Category Report

Security Incidentand EventManagement

NUMBER OF REVIEWS

248NUMBER OF VENDORSEVALUATED

6REPORT GENERATED

August 2018

Dell Quest InTrust

Graylog

IBM QRadar SIEM

McAfee Enterprise Security

Manager

SolarWinds SIEM: Log and Event

Manager

Splunk Enterprise Security

Security Incident and Event Management Category Report

Table ofContentsData Quadrant..................................................................................................................5

Category Overview ...................................................................................................... 6

Vendor Capability Summary .................................................................................7

Vendor Capabilities......................................................................................................8

Product Feature Summary ...................................................................................14

Product Features ......................................................................................................... 15

Emotional Footprint Summary ........................................................................ 21

Emotional Footprint................................................................................................. 22

How to Use the ReportInfo-Tech’s Category Reports provide a comprehensive evaluation of popular products in theSecurity Incident and Event Management market. This buyer’s guide is designed to helpprospective purchasers make better decisions by leveraging the experiences of real users.

The data in this report is collected from real end users, meticulously verified for veracity,exhaustively analyzed, and visualized in easy to understand charts and graphs. Each product iscompared and contrasted with all other vendors in their category to create a holistic, unbiased viewof the product landscape.

Use this report to determine which product is right for your organization. For highly detailed reportson individual products, see Info-Tech’s Product Scorecard.

2

Category Report

SoftwareDirectorySECURITY INCIDENT ANDEVENT MANAGEMENTSOFTWARE

Selecting software can be overwhelming andone of the biggest challenges facingorganizations is understanding themarketplace and identifying all of the availablevendors and products. The Software Directoryis a comprehensive list of all relevant softwarevendors in a particular category. Use this pageto create the right vendor shortlist by exploringall of the options available to yourorganization.

Security Incident and Event Management Software

Accelops Security Monitoring (SIEM) AlertLogic LogManager AlienVault SIEM Solutions

ArcSight Enterprise Security Manager Assuria Log Manager (ALM) ControlScan Managed Security Services

CorreLog SIEM Correlation Server andCompliance Management Dell Quest InTrust EiQ SOCVue

Exabeam Extreme Networks SIEM FortiAnalyzer

GFI EventsManager Graylog Hexis Cyber Solutions

Huntsman Cyber Security Platform IBM QRadar SIEM Juniper Secure Analytics

Loggly Logpoint LogRhythm Security Intelligence Platform

Logscape Lumeta IPsonar ManageEngine EventLog Analyzer

McAfee Enterprise Security Manager NetIQ Sentinel Enterprise Quadrant Sagan

Rapid7 SIEM Solutions RSA NetWitness Suite SIEMphonic Enterprise

SIEM Storm SolarWinds SIEM: Log and Event Manager Solutionary Managed Security Services

Splunk Enterprise Security Sumo Logic Tibco LogLogic

3

Category Report

SoftwareDirectorySECURITY INCIDENT ANDEVENT MANAGEMENTSOFTWARE

Selecting software can be overwhelming andone of the biggest challenges facingorganizations is understanding themarketplace and identifying all of the availablevendors and products. The Software Directoryis a comprehensive list of all relevant softwarevendors in a particular category. Use this pageto create the right vendor shortlist by exploringall of the options available to yourorganization.

Security Incident and Event Management Software

Tripwire Log Center Trustwave SIEM Enterprise VisualGuard

vRealize Suite XpoLog

4

Security Incident and Event Management Category Report

SOFTWARE REVIEWS

Data QuadrantAssess vendor and product performance at a glance and use the Software ReviewsData Quadrant to identify which products and vendors are leadings the pack andwhich are trailing.

PRO

DUCT

FEA

TURE

S AN

D SA

TISF

ACTI

ON

7.7

8.3

VENDOR EXPERIENCE AND CAPABILITIES6.5 8.7

PRODUCT INNOVATOR

FOLLOWER

LEADER

SERVICE STAR

Graylog

Splunk Enterprise SecurityIBM QRadar SIEM

McAfee Enterprise Security Manager

Dell Quest InTrust

SolarWinds SIEM: Log and Event Manager

Security Incidentand EventManagementThe Software Reviews Data Quadrant evaluates and ranks products based on feedbackfrom IT and business professionals. The placement of a software in the Data Quadrantindicates its relative ranking as well as its categorization.

The Complete SoftwareExperienceWhen distilled down, the software experience is shaped by both the experience with thesoftware and the relationship with the vendor. Evaluating enterprise software along thesetwo dimensions provides a comprehensive understanding of the product and helpsidentify vendors that can deliver on both.

ProductFeatures andSatisfactionThe satisfaction is captured inthe overall satisfaction score,which is driven by the likelihoodof users to recommend thesoftware, combined with usersatisfaction across top productfeatures.

VendorExperience andCapabilitiesThe vendor relationship is calculated ina weighted average of the satisfactionscores tied to vendor capabilities (e.g.software implementation, training,customer support, product roadmap) aswell as emotional response ratingstoward the vendor (e.g. trustworthy,respectful, fair).

Note: The axes ranges are dynamically adjusted based onminimum and maximum values in the dataset.

5

Security Incident and Event Management Category Report

Category Overview This page provides a high level summary of product performance within the Security Incident and Event Management category. Products are ranked by a composite satisfactionscore (Composite Score) that averages four different areas of evaluation: Net Emotional Footprint, Vendor Capabilities, Product Features, and Likeliness to Recommend. The NetEmotional Footprint Score measures user emotional response ratings of the vendor (e.g. trustworthy, respectful, fair).

Use this data to get a sense of the field, and to see how the products you’re considering stack up.

RANK VENDOR COMPOSITE SCORE NET EMOTIONALFOOTPRINT

NET EMOTIONALFOOTPRINT DISTRIBUTION

VENDORCAPABILITIES

PRODUCTFEATURES

LIKELINESS TORECOMMEND

NUMBER OFREVIEWS

Graylog 8.5/10 +833% NEGATIVE 86% POSITIVE

74% 75% 90% 25

Splunk Enterprise Security 8.2/10 +812% NEGATIVE 83% POSITIVE

75% 80% 81% 28

3 IBM QRadar SIEM 8.0/10 +783% NEGATIVE 81% POSITIVE

76% 77% 83% 24

4 McAfee Enterprise Security Manager 7.7/10 +748% NEGATIVE 82% POSITIVE

74% 75% 82% 84

5 Dell Quest InTrust 7.4/10 +728% NEGATIVE 80% POSITIVE

74% 72% 81% 11

6 SolarWinds SIEM Log & Event Mgmt 7.1/10 +6213% NEGATIVE 75% POSITIVE

71% 74% 80% 12

AVERAGE SCORES 7.8/10 +756% NEGATIVE 81% POSITIVE

74% 76% 83% 31

VENDORS WITH INSUFFICIENT DATA

-- AlienVault SIEM Solutions -- +754% NEGATIVE 79% POSITIVE

-- -- 80% 9

-- Loggly -- +705% NEGATIVE 75% POSITIVE

-- -- 78% 5

-- https://www.rsa.com/en-us/products/ -- +596% NEGATIVE 65% POSITIVE

-- -- 70% 5

-- Huntsman Cyber Security Platform -- +942% NEGATIVE 96% POSITIVE

-- -- 90% 4

6