# Best Security Information and Event Management (SIEM) Software Solutions

*By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)*


Security information and event management (SIEM) software combines a variety of security software components into one platform. Companies use SIEM solutions to centralize security operations into a single location. IT and security operations teams can gain access to the same information and alerts for more effective communication and planning. These products provide capabilities to identify and alert IT operations teams of anomalies detected in their systems. The anomalies may be new malware, unapproved access, or newly discovered vulnerabilities. SIEM tools provide live analysis of functionality and security, storing logs and records for retrospective reporting. They also have products for identity and access management to ensure only approved parties have access to sensitive systems. Forensic analysis tools help teams navigate historical logs, identify trends, and better fortify their networks.

SIEM systems may be confused with [incident response](https://www.g2.com/categories/incident-response) software, but SIEM products provide a larger scope of security and IT management features. Most also do not have the ability to automate security remediation practices.

To qualify for inclusion in the SIEM category, a product must:

- Aggregate and store IT security data
- Assist in user provisioning and governance 
- Identify vulnerabilities in systems and endpoints
- Monitor for anomalies within an IT system





## Top Security Information and Event Management (SIEM) Software at a Glance
| # | Product | Rating | Best For | What Users Say |
|---|---------|--------|----------|----------------|
| 1 | [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) | 4.6/5.0 (417 reviews) | Behavioral threat detection with real-time endpoint response | "[Crowdstrike Falcon: Proactive Security, Steep Learning Curve](https://www.g2.com/survey_responses/crowdstrike-falcon-endpoint-protection-platform-review-12958852)" |
| 2 | [ManageEngine ADAudit Plus](https://www.g2.com/products/manageengine-adaudit-plus/reviews) | 4.6/5.0 (59 reviews) | — | "[Easy Setup, Powerful Reporting, and Great Value](https://www.g2.com/survey_responses/manageengine-adaudit-plus-review-12999020)" |
| 3 | [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) | 4.3/5.0 (391 reviews) | Cloud-native SIEM with unified observability | "[Centralized Logging with Intuitive Dashboards](https://www.g2.com/survey_responses/sumo-logic-review-12948839)" |
| 4 | [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews) | 4.4/5.0 (273 reviews) | Cloud-native SIEM with Microsoft ecosystem integration | "[Easy Log Ingestion Across Formats with Seamless Sentinel Integrations](https://www.g2.com/survey_responses/microsoft-sentinel-review-13073395)" |
| 5 | [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews) | 4.7/5.0 (106 reviews) | Unified SIEM with embedded MXDR for MSPs | "[Valuable Visibility with Room for Improvement](https://www.g2.com/survey_responses/todyl-security-platform-review-9155307)" |
| 6 | [Check Point Infinity Platform](https://www.g2.com/products/check-point-infinity-platform/reviews) | 4.6/5.0 (109 reviews) | Unified threat prevention across hybrid security infrastructure | "[Excellent option  Harmony Platform for security central](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11868343)" |
| 7 | [Splunk Enterprise](https://www.g2.com/products/splunk-enterprise/reviews) | 4.3/5.0 (415 reviews) | Real-time log correlation with SPL query power | "[Excellent Enterprise Observability and Log Management Solution for Hybrid Cloud Infrastructure](https://www.g2.com/survey_responses/splunk-enterprise-review-12045230)" |
| 8 | [Panther](https://www.g2.com/products/panther/reviews) | 4.7/5.0 (49 reviews) | Detection-as-code SIEM with Python-based alerting | "[Panther’s SIEM + AI Makes Triage and Threat Hunting Fast and Seamless](https://www.g2.com/survey_responses/panther-review-12919421)" |
| 9 | [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews) | 4.4/5.0 (282 reviews) | Vendor-agnostic log correlation with custom rule creation | "[QRADAR Integrates Easily and Makes Logs &amp; Alerts Report-Ready](https://www.g2.com/survey_responses/ibm-qradar-siem-review-13061810)" |
| 10 | [Cynet](https://www.g2.com/products/cynet/reviews) | 4.7/5.0 (215 reviews) | — | "[Great MDR/XDR Platform](https://www.g2.com/survey_responses/cynet-review-9481539)" |

---
## What Are the Most Common Questions About Security Information and Event Management (SIEM) Software?
*AI-generated · Last updated: May 26, 2026*
### What Security Information And Event Management Siem tools with the fastest incident response capabilities and automation features for enterprise buyers assessing?
Based on G2 reviews, buyers evaluating **Security Information and Event Management (SIEM) Software** consistently call out fast investigation, alert correlation, and automation as the biggest drivers of response speed. According to verified users, Microsoft Sentinel helps teams centralize monitoring and use playbook-based automation, while Todyl Security Platform is frequently praised for responsive MXDR support and automated actions that help teams move quickly. G2 reviewers mention Panther for speeding detection and response through detection-as-code and AI-assisted triage, and Sumo Logic for real-time search and alerting that shortens investigations. Across reviews, the fastest response experiences usually come from products that reduce manual triage, centralize visibility, and make alerts easier to act on.

**Here are some of the top-rated products on G2:**

- [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews) – praised for MXDR support, automated response actions, and centralized security operations for MSPs and lean teams
- [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) – valued for real-time search, alerting, and faster root-cause analysis during incidents
- [Panther](https://www.g2.com/products/panther/reviews) – highlighted for AI triage and detection-as-code that helps small teams investigate and tune detections faster


### What security concerns and data privacy risks when implementing SIEM solutions before signing a long-term vendor contract?
Based on G2 reviews, the most common concerns before committing to a SIEM vendor are data handling, deployment complexity, access controls, and cost-related surprises tied to log storage or ingestion. According to verified users, several cloud-native platforms raise questions about cloud dependency, outage exposure, or how much control teams have over data retention and access. G2 reviewers mention that some buyers also watch for gaps in RBAC, missing monitoring for log-source health, and the effort required to normalize or tune data once it is ingested. Reviews also suggest validating how well a product handles integrations, documentation, and reporting, since weak setup guidance or fragmented data can create operational risk after signing a long-term contract.


### What highest rated Security Information And Event Management Siem software SIEM platforms for real-time threat detection in financial services for enterprise teams with?
Based on G2 reviews, enterprise teams looking for real-time threat detection typically favor SIEM platforms that combine centralized visibility, alert correlation, and fast investigation workflows. According to verified users, Microsoft Sentinel stands out for cloud-native monitoring across hybrid environments and strong integration with Microsoft security tools. G2 reviewers also describe Splunk Enterprise Security as a strong fit when teams need broad visibility, correlation across large data sets, and structured investigations, while Palo Alto Cortex XSIAM is noted for reducing alert noise and helping analysts focus on higher-priority threats. Across reviews, the strongest options for enterprise environments are the ones that unify logs from many sources, support faster triage, and reduce manual work during ongoing monitoring.


