Security Information and Event Management (SIEM) is a key enterprise security technology, with the ability to tie systems together for a comprehensive view of IT security.

 

While each vendor has its own take on SIEM, Gartner lists the primary features for enterprise SIEM as: Ingestion of data from multiple sources; interpretation of data; incorporation of threat intelligence feeds; alert correlation; analytics; profiling; automation; and summation of potential threats.

 

SIEM products are differentiated by cost, features, and ease of use. Generally, the more you pay, the greater the sophistication and management complexity, so buyers must weigh their needs, budget and expertise as they decide on a SIEM system.

 

Despite its relative maturity, the SIEM market is still growing at double-digit rates. A major trend is the growing use of behavioral analytics and automation to filter out less urgent alerts so security teams can focus on the biggest threats. Analysts see the cloud as a growing means of delivery for SIEM services, both for SMBs and for hybrid organizations seeking easier ways to keep track of their complex environments.

Below is a brief summary of the top SIEM vendors, followed by a chart rating key features such as security, performance, value and support. Each summary links to an in-depth look at each SIEM product, including features, intelligence, analysis, pricing and more.