AlienVault Unified Security Management (AV-USM) v4.1
Strengths: Flexibility, quality and ease of use. Weaknesses: Appliance setup can be a little challenging and the documentation could be better.
BlackStratus LOG Storm v188.8.131.52
Strenghts: Simple to use as well as a large list of agent modules. Weaknesses: There is a need for more prepared policies and reports to help non-expert users.
CorreLog Enterprise Server v5.2.0
Strengths: Easy to install and full of features. Weaknesses: Macro writing requires specialization often unavailable in small organizations.
eIQnetworks SecureVue v3.6.3
Strengths: A well designed and vetted product. Weaknesses: Minor improvements in the documentation of features not commonly known.
EventTracker Enterprise v7.3
Strengths: This product is a well-designed enterprise-class tool. Weaknesses: Hard to find a substantial weakness.
GFI EventsManager 2013
Strengths: Integration of mature features and functions into the product. Weaknesses: Absence of a ticketing feature.
HP ArcSight Express
Strengths: Highly configurable with many reporting functions. Weaknesses: Very expensive.
Strengths: Easy to deploy and manage with many reporting and alerting functions built in. Weaknesses: None that we found.
McAfee Enterprise Security Manager
Strengths: Feature-rich and highly customizable, this tool is loaded with templates and prebuilt reports. Weaknesses: None that we found.
Strengths: Highly intelligent SIEM analysis capabilities. Weaknesses: High cost for a software only product.
SolarWinds Log & Event Manager
Strengths: Reasonably priced, full-feature SIEM virtual appliance. Weaknesses: None that we found.
Zoho ManageEngine EventLog Analyzer
Strengths: Easy to deploy for smaller environments. Weaknesses: Device and log support is limited.
The SC Labs team took a look at some of the latest SIEM products on the market and reported the pros and cons. Here’s a look.