### What Security Information And Event Management Siem top SIEM platforms compared to traditional log management approaches for threat detection?
Based on G2 reviews, users draw a clear line between traditional log management and SIEM platforms built for threat detection. Traditional log tools are often praised for centralizing and searching records, but reviewers say SIEM products go further by correlating events, prioritizing suspicious activity, and supporting faster response. According to verified users, products like Microsoft Sentinel, Sumo Logic, and Panther help teams move beyond raw log collection by adding analytics, alerting, automation, and investigation workflows. G2 reviewers mention that the biggest advantage of SIEM over basic log management is context: instead of manually piecing together events from multiple systems, teams get clearer visibility into real threats, less switching between tools, and more structured triage.

**Here are some of the top-rated products on G2:**

- [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews) – used to centralize logs, detections, and automated response across cloud, on-prem, and hybrid environments
- [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) – combines centralized log management with security monitoring, dashboards, and anomaly detection
- [Panther](https://www.g2.com/products/panther/reviews) – supports detection-as-code, AI triage, and flexible investigations beyond basic log search


### What Security Information And Event Management Siem implementation challenges and common deployment failures to avoid for organizations in highly regulated software?
Based on G2 reviews, the most common SIEM implementation challenges are setup complexity, integration gaps, alert noise, and underestimating the tuning work required after launch. According to verified users, many platforms work well once deployed, but teams run into trouble when they expect out-of-the-box value without planning for normalization, rule tuning, and onboarding of many log sources. G2 reviewers mention that confusing dashboards, weak documentation, and complicated connector setup can slow adoption, especially for regulated organizations that need dependable reporting and audit readiness. Reviews also show that poor cost planning around data ingestion or retention can become a deployment failure of its own. Teams tend to succeed when they validate integrations early and assign time for alert refinement.


### How Which organizations detect advanced threats and security breaches in real time management?
Based on G2 reviews, organizations that detect advanced threats in real time usually rely on platforms that unify endpoint, cloud, identity, and network data rather than monitoring each area in isolation. According to verified users, Todyl Security Platform is frequently described as helping MSPs and lean security teams gain proactive visibility through SIEM, MXDR, and centralized monitoring. G2 reviewers also mention Microsoft Sentinel for hybrid visibility and automated response workflows, while Panther and Palo Alto Cortex XSIAM are noted for reducing alert fatigue and surfacing higher-priority incidents faster. Across reviews, the teams getting the best real-time results are the ones using platforms that correlate activity automatically, support investigation speed, and reduce the manual work of sorting through raw alerts.


### What most trusted SIEM tools by Security Operations Center managers based on user reviews?
Based on G2 reviews, SOC managers tend to trust SIEM platforms that consistently improve analyst efficiency, reduce alert noise, and provide clear investigation context. According to verified users, Todyl Security Platform earns trust for its responsive MXDR team, centralized management, and support for MSP and SOC workflows. G2 reviewers also frequently praise Sumo Logic for fast search, observability across environments, and quicker incident troubleshooting, while Panther is trusted for detection-as-code, AI-assisted triage, and strong support for modern security teams. Across reviews, trust is usually tied less to breadth of features alone and more to how reliably a platform helps teams investigate, prioritize, and respond without creating excessive operational overhead.

**Here are some of the top-rated products on G2:**

- [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews) – trusted for centralized security workflows, responsive support, and MXDR collaboration
- [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) – trusted for fast search, alerting, and cross-team visibility for operations and security
- [Panther](https://www.g2.com/products/panther/reviews) – trusted for modern SecOps workflows, strong support, and AI-powered investigations


### What compliance requirements drive security event monitoring and alerting strategies for organizations evaluating solutions?
Based on G2 reviews, compliance needs often shape how organizations evaluate event monitoring, log retention, reporting, and alerting. According to verified users, teams frequently mention audit readiness, security reporting, and visibility into user activity as major reasons for adopting SIEM platforms. G2 reviewers point to use cases tied to compliance reviews, internal audits, and controls tracking, especially where organizations need searchable historical logs, centralized dashboards, and easier evidence collection. Reviews of tools like Sumo Logic, EventSentry, and ManageEngine products show that buyers want alerting that supports both active threat response and proof of oversight. In practice, compliance-driven strategies focus on retaining the right logs, monitoring critical changes, and making reports easier to produce during reviews.


### What SIEM solutions that integrate seamlessly with existing security infrastructure and tools to identify the best?
Based on G2 reviews, the best-integrating SIEM solutions are usually the ones that connect quickly to existing cloud services, endpoint tools, and identity or firewall data sources without extensive custom work. According to verified users, Microsoft Sentinel is often chosen for smooth integration across Azure, Microsoft 365, Defender, and Entra environments. G2 reviewers also describe Todyl Security Platform as effective for consolidating multiple security functions and integrating Microsoft, firewall, and remote-access use cases, while Sumo Logic is praised for broad cloud integrations and centralized monitoring. Across reviews, strong integration usually means faster onboarding, better visibility across the environment, and less time spent stitching together separate dashboards during investigations.


### How what are the main challenges with managing security logs across multiple systems?
Based on G2 reviews, the biggest challenge with managing security logs across multiple systems is fragmentation. According to verified users, teams lose time when logs live in separate tools, use different schemas, or require manual correlation during investigations. G2 reviewers mention that alert noise, missed context, and inconsistent normalization also make it harder to spot meaningful issues quickly. Cost management is another recurring issue, especially when ingestion and retention grow faster than expected. Reviews repeatedly show that teams want one place to search, correlate, and retain logs without babysitting many connectors or switching dashboards. In practice, the hardest part is not collecting logs alone, but making them searchable, consistent, and actionable enough to support faster threat detection and response.




