1. ManageEngine
    1. SIEM tool
    2. analyzing the various logs and extracts information
    3. ideally a log server
    4. analytical functions
    5. identify and report unusual trends in the logs
    6. Target areas
      1. key services
      2. web servers
      3. DHCP servers
      4. databases
      5. print queues
      6. email services
    7. data protection standards
      1. PCI
      2. DSS
      3. HIPPA
      4. ISO 27001
      5. more
  2. IBM QRadar
    1. SIEM tool
    2. detection tool
    3. Qradar
      1. asset
      2. user
      3. network
      4. cloud
      5. endpoint data
      6. corelates
    4. shows the root cause of the security issues
    5. allowing the security team to
      1. respond
      2. eliminate
      3. threats
    6. stop the spread and impact quickly.
    7. It is a complete analytics solution with a diversity of features
      1. including a risk modeling option
    8. suitable for medium and large businesses
    9. can be deployed as
      1. software
      2. hardware
      3. virtual appliance
        1. on-premise
        2. cloud
        3. SaaS
    10. Other features include
      1. Excellent filtering to produce desired results
      2. Advanced threat hunting ability
      3. Netflow analysis
      4. Ability to quickly analyze bulk data
      5. Recreate the purged or lost offenses
      6. detect hidden threads
      7. User behavior analytics.
  3. SolarWinds
    1. SIEM tool
    2. has extensive log management and reporting abilities
    3. has real-time incident response
    4. identify exploits and threats
      1. Windows event logs
    5. simple to use visualization tools
    6. detailed and easy to use the dashboard
    7. Analyses events and logs for on-premise network threat detection
    8. has an automated threat response
      1. monitoring USB drives
    9. has advanced log filtering and forwarding
    10. Major features
      1. Superior forensic analysis
      2. Fast detection of suspicious activity and threats
      3. Continuous security monitoring
      4. Determining the time of an event
      5. Supports compliance with DSS, HIPAA, SOX, PCI, STIG, DISA, and other regulations.
      6. on-premise and cloud deployment options
      7. runs on Windows and Linux
  4. Sumo Logic
    1. SIEM tool
    2. cloud-based intelligent security analytics platform
      1. multi-cloud
      2. hybrid environments.
    3. works on its own or alongside other SIEM solutions
    4. machine learning for enhanced threat detection
    5. can detect and respond to a wide range of security issues in real-time
    6. Sumo Logic allows
      1. consolidate security analytics
      2. log management
      3. compliance
    7. easy to deploy, use, and scale without costly hardware and software upgrades
    8. can quickly identify and isolate threats.
    9. monitors
      1. infrastructure
      2. users
      3. applications
      4. data
      5. On the legacy and modern IT systems
    10. Sumo Logic can
      1. Allows teams to easily and manage security alerts and events
      2. Make it easy and less costly to comply with HIPAA, PCI, DSS, SOC 2.0, and other regulations.
      3. Identify security configurations and deviations
      4. Detect suspicious behavior from malicious users
      5. Advanced access management tools that help to isolate risky assets and users
  5. AlientVault
    1. comprehensive tool
      1. threat detection
      2. incident response
      3. compliance management
      4. remediation
    2. multiple security capabilities
      1. intrusion detection
      2. vulnerability assessment
      3. asset discovery
      4. inventory
      5. log management
      6. event correlation
      7. email alerts
      8. compliance checks
    3. unified low cost
    4. easy to implement
    5. use USM tool that relies on lightweight sensors and endpoint agents
    6. detect threats in real-time
    7. flexible plans
      1. Use a single web portal to monitor the on-premise and on-cloud IT infrastructure
      2. Helps the organization to comply with PCI-DSS requirements
      3. Email alerting upon detecting security issues
      4. Analyze a wide range of logs from different technologies and manufacturers while generating actionable information
      5. An easy to use dashboard that shows the activities and trends across all the relevant locations.
  6. LogRhythm
    1. available as
      1. cloud service
      2. on-premise appliance
    2. superior features
      1. log correlation
      2. artificial intelligence
      3. behavioral analysis
    3. utilizes artificial intelligence
      1. analyze logs and traffic
      2. windows and Linux both
    4. flexible data storage
    5. providing segmented threat detection
      1. there no structured data
      2. no centralized visibility
      3. automation
    6. enhance threat and incident response capabilities
  7. Rapid7 InsightIDR
    1. powerful security solution
      1. detection and response
      2. endpoint visibility
      3. monitoring authentication
      4. many other capabilities
    2. cloud-based SIEM tool
      1. search
      2. data collection
      3. analysis features
    3. detect a wide range of threats
      1. stolen credentials
      2. phishing
      3. malware
    4. gives it the ability to quickly detect and alert on suspicious activities
    5. Detects unauthorized access from both internal and external users
    6. InsightIDR employs
      1. advanced deception technology
      2. attacker and user behavior analytics
      3. file integrity monitoring
      4. central log management
      5. Many other discovery features
    7. suitable tool to scan the various endpoints
    8. provide real-time detection of security threats
    9. helps teams to make quick and smart security decisions
  8. Splunk
    1. powerful tool that uses AI and machine learning technologies
      1. actionable
      2. effective
      3. predictive insights
      4. provides
    2. has enhanced security features
    3. customizable
      1. asset investigator
      2. statistical
      3. analysis
      4. dashboards
      5. investigations
      6. classification
      7. incident review
    4. suitable for all types of organizations
    5. for both on-premise and SaaS deployments
    6. works for almost any type of business and industry
      1. financial services
      2. healthcare
      3. public sector
    7. key features
      1. Quick threat detection
      2. Establishing the risk scores
      3. Alerts management
      4. Sequencing of events
      5. A fast and effective response
      6. Works with data from any machine, either from on-premise or cloud.
  9. Varonis
    1. provides useful analysis and alerts
      1. infrastructure
      2. users
      3. data access and usage
    2. provides actionable reports and alerts
    3. has flexible customization
    4. It provides comprehensive dashboards
    5. can get insights
      1. email systems
      2. unstructured data
    6. respond automatically to resolve issues
    7. integrates with other tools to provide enhanced actionable insights and alerts
    8. also integrates with LogRhythm to provide enhanced threat detection and response abilities
    9. quickly investigate
      1. threats
      2. devices
      3. users
  10. SIEM := Security Information and Event Management
  11. threat intelligence and vulnerability information
  12. Floating Topic