natural language capabilities. Extend the utility of your Splunk solutions to any location with a simple phrase or the tap of a finger. From infrastructure management to data compliance, Splunk Cloud is built to scale.

Hybrid SIEM solution combining real-time (event) log monitoring with comprehensive system health & network monitoring provides users with a complete picture of their servers and endpoints. The included security event log normalization & correlation engine with descriptive email alerts provides additional context and presents cryptic Windows security events in easy to understand reports that offer insight beyond what is available from raw events. EventSentry's NetFlow component visualizes network traffic, can detect malicious activity and offers insight into bandwith usage. Keeping track of Active Directory changes is easy with EventSentry's ADMonitor component that records all changes to AD & Group Policy objects and provides a complete user inventory to help identify obsolete accounts. Various integrations & multi-tenancy available.

Server Monitoring and Event Log Management for enterprise operations. ELM is a proven, premise based solution in high security industries and environments such as DOD, DOE, PSAPs, Finance and Healthcare. Real-time monitoring, alerting, and reporting is what we do. Smart Monitoring Software. Endless Possibilities.

Logit.io are a centralised logging and metrics company that serves hundreds of customers around the world, solving complex problems for FTSE 100, Fortune 500 and fast-growing organisations alike. The Logit platform delivers you with a fully customised log and metrics solution based on Elasticsearch, Logstash and Kibana which is scalable, secure and compliant. Using Logit's ELK platform simplifies logging and metrics, so that your team gains the insights to deliver the best experience for your customers. Logit enables you to monitor and troubleshoot your applications and infrastructure in real-time and enhance your organisation's security and compliance. We scale with you, so you don't need to worry. . Allow your team to focus on what's important to them, not on managing centralised logging and metrics infrastructure . Use our preconfigured sources to automate the collection of your logs and metrics with ease.

SIEM, Log Management, Server Monitoring and Uptime Monitoring Software for Less! Industry leading free and responsive phone and remote session support when you need it the most. Get compliant by centrally storing Event Logs, syslogs and application logs from any system or device. Receive real-time notifications when users login, accounts are locked out and accounts are changed. Satisfy auditing requirements with our out-of-the-box SIEM and security reports. Monitor server resources such as CPU, memory, disk space, directory size and process specific resource consumption. Restart services, kill processes, remote launch custom scripts and fire SNMP Traps. Generate file and directory user access audit reports. Receive SNMP Traps, monitor SNMP Get values and much more. Get real-time notifications when network performance degrades below acceptable performance thresholds. Monitor web, email, database, FTP, DNS and Active Directive servers.

Standing watch, by your side. Intelligent security analytics for your entire enterprise. See and stop threats before they cause harm, with SIEM reinvented for a modern world. Azure Sentinel is your birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make your threat detection and response smarter and faster with artificial intelligence (AI). Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds. Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft. Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft.

JumpCloud® Directory-as-a-Service® is Active Directory® and LDAP reimagined. JumpCloud securely manages and connects your users to their systems, applications, files, and networks. JumpCloud manages users and their systems – whether Mac, Linux, or Windows – and provides access to cloud and on-prem resources such as Office 365™, G Suite, AWS™ cloud servers, Salesforce™, and Jira® among thousands of others. The same login also connects users to networks and file shares via RADIUS and Samba, respectively, securing your organization’s WiFi and file server access. Leveraging cloud-based directory services, IT organizations can choose the best IT resources for the business enabling users to be as productive as possible.

SOC Prime Threat Detection Marketplace® is a SaaS content platform that enables security professionals to detect and respond to cyber threats using SIEM, EDR and SOAR tools. Threat Detection Marketplace (TDM) is an online library of over 52,000 SIEM & EDR rules, queries and more designed to work directly in the SIEM platform you already own. TDM contains SOC ready dashboards, rule packages, Machine Learning recipes for the Elastic Stack, and Sigma rules updated daily and streamed via API. 94% of the content is mapped to MITRE ATT&CK framework aimed at uncovering the latest Malware, APT actors activity, Exploitation attempts and enabling real-time Forensics and TTP threat actor attribution use cases across on-premise and cloud data. As of May 2020, Threat Detection Marketplace is used by 9600+ security specialists of 4100+ organizations across 146 countries in the world.