## G2 Grid® for Security Information and Event Management (SIEM) Software
![G2 Grid® for Security Information and Event Management (SIEM) Software plotting products by satisfaction and market presence](https://www.g2.com/categories/security-information-and-event-management-siem/grids.png?focus%5B%5D=68606&focus%5B%5D=5691&focus%5B%5D=10436&focus%5B%5D=122123&focus%5B%5D=58203&focus%5B%5D=53174&focus%5B%5D=112657&focus%5B%5D=2965)
Highlighted products: CrowdStrike Falcon Endpoint Protection Platform, ManageEngine ADAudit Plus, Sumo Logic, Microsoft Sentinel, Check Point Infinity Platform, Todyl Security Platform, Panther, and Splunk Enterprise.
Underlying data: [Grid® JSON](https://www.g2.com/categories/security-information-and-event-management-siem/grids.json?focus%5B%5D=crowdstrike-falcon-endpoint-protection-platform&amp;focus%5B%5D=manageengine-adaudit-plus&amp;focus%5B%5D=sumo-logic&amp;focus%5B%5D=microsoft-sentinel&amp;focus%5B%5D=check-point-infinity-platform&amp;focus%5B%5D=todyl-security-platform&amp;focus%5B%5D=panther&amp;focus%5B%5D=splunk-enterprise)


## How Many Security Information and Event Management (SIEM) Software Products Does G2 Track?
**Total Products under this Category:** 121

### Category Stats (Jul 2026)
- **Average Rating**: 4.43/5 (↓0.01 vs Jun 2026) The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: ManageEngine ADAudit Plus (+3.84%) - Among all products in this category, ManageEngine ADAudit Plus recorded the largest rating increase compared to last month
*Last updated: July 17, 2026*


## How Does G2 Rank Security Information and Event Management (SIEM) Software Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 5,800+ Authentic Reviews
- 121+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


## Which Security Information and Event Management (SIEM) Software Is Best for Your Use Case?

- **Leader:** [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews)
- **Highest Performer:** [aiSIEM](https://www.g2.com/products/aisiem/reviews)
- **Easiest to Use:** [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews)
- **Top Trending:** [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews)
- **Best Free Software:** [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews)


---

**Sponsored**

### Graylog

Graylog is a log management and security information and event management (SIEM) solution designed to assist security and IT teams in detecting, investigating, and responding to potential threats with increased efficiency. By leveraging advanced technologies such as scalable log management, real-time data correlation, and explainable artificial intelligence (AI), Graylog transforms complex data sets into actionable insights, enabling organizations to make informed decisions swiftly. The platform caters to a diverse range of users, from small businesses to large enterprises, all of whom require enhanced visibility and control over their IT environments. Graylog is particularly beneficial for security analysts and IT professionals who need to sift through vast amounts of log data to identify anomalies, track incidents, and ensure compliance with various regulatory standards. Its user-friendly interface and powerful analytical tools streamline the process of threat detection and response, making it an essential asset for organizations aiming to bolster their cybersecurity posture. Key features of Graylog include automated workflows that simplify repetitive tasks, anomaly detection capabilities that flag unusual patterns in data, and guided investigations that assist users in navigating complex security incidents. The platform also offers AI-driven summaries that distill critical information, allowing analysts to focus on high-priority issues without getting bogged down by excessive data. These features collectively enhance the speed and accuracy of threat responses, ensuring that security teams remain in control of their environments. Graylog&#39;s versatility is evident in its range of products, which includes Graylog Security, Enterprise, API Security, and Open solutions. Each product is tailored to meet the specific needs of different organizations, providing clarity and context across various operational landscapes. With a user base of over 60,000 organizations globally, Graylog has established itself as a trusted partner in the realm of cybersecurity and log management, helping teams navigate the complexities of modern threats while maintaining a clear focus on their objectives.



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=paid_promo&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=1081&amp;secure%5Bchosen_at%5D=2026-07-17T12%3A14%3A59Z&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=42017&amp;secure%5Bresource_id%5D=1081&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fsecurity-information-and-event-management-siem%2Ff%2Fvulnerability-assessment&amp;secure%5Btoken%5D=85c9e0c6f6436b7c05c2d8214f02d91c239c942d16fb07d97dd0a8af7aa3c31b&amp;secure%5Burl%5D=https%3A%2F%2Fwww.graylog.org%2Foverview&amp;secure%5Burl_type%5D=paid_promos)

---

## What Are the Top-Rated Security Information and Event Management (SIEM) Software Products in 2026?
### 1. [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews)
Organizations today face a serious challenge: managing numerous security vendors and tools while confronting an ever-evolving threat landscape. Sophisticated adversaries are becoming smarter, faster, and more evasive, launching complex attacks that can strike in minutes or even seconds. Traditional security approaches struggle to keep pace, leaving businesses vulnerable. The CrowdStrike Falcon Platform addresses this by offering a unified, cloud-native solution. It consolidates previously siloed security solutions and incorporates third-party data into a single platform with one efficient and resource-conscious agent, leveraging advanced AI and real-time threat intelligence. This approach simplifies security operations, speeds analyst decision making, and enhances protection to stop the breach, allowing organizations to reduce risk with less complexity and lower costs. CrowdStrike&#39;s Falcon Platform includes: - Endpoint Security: Secure the endpoint, stop the breach - Identify Protection: Identity is the front line, defend it - Next-Gen SIEM: The future of SIEM, today - Data Protection: Real-time data protection from endpoint to cloud - Exposure Management: Understand risk to stop breaches - Charlotte AI: Powering the next evolution of the SOC


**Average Rating:** 4.6/5.0
**Total Reviews:** 417
**How Do G2 Users Rate CrowdStrike Falcon Endpoint Protection Platform?**

- **Activity Monitoring:** 9.5/10 (Category avg: 9.1/10)
- **Data Examination:** 8.8/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.0/10 (Category avg: 8.7/10)
- **Log Management:** 8.7/10 (Category avg: 9.1/10)

**Who Is the Company Behind CrowdStrike Falcon Endpoint Protection Platform?**

- **Seller:** [CrowdStrike](https://www.g2.com/sellers/crowdstrike)
- **Company Website:** https://www.crowdstrike.com
- **Year Founded:** 2011
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @CrowdStrike (110,809 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2497653/ (11,343 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Analyst, Cyber Security Analyst
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 43% Enterprise, 43% Mid-Market


#### What Are CrowdStrike Falcon Endpoint Protection Platform's Pros and Cons?

**Pros:**

- Features (113 reviews)
- Threat Detection (103 reviews)
- Ease of Use (98 reviews)
- Security (97 reviews)
- Detection (90 reviews)

**Cons:**

- Expensive (54 reviews)
- Complexity (39 reviews)
- Learning Curve (35 reviews)
- Limited Features (31 reviews)
- Pricing Issues (29 reviews)


### What Do G2 Reviewers Say About CrowdStrike Falcon Endpoint Protection Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **lightweight performance and powerful threat detection** of CrowdStrike Falcon, enhancing operational efficiency and security.
- Users value the **effective threat detection** of CrowdStrike Falcon, ensuring robust security without compromising system performance.
- Users appreciate the **ease of use** of CrowdStrike Falcon, benefiting from a lightweight and efficient security solution.
- Users appreciate the **advanced real-time threat protection** of CrowdStrike Falcon, enhancing security with minimal system impact.
- Users appreciate the **strong threat detection** of CrowdStrike Falcon, effectively catching both known and unknown threats seamlessly.

**Cons:**

- Users find the **cost of CrowdStrike Falcon** to be high, especially for smaller teams needing advanced features.
- Users face **initial complexity and a steep learning curve** with CrowdStrike Falcon, making it challenging for non-technical personnel.
- Users find the **initial learning curve** of CrowdStrike challenging, especially transitioning from other systems like Splunk.
- Users find the **high cost and limited features** frustrating, particularly for smaller teams needing advanced capabilities.
- Users express concern over **pricing issues** , especially for smaller organizations needing advanced features with additional licensing costs.

#### What Are Recent G2 Reviews of CrowdStrike Falcon Endpoint Protection Platform?

**"[Crowdstrike Falcon: Proactive Security, Steep Learning Curve](https://www.g2.com/survey_responses/crowdstrike-falcon-endpoint-protection-platform-review-12958852)"**

**Rating:** 5.0/5.0 stars
*— Ansh B.*

[Read full review](https://www.g2.com/survey_responses/crowdstrike-falcon-endpoint-protection-platform-review-12958852)

---

**"[Lightweight Deployment, Powerful Incident Response Visibility](https://www.g2.com/survey_responses/crowdstrike-falcon-endpoint-protection-platform-review-12952621)"**

**Rating:** 5.0/5.0 stars
*— Anup A.*

[Read full review](https://www.g2.com/survey_responses/crowdstrike-falcon-endpoint-protection-platform-review-12952621)

---


#### What Are G2 Users Discussing About CrowdStrike Falcon Endpoint Protection Platform?

- [How does Falcon prevent work?](https://www.g2.com/discussions/how-does-falcon-prevent-work) - 1 comment
- [Does CrowdStrike offer MFA?](https://www.g2.com/discussions/does-crowdstrike-offer-mfa) - 1 comment
- [What is OverWatch in CrowdStrike?](https://www.g2.com/discussions/what-is-overwatch-in-crowdstrike) - 1 comment
- [How much does CrowdStrike Falcon X cost?](https://www.g2.com/discussions/how-much-does-crowdstrike-falcon-x-cost)
- [What is MDR detection?](https://www.g2.com/discussions/what-is-mdr-detection)

### 2. [ManageEngine ADAudit Plus](https://www.g2.com/products/manageengine-adaudit-plus/reviews)
ADAudit Plus is a UBA-driven auditor that helps keep your AD, Azure AD, file systems (including Windows, NetApp, EMC, Synology, Hitachi, and Huawei), Windows servers, and workstations secure and compliant. ADAudit Plus transforms raw and noisy event log data into real-time reports and alerts, enabling you to get full visibility into activities happening across your Windows Server ecosystem in just a few clicks. More than 10,000 organizations across the world trust ADAudit Plus to: 1. Instantly notify them about changes in their Windows Server environments. 2. Continuously track Windows user logon activity. 3. Monitor the active and idle time spent by employees at their workstations. 4. Detect and troubleshoot AD account lockouts. 5. Provide a consolidated audit trail of privileged user activities across their domains. 6. Track changes and sign-ins in Azure AD. 7. Audit file accesses across Windows, NetApp, EMC, Synology, Hitachi, and Huawei file systems. 8. Monitor file integrity across local files residing on Windows systems. 9. Mitigate insider threats by leveraging UBA and response automation. 10. Generate audit-ready compliance reports for SOX, the GDPR, and other IT mandates.


**Average Rating:** 4.6/5.0
**Total Reviews:** 59
**How Do G2 Users Rate ManageEngine ADAudit Plus?**

- **Activity Monitoring:** 9.4/10 (Category avg: 9.1/10)
- **Data Examination:** 8.5/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.8/10 (Category avg: 8.7/10)
- **Log Management:** 8.8/10 (Category avg: 9.1/10)

**Who Is the Company Behind ManageEngine ADAudit Plus?**

- **Seller:** [Zoho](https://www.g2.com/sellers/zoho-b00ca9d5-bca8-41b5-a8ad-275480841704)
- **Year Founded:** 1996
- **HQ Location:** Austin, TX
- **Twitter:** @Zoho (137,880 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/38373/ (30,766 employees on LinkedIn®)
- **Phone:** +1 (888) 900-9646 

**Who Uses This Product?**
- **Top Industries:** Hospital &amp; Health Care, Information Technology and Services
- **Company Size:** 59% Mid-Market, 32% Enterprise


#### What Are ManageEngine ADAudit Plus's Pros and Cons?

**Pros:**

- Reporting (3 reviews)
- Dashboard Usability (2 reviews)
- Features (2 reviews)
- Dashboard Design (1 reviews)
- Detailed Information (1 reviews)

**Cons:**

- Alert Management (1 reviews)
- Data Overload (1 reviews)
- Expensive (1 reviews)
- False Positives (1 reviews)
- High Resource Usage (1 reviews)


### What Do G2 Reviewers Say About ManageEngine ADAudit Plus?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **depth of reporting** in ADAudit Plus, enhancing visibility into AD environments with prebuilt options.
- Users value the **intuitive dashboard usability** of ADAudit Plus, offering easy navigation and comprehensive reporting options.
- Users appreciate the **easy setup and extensive reporting options** in ManageEngine ADAudit Plus for effective monitoring.
- Users value the **dashboard design** of ADAudit Plus for its comprehensive overview and detailed reporting options.
- Users value the **intuitive dashboard and extensive reporting options** in ADAudit Plus for effective Active Directory management.

**Cons:**

- Users find the **limited alert levels** insufficient for fine-tuning notifications, despite helpful reporting options and search features.
- Users find the **data overload** from numerous reporting options overwhelming, making it hard to locate specific reports.
- Users find the product **expensive** , which impacts their overall satisfaction despite its features and capabilities.
- Users experience **false positives** with alerts, which could be improved by more granularity in severity levels.
- Users are frustrated with the **high resource usage** of ManageEngine ADAudit Plus, impacting system performance significantly.