Secure and Protect Privileged Accounts, Sessions and Credentials. Everywhere! RevBits Privileged Access Management is a six-in-one solution that includes privileged access, privileged session, password, service accounts, key and certificate management, as well as extensive session logging that captures keystrokes and video. RevBits Privileged Access Management native clients are available for common operating systems. As an organization’s need for comprehensive access management grows, the expansion of onboarding vendors will also increase. RevBits Privileged Access Management is built to provide comprehensive access management while reducing the growth in vendor onboarding. With five integrated access management modules in one solution, organizations are in control. Product Features:- Hardware Tokens Comprehensive Platform Coverage Customizable Password Management Extensive Audit Logs Access Granting Workflow Ephemeral Passwords Complete Key Management SSL Scanner

XDR – Full Speed The effort to manage multiple security tools is time-intensive. The lack of intelligence sharing across solutions results in the lost opportunity for proactive defense from threats. Realizing the power of four superior security solutions, RevBits Cyber Intelligence Platform takes XDR to full speed security. The integrated platform offers superior protection by sharing threat intelligence from ten security modules. Cybersecurity solutions should protect a company's network from any threat at any time and ideally, integrate to provide proactive threat intelligence. Contact RevBits for more information regarding RevBits Cyber Intelligence Platform.

EventLog Analyzer by Manage Engine is the industry's most cost-effective security information and event management (SIEM) software solution. This secure and powerful cloud-based solution meets all critical SIEM capabilities that include compliance reporting, log analysis, log aggregation, user activity monitoring, file integrity monitoring, event correlation, log forensics, log retention, and real-time alerting. By leveraging Manage Engine's EventLog Analyzer, users can prevent data breaches, mitigate sophisticated cyber-attacks, and identify the root cause of security incidents.

Hundreds of MSSPs worldwide use AlienVault® Unified Security Management® (USM) to build successful managed security and compliance service offerings. AlienVault USM is the only solution to deliver multiple essential security capabilities plus continuously updated threat intelligence—all in one affordable platform. With it, MSSPs can simplify and centralize threat detection, incident response, and compliance management across their customers’ cloud and on-premises environments. Built to meet the challenges of today’s dynamic MSSP market, AlienVault USM is highly scalable, cost-effective, and easy to deploy and manage. It enables MSSPs to rapidly grow their managed security services offerings to meet their customers’ security goals while minimizing their own risk and expense.

Today’s adversaries use mutation to avoid detection by traditional security tools, leaving security gaps that can lead to a costly data breach. EventTracker Endpoint Detection and Response (EDR) service enables proactive prevention against malware and advanced threats by detecting and blocking them as they unfold on servers and workstations. EDR enhances endpoint security effectiveness by reducing dwell time at all stages of the threat chain, including lateral movement. Our Managed SIEM/SOC service includes EDR to protect your critical endpoints and servers from Zero-day attacks and mutating malware. EventTracker EDR provides 24/7 monitoring of your network for insider threats and advanced attacks that evade anti-virus and firewalls. With real-time visibility and remediation, be confident that your network is defended, as you focus on your core business responsibilities.

We know your job isn’t easy. That’s why we combine log management, machine learning, SOAR, UEBA, and NDR to give you broad visibility across your environment so you can quickly uncover threats and minimize risk. But a mature SOC doesn’t just stop threats. With LogRhythm, you’ll easily baseline your security operations program and track your gains — so you can easily report your successes to your board. Defending your enterprise comes with great responsibility — that’s why we built our NextGen SIEM Platform with you in mind. With intuitive, high-performance analytics and a seamless incident response workflow, protecting your business just got easier. With the LogRhythm XDR Stack, your team has an integrated set of capabilities that deliver on the fundamental mission of your SOC — threat monitoring, threat hunting, threat investigation, and incident response — at a low total cost of ownership.

With the cloud architecture and intuitive interface in InsightIDR, it's easy to centralize and analyze your data across logs, network, endpoints, and more to find results in hours—not months. User and Attacker Behavior Analytics, along with insights from our threat intel network, is automatically applied against all of your data, helping you detect and respond to attacks early. In 2017, 80% of hacking-related breaches used either stolen passwords and/or weak or guessable passwords. Users are both your greatest asset and your greatest risk. InsightIDR uses machine learning to baseline your users' behavior, automatically alerting you on the use of stolen credentials or anomalous lateral movement.