#### What Are Recent G2 Reviews of ManageEngine ADAudit Plus?

**"[Easy Setup, Powerful Reporting, and Great Value](https://www.g2.com/survey_responses/manageengine-adaudit-plus-review-12999020)"**

**Rating:** 4.5/5.0 stars
*— Ryan A.*

[Read full review](https://www.g2.com/survey_responses/manageengine-adaudit-plus-review-12999020)

---

**"[Great Tool for Active Directory Auditing and Investigations](https://www.g2.com/survey_responses/manageengine-adaudit-plus-review-13001820)"**

**Rating:** 5.0/5.0 stars
*— Jose R.*

[Read full review](https://www.g2.com/survey_responses/manageengine-adaudit-plus-review-13001820)

---


#### What Are G2 Users Discussing About ManageEngine ADAudit Plus?

- [What does AD audit do?](https://www.g2.com/discussions/what-does-ad-audit-do)
- [Is Ad audit plus a SIEM?](https://www.g2.com/discussions/is-ad-audit-plus-a-siem)
- [What is ManageEngine Audit Plus?](https://www.g2.com/discussions/what-is-manageengine-audit-plus)
- [What does ADAudit plus do?](https://www.g2.com/discussions/what-does-adaudit-plus-do)

### 3. [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews)
Sumo Logic, Inc. unifies and analyzes enterprise data, translating it into actionable insights through one AI-powered cloud-native log analytics platform. This single source of truth enables Dev, Sec and Ops teams to simplify complexity, collaborate efficiently and accelerate data-driven decisions that drive business value. Customers around the world rely on the Sumo Logic SaaS Log Analytics Platform for trusted insights to ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. For more information, visit: SUMOLOGIC.COM


**Average Rating:** 4.3/5.0
**Total Reviews:** 391
**How Do G2 Users Rate Sumo Logic?**

- **Activity Monitoring:** 9.1/10 (Category avg: 9.1/10)
- **Data Examination:** 9.0/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.2/10 (Category avg: 8.7/10)
- **Log Management:** 9.4/10 (Category avg: 9.1/10)

**Who Is the Company Behind Sumo Logic?**

- **Seller:** [Sumo Logic](https://www.g2.com/sellers/sumo-logic)
- **Company Website:** https://www.sumologic.com
- **Year Founded:** 2010
- **HQ Location:** Redwood City, CA
- **Twitter:** @SumoLogic (6,542 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1037816/ (838 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 48% Mid-Market, 37% Enterprise


#### What Are Sumo Logic's Pros and Cons?

**Pros:**

- Ease of Use (54 reviews)
- Log Management (44 reviews)
- Features (32 reviews)
- Insights (30 reviews)
- Real-time Monitoring (29 reviews)

**Cons:**

- Expensive (18 reviews)
- Difficult Learning (16 reviews)
- Learning Curve (16 reviews)
- Learning Difficulty (16 reviews)
- Slow Performance (16 reviews)


### What Do G2 Reviewers Say About Sumo Logic?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of Sumo Logic, finding it simple to learn and configure effectively.
- Users appreciate the **ease of searching and configuring logs** , enhancing their monitoring and tracing capabilities effortlessly.
- Users value the **Continuous Intelligence feature** of Sumo Logic for its quick and actionable insights from diverse data.
- Users commend **Sumo Logic&#39;s visual power and flexibility** , enhancing KPI display and minimizing log-related workload.
- Users value the **real-time insights** offered by Sumo Logic, enhancing monitoring and analytics for better decision-making.

**Cons:**

- Users find Sumo Logic to be **expensive** , often questioning if its value justifies the high pricing.
- Users find the **difficult learning** curve of Sumo Logic hampers quick proficiency in using its features effectively.
- Users find Sumo Logic&#39;s **steep learning curve** challenging, especially when mastering complex queries and setup processes.
- Users find the **steep learning curve** of Sumo Logic challenging, requiring significant time to gain proficiency.
- Users experience **slow performance** due to a clunky UI and delayed alerting, impacting efficiency and response times.

#### What Are Recent G2 Reviews of Sumo Logic?

**"[Centralized Logging with Intuitive Dashboards](https://www.g2.com/survey_responses/sumo-logic-review-12948839)"**

**Rating:** 4.5/5.0 stars
*— Sudarshan B.*

[Read full review](https://www.g2.com/survey_responses/sumo-logic-review-12948839)

---

**"[AI Activity Monitoring That Makes Auditing and Debugging Easy](https://www.g2.com/survey_responses/sumo-logic-review-12888562)"**

**Rating:** 4.5/5.0 stars
*— Vishal S.*

[Read full review](https://www.g2.com/survey_responses/sumo-logic-review-12888562)

---


#### What Are G2 Users Discussing About Sumo Logic?

- [What is Cloud SOAR used for?](https://www.g2.com/discussions/what-is-cloud-soar-used-for) - 1 comment, 1 upvote
- [Is Sumo Logic a SIEM?](https://www.g2.com/discussions/is-sumo-logic-a-siem)
- [What is Sumo Logic used for?](https://www.g2.com/discussions/what-is-sumo-logic-used-for)
- [Who are Sumo Logic competitors?](https://www.g2.com/discussions/who-are-sumo-logic-competitors) - 1 comment
- [How much does Sumo Logic cost?](https://www.g2.com/discussions/how-much-does-sumo-logic-cost)

### 4. [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews)
Microsoft Sentinel lets you see and stop threats before they cause harm, with SIEM reinvented for a modern world. Microsoft Sentinel is your birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make your threat detection and response smarter and faster with artificial intelligence (AI). Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can: - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft -Respond to incidents rapidly with built-in orchestration and automation of common tasks


**Average Rating:** 4.4/5.0
**Total Reviews:** 273
**How Do G2 Users Rate Microsoft Sentinel?**

- **Activity Monitoring:** 8.9/10 (Category avg: 9.1/10)
- **Data Examination:** 8.5/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.5/10 (Category avg: 8.7/10)
- **Log Management:** 8.8/10 (Category avg: 9.1/10)

**Who Is the Company Behind Microsoft Sentinel?**

- **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft)
- **Year Founded:** 1975
- **HQ Location:** Redmond, Washington
- **Twitter:** @microsoft (13,091,739 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (231,632 employees on LinkedIn®)
- **Ownership:** MSFT

**Who Uses This Product?**
- **Who Uses This:** Security Analyst, Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 42% Enterprise, 31% Mid-Market


#### What Are Microsoft Sentinel's Pros and Cons?

**Pros:**

- Real-time Monitoring (27 reviews)
- Alerting (23 reviews)
- Dashboard Usability (21 reviews)
- Response Time (16 reviews)
- Data Management (15 reviews)

**Cons:**

- Cloud Dependency (12 reviews)
- Complex Configuration (12 reviews)
- Configuration Issues (11 reviews)
- Difficult Setup (10 reviews)
- Poor Interface Design (9 reviews)


### What Do G2 Reviewers Say About Microsoft Sentinel?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **real-time monitoring** of Microsoft Sentinel, enhancing their ability to quickly respond to security threats.
- Users value the **automated alert response** of Microsoft Sentinel, providing peace of mind with centralized security monitoring.
- Users value the **seamless dashboard usability** of Microsoft Sentinel, facilitating intuitive security management and comprehensive monitoring.
- Users value the **fast and secure threat response** of Microsoft Sentinel, enhancing overall security and risk management.
- Users benefit from the **seamless data management** of Microsoft Sentinel, enhancing workflow and ensuring comprehensive security analytics.