Improve your security posture and quickly demonstrate compliance with a lightweight, ready-to-use, and affordable security information and event management solution. Security Event Manager (SEM) will be another pair of eyes watching 24/7 for suspicious activity and responding in real time to reduce its impact. Virtual appliance deployment, intuitive UI, and out-of-the-box content means you can start getting valuable data from your logs with minimal expertise and time. Minimize the time it takes to prepare and demonstrate compliance with audit proven reports and tools for HIPAA, PCI DSS, SOX, and more. Our licensing is based on the number of log-emitting sources, not log volume, so you won’t need to be selective about the logs you gather to keep costs down.

CybrHawk SIEM Platforms for Security Information and Event Management (SIEM) provide almost real-time analysis of events created by network security controls. SIEM gathers network computers, databases, domain controllers, and more security info. SIEM stores, standardizes, aggregates, and uses analytics to identify trends, recognize threats, and help organizations to investigate any warnings. CybrHawk SIEM provides all the critical tools: IDS, intelligence risk, behavior, machine learning & cloud info. The goal is to provide the entire enterprise with full and total control systems.

Logsign has acquired the vision of strengthening the cyber defense of institutions since 2010, the year of its establishment. Logsign believes that cyber security is a teamwork and that security solutions have to be much smarter. In line with this target, Logsign provides continuous innovation, ease of use and smart solutions by taking into account the technology and necessities of all its stakeholders and it works as a teammate along with all its stakeholders. Along with Security Information and Event Management (SIEM) and Security Orchestration, Automation and Event Intervention (SOAR) solutions, it actively provides services for more than 500 medium and large scale companies and state institutions. Having won the awards of domestic and foreign authorities in the field of technology and cyber security such as Deloitte Technology Turkey Fast 50, Deloitte Technology EMEA Fast 500, Cybersecurity Excellence, Cyber Defense Magazine and Info Security Products Guide.

Cloud-native platform that gives enterprises unprecedented visibility and control over how security resources are provisioned, monitored and managed across any environment. The Trustwave Fusion platform is a cloud-based cybersecurity platform that serves as the foundation for the Trustwave managed security services, products and other cybersecurity offerings. The Trustwave Fusion platform is purpose built to meet the enterprise where they are today in their operations and in the future as they embrace digital transformation and contend with a continuously evolving security landscape. Connects the digital footprints of enterprises and government agencies to a robust security cloud comprised of the Trustwave data lake, advanced analytics, actionable threat intelligence, a wide range of security services and products and Trustwave SpiderLabs, the company’s elite team of security specialists.

Get a simple and fast security analytics implementation, along with a user-friendly interface that can be integrated with an entire IT infrastructure with LogPoint. LogPoint’s modern SIEM with UEBA provides advanced analytics and ML-driven automation capabilities that enable their customers to securely build-, manage, and effectively transform their businesses.They have a flat licensing model, based on nodes rather than data volume. This helps to reduce the cost of deploying a SIEM solution on-premise, in the cloud or even as an MSSP. The solution integrates easily with all devices in your network, giving a holistic and correlated overview of events in your IT infrastructure. LogPoint’s Modern SIEM solution translates all data into one common language, making it possible to compare events across all systems. Having a common language makes it both very easy and efficient to search, analyze and report on data.

A Security Information and Event Management (SIEM) solution that simplifies the deployment, management, and day-to-day use of SIEM. Easy to both deploy and use, Sentinel’s virtual appliance packaging delivers cost-effective SIEM technology with an incredible time to value. Sentinel leverages the ArcSight Connector Framework to enable scalable, enterprise-wide visibility into all of your security event data. Sentinel Log Manager delivers intelligent and cost-effective log management with intuitive searching and a 10:1 storage compression ratio. Get your security monitoring up and running faster. Sentinel Enterprise ships with packaged intelligence to detect threats right out of the box. Bring identity intelligence to your security analytics. Sentinel delivers the industry's only seamless integration between SIEM and IAM.