**Cons:**

- Users express concerns about **cloud dependency** , particularly regarding connectivity issues with low-speed internet and commercial reliance.
- Users find the **complex configuration** of Microsoft Sentinel challenging, requiring advanced technical skills for effective setup and use.
- Users face **configuration issues** with Microsoft Sentinel, requiring technical expertise and time for effective setup.
- Users find the **difficult setup** of Microsoft Sentinel challenging without dedicated security experts and proper training.
- Users struggle with the **poor interface design** of Microsoft Sentinel, making navigation and understanding features difficult.

#### What Are Recent G2 Reviews of Microsoft Sentinel?

**"[Easy Log Ingestion Across Formats with Seamless Sentinel Integrations](https://www.g2.com/survey_responses/microsoft-sentinel-review-13073395)"**

**Rating:** 4.5/5.0 stars
*— Sandip K.*

[Read full review](https://www.g2.com/survey_responses/microsoft-sentinel-review-13073395)

---

**"[Strong Centralized Visibility and Scalable Detection for Faster SOC Response](https://www.g2.com/survey_responses/microsoft-sentinel-review-12823175)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/microsoft-sentinel-review-12823175)

---


#### What Are G2 Users Discussing About Microsoft Sentinel?

- [What is Microsoft Sentinel used for?](https://www.g2.com/discussions/what-is-microsoft-sentinel-used-for) - 3 comments, 2 upvotes
- [Why should I use Azure Sentinel?](https://www.g2.com/discussions/why-should-i-use-azure-sentinel) - 1 comment
- [Which feature provides the extended detection and response capabilities of Azure Sentinel?](https://www.g2.com/discussions/which-feature-provides-the-extended-detection-and-response-capabilities-of-azure-sentinel)
- [What is the difference between Azure security Center and Azure Sentinel?](https://www.g2.com/discussions/what-is-the-difference-between-azure-security-center-and-azure-sentinel)
- [What does Azure Sentinel provide?](https://www.g2.com/discussions/what-does-azure-sentinel-provide)

### 5. [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews)
Todyl is an AI-powered Cybersecurity and Assurance Platform for threat, risk, and compliance management delivered through a single agent and a single portal. Our platform defends against modern, advanced threats spanning identity, endpoint, network, cloud, SaaS, and more. We also simplify meeting and demonstrating extensive compliance and insurance requirements with centralized data collection and reporting, easy-to-use assessment tools, a built-in risk register, and dashboards to cut back on manual reporting and spreadsheet sprawl. Our platform delivers a layered approach to cybersecurity, spanning SASE, Micro-Segmentation (LZT), Endpoint Security, SIEM, MXDR, and GRC all delivered through the same agent, in a cloud native platform. It’s easy to implement as a cost effective, fully integrated single solution that can consolidate and simplify your security and compliance programs. You can also deploy individual modules to meet your current needs, with a simple toggle within the UI to add or trial new modules when you need them. And an integrated Assurance Marketplace helps you complete your security program with additional services like incident response and penetration testing, and streamlined access to cyber insurance providers.


**Average Rating:** 4.7/5.0
**Total Reviews:** 106
**How Do G2 Users Rate Todyl Security Platform?**

- **Activity Monitoring:** 9.4/10 (Category avg: 9.1/10)
- **Data Examination:** 8.9/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.7/10 (Category avg: 8.7/10)
- **Log Management:** 9.4/10 (Category avg: 9.1/10)

**Who Is the Company Behind Todyl Security Platform?**

- **Seller:** [Todyl](https://www.g2.com/sellers/todyl)
- **Company Website:** https://www.todyl.com/
- **Year Founded:** 2015
- **HQ Location:** Denver, CO
- **LinkedIn® Page:** https://www.linkedin.com/company/todylprotection (122 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Owner, President
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 75% Small-Business, 8% Mid-Market


#### What Are Todyl Security Platform's Pros and Cons?

**Pros:**

- Ease of Use (64 reviews)
- Customer Support (51 reviews)
- Features (41 reviews)
- Security (39 reviews)
- Deployment Ease (35 reviews)

**Cons:**

- Improvements Needed (21 reviews)
- Integration Issues (14 reviews)
- Inadequate Reporting (12 reviews)
- Limited Features (12 reviews)
- Poor Reporting (12 reviews)


### What Do G2 Reviewers Say About Todyl Security Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Todyl Security Platform, finding it intuitive and effortlessly manageable.
- Users commend the **responsive and accessible customer support** of Todyl, ensuring quick solutions and seamless integration.
- Users value the **comprehensive and user-friendly features** of Todyl Security Platform, enhancing security with ease and integration.
- Users value the **comprehensive security features** of Todyl, enhancing protection for devices away from the office.
- Users highlight the **deployment ease** of Todyl Security Platform, appreciating its intuitive setup and seamless integration.

**Cons:**

- Users feel that **improvements are needed** in customization, integration, and easing the learning curve for Todyl&#39;s platform.
- Users note **integration issues** with Todyl, citing limited API and a need for improved third-party interoperability.
- Users find the **reporting inadequate** and seek improvements for better strategic review capabilities.
- Users note **limited features** in Todyl, particularly wishing for enhanced customization and reporting capabilities.
- Users find **reporting difficult** to navigate, hindering their ability to extract valuable insights effectively.

#### What Are Recent G2 Reviews of Todyl Security Platform?

**"[Todyl Simplified Our Stack with Enterprise-Level Security at a Great Price](https://www.g2.com/survey_responses/todyl-security-platform-review-12841444)"**

**Rating:** 5.0/5.0 stars
*— Nahjee M.*

[Read full review](https://www.g2.com/survey_responses/todyl-security-platform-review-12841444)

---

**"[Valuable Visibility with Room for Improvement](https://www.g2.com/survey_responses/todyl-security-platform-review-9155307)"**

**Rating:** 4.0/5.0 stars
*— Ethan D.*

[Read full review](https://www.g2.com/survey_responses/todyl-security-platform-review-9155307)

---



### 6. [Check Point Infinity Platform](https://www.g2.com/products/check-point-infinity-platform/reviews)
Check Point Infinity is the only fully consolidated cyber security architecture that provides unprecedented protection against Gen V mega-cyber attacks as well as future cyber threats across all networks, endpoint, cloud and mobile. The architecture is designed to resolve the complexities of growing connectivity and inefficient security.


**Average Rating:** 4.6/5.0
**Total Reviews:** 109
**How Do G2 Users Rate Check Point Infinity Platform?**

- **Ease of Use:** 9.1/10 (Category avg: 8.7/10)

**Who Is the Company Behind Check Point Infinity Platform?**

- **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies)
- **Year Founded:** 1993
- **HQ Location:** Redwood City, CA
- **Twitter:** @CheckPointSW (70,955 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,554 employees on LinkedIn®)
- **Ownership:** NASDAQ:CHKP

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 44% Enterprise, 37% Mid-Market


#### What Are Check Point Infinity Platform's Pros and Cons?

**Pros:**

- Cloud Security (20 reviews)
- Cloud Integration (16 reviews)
- Detection (16 reviews)
- Comprehensive Security (14 reviews)
- Cloud Services (13 reviews)

**Cons:**

- Learning Curve (10 reviews)
- Complexity (6 reviews)
- Improvement Needed (6 reviews)
- Poor Support Services (6 reviews)
- Limited Customization (5 reviews)


### What Do G2 Reviewers Say About Check Point Infinity Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **advanced security features** of Check Point Infinity Platform, ensuring robust protection against future attacks.
- Users appreciate the **cloud security features** of Check Point Infinity Platform, ensuring efficient security audits and infrastructure assessment.
- Users value the **proactive threat detection** features of Check Point Infinity Platform, enhancing security for cloud applications.
- Users value the **comprehensive security** features of Check Point Infinity Platform, ensuring robust protection against cloud threats.
- Users appreciate the **advanced cloud security features** of Check Point Infinity Platform, ensuring robust protection against future attacks.

**Cons:**

- Users find the **steep learning curve** challenging due to complex setup and lack of comprehensive documentation.
- Users find the **complexity** of the Check Point Infinity Platform&#39;s settings and documentation can hinder usability and efficiency.
- Users find that **improvement is needed** in support and visibility of native servers in Check Point logs.
- Users find **poor support services** detrimental, highlighting the need for improved customer assistance and log visibility.
- Users face **limited customization** options for rulesets and metrics, making detailed assessments challenging.

#### What Are Recent G2 Reviews of Check Point Infinity Platform?

**"[Excellent option  Harmony Platform for security central](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11868343)"**

**Rating:** 4.5/5.0 stars
*— Tania V.*

[Read full review](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11868343)

---

**"[Seamless Hybrid Security Integration Across All Environments](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11954684)"**

**Rating:** 4.5/5.0 stars
*— Sonu S.*

[Read full review](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11954684)

---


#### What Are G2 Users Discussing About Check Point Infinity Platform?

- [How does Check Point Infinity help customers?](https://www.g2.com/discussions/how-does-check-point-infinity-help-customers)
- [What are the benefits of Check Point unified security architecture?](https://www.g2.com/discussions/what-are-the-benefits-of-check-point-unified-security-architecture)
- [What are the 4 components of the Infinity architecture?](https://www.g2.com/discussions/what-are-the-4-components-of-the-infinity-architecture)
- [What is Infinity Total protection?](https://www.g2.com/discussions/what-is-infinity-total-protection)

### 7. [Splunk Enterprise](https://www.g2.com/products/splunk-enterprise/reviews)
Find out what is happening in your business and take meaningful action quickly with Splunk Enterprise. Automate the collection, indexing and alerting of machine data that&#39;s critical to your operations. Uncover the actionable insights from all your data — no matter the source or format. Leverage artificial intelligence and machine learning for predictive and proactive business decisions.


**Average Rating:** 4.3/5.0
**Total Reviews:** 415
**How Do G2 Users Rate Splunk Enterprise?**

- **Activity Monitoring:** 9.1/10 (Category avg: 9.1/10)
- **Data Examination:** 8.4/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.1/10 (Category avg: 8.7/10)
- **Log Management:** 9.3/10 (Category avg: 9.1/10)

**Who Is the Company Behind Splunk Enterprise?**

- **Seller:** [Cisco](https://www.g2.com/sellers/cisco)
- **Year Founded:** 1984
- **HQ Location:** San Jose, CA
- **Twitter:** @Cisco (720,366 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,545 employees on LinkedIn®)
- **Ownership:** NASDAQ:CSCO

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 64% Enterprise, 27% Mid-Market


#### What Are Splunk Enterprise's Pros and Cons?

**Pros:**

- Innovation (13 reviews)
- Customization (12 reviews)
- Ease of Use (10 reviews)
- Log Management (8 reviews)
- Reporting Features (8 reviews)

**Cons:**

- Expensive (8 reviews)
- Learning Curve (8 reviews)
- Expensive Licensing (5 reviews)
- Integration Issues (5 reviews)
- Missing Features (5 reviews)


### What Do G2 Reviewers Say About Splunk Enterprise?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **innovation** of Splunk Enterprise, appreciating its user-friendly features and powerful analytics capabilities.
- Users value the **customization features** of Splunk Enterprise, enabling tailored insights and dynamic dashboards for effective monitoring.
- Users commend the **ease of use** of Splunk Enterprise, enhancing effective monitoring and quick issue resolution.
- Users value the **efficient log management** capabilities of Splunk Enterprise for accurate analysis and insights.
- Users value the **powerful reporting features** of Splunk Enterprise, enhancing data analysis and visualization capabilities significantly.

**Cons:**

- Users find Splunk Enterprise to be **expensive** , especially as data volumes grow, impacting smaller teams&#39; operations.
- Users face a **steep learning curve** with Splunk Enterprise, which can hinder quick mastery of its features.
- Users highlight the **expensive licensing** of Splunk Enterprise, making it difficult for some companies to adopt.
- Users face **integration issues** with Splunk Enterprise, requiring better add-ons and simpler architecture for easier deployment.
- Users feel that Splunk Enterprise has **missing features** , lacking important add-ons and more flexible data onboarding options.

#### What Are Recent G2 Reviews of Splunk Enterprise?

**"[SPL search and dashboards are really useful](https://www.g2.com/survey_responses/splunk-enterprise-review-12547655)"**

**Rating:** 4.0/5.0 stars
*— Nishith J.*

[Read full review](https://www.g2.com/survey_responses/splunk-enterprise-review-12547655)

---

**"[Excellent Enterprise Observability and Log Management Solution for Hybrid Cloud Infrastructure](https://www.g2.com/survey_responses/splunk-enterprise-review-12045230)"**

**Rating:** 4.5/5.0 stars
*— RaviShankar S.*

[Read full review](https://www.g2.com/survey_responses/splunk-enterprise-review-12045230)

---


#### What Are G2 Users Discussing About Splunk Enterprise?

- [What is Splunk Enterprise used for?](https://www.g2.com/discussions/what-is-splunk-enterprise-used-for) - 1 comment
- [What is the difference between Splunk Enterprise and Splunk Enterprise Security?](https://www.g2.com/discussions/splunk-enterprise-what-is-the-difference-between-splunk-enterprise-and-splunk-enterprise-security) - 1 comment
- [What are Splunk Enterprise components?](https://www.g2.com/discussions/what-are-splunk-enterprise-components) - 1 comment
- [Which apps ship with Splunk Enterprise?](https://www.g2.com/discussions/which-apps-ship-with-splunk-enterprise) - 1 comment
- [What does Splunk Enterprise do?](https://www.g2.com/discussions/what-does-splunk-enterprise-do) - 1 comment

### 8. [Panther](https://www.g2.com/products/panther/reviews)
Panther is the AI SOC Platform that scales security expertise by embedding AI agents across your security operations with native access to your data lake, detection logic, and organizational knowledge. Unlike bolt-on tools, Panther&#39;s closed-loop architecture turns every alert into compounding intelligence that makes the system smarter over time. Request a demo today at: https://panther.com/product/request-a-demo/


**Average Rating:** 4.7/5.0
**Total Reviews:** 49
**How Do G2 Users Rate Panther?**

- **Activity Monitoring:** 9.3/10 (Category avg: 9.1/10)
- **Data Examination:** 9.4/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.9/10 (Category avg: 8.7/10)
- **Log Management:** 9.7/10 (Category avg: 9.1/10)

**Who Is the Company Behind Panther?**

- **Seller:** [Panther Labs](https://www.g2.com/sellers/panther-labs)
- **Company Website:** https://panther.com/
- **Year Founded:** 2018
- **HQ Location:** San Francisco, CA
- **Twitter:** @runpanther (4,437 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/runpanther/ (300 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Senior Security Engineer
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 53% Mid-Market, 29% Enterprise


#### What Are Panther's Pros and Cons?

**Pros:**

- Customer Support (13 reviews)
- Detection Efficiency (12 reviews)
- Ease of Use (12 reviews)
- Easy Integrations (11 reviews)
- Features (11 reviews)

**Cons:**

- Missing Features (5 reviews)
- Complexity (4 reviews)
- Alert Management (3 reviews)
- Complex Configuration (3 reviews)
- Dashboard Issues (3 reviews)


### What Do G2 Reviewers Say About Panther?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend Panther&#39;s **outstanding customer support** , highlighting its responsiveness and commitment to resolving issues efficiently.
- Users commend Panther for its **exceptional detection efficiency** , enabling effective and purposeful responses in security operations.
- Users find Panther&#39;s **intuitive interface** and comprehensive documentation make it easy to navigate and use effectively.
- Users praise the **easy integrations** with various log sources, simplifying security management and boosting team efficiency.
- Users praise Panther for its **purposeful features and continuous improvements** , enhancing usability and aligning with market needs.

**Cons:**

- Users find Panther has **missing features** like version control and underdeveloped response workflows, complicating overall use.
- Users find Panther&#39;s **complexity challenging** , particularly for non-technical teams and in managing version controls.
- Users find the **Alert Management limited** due to lack of customization and configuration challenges affecting efficiency.
- Users find the **complex configuration** of Panther burdensome, complicating integration with deployment pipelines and automation systems.
- Users find the **dashboard issues** in Panther limit comprehensive security leadership insights and advanced customization options.

#### What Are Recent G2 Reviews of Panther?

**"[Panther’s SIEM + AI Makes Triage and Threat Hunting Fast and Seamless](https://www.g2.com/survey_responses/panther-review-12919421)"**

**Rating:** 5.0/5.0 stars
*— Richard E.*

[Read full review](https://www.g2.com/survey_responses/panther-review-12919421)

---

**"[Panther Makes Security Operations Simpler and Faster](https://www.g2.com/survey_responses/panther-review-12890548)"**

**Rating:** 5.0/5.0 stars
*— Busra K.*

[Read full review](https://www.g2.com/survey_responses/panther-review-12890548)

---


#### What Are G2 Users Discussing About Panther?

- [What is Panther used for?](https://www.g2.com/discussions/what-is-panther-used-for) - 1 comment

### 9. [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews)
Outsmart threats with an end-to-end award-winning security suite; proven to prevent, endure and recover from both known &amp; unknown IT hazards faced by SoCs in the modern-day.


**Average Rating:** 4.4/5.0
**Total Reviews:** 282
**How Do G2 Users Rate IBM QRadar SIEM?**

- **Activity Monitoring:** 8.7/10 (Category avg: 9.1/10)
- **Data Examination:** 8.3/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.4/10 (Category avg: 8.7/10)
- **Log Management:** 8.8/10 (Category avg: 9.1/10)

**Who Is the Company Behind IBM QRadar SIEM?**

- **Seller:** [IBM](https://www.g2.com/sellers/ibm)
- **Year Founded:** 1911
- **HQ Location:** Armonk, New York, United States
- **Twitter:** @IBMSecurity (74,660 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (328,202 employees on LinkedIn®)
- **Ownership:** SWX:IBM

**Who Uses This Product?**
- **Who Uses This:** SOC Analyst, Security Engineer
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 52% Enterprise, 29% Mid-Market


#### What Are IBM QRadar SIEM's Pros and Cons?

**Pros:**

- Ease of Use (23 reviews)
- Integrations (19 reviews)
- Features (18 reviews)
- Easy Integrations (15 reviews)
- User Interface (15 reviews)

**Cons:**

- UX Improvement (11 reviews)
- Expensive (9 reviews)
- Cost (7 reviews)
- Dashboard Issues (7 reviews)
- Time-Consuming (7 reviews)


### What Do G2 Reviewers Say About IBM QRadar SIEM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find IBM QRadar SIEM highly **user-friendly** , appreciating its ease of implementation and integration with other platforms.
- Users appreciate the **seamless integration capabilities** of IBM QRadar SIEM, enhancing overall log management and analytics functionality.
- Users value the **advanced threat detection and centralized log management** features of IBM QRadar SIEM for enhanced security.
- Users value the **easy integrations** of IBM QRadar SIEM, simplifying collaboration with various platforms and tools.
- Users find the **user-friendly interface** of IBM QRadar SIEM makes it easy for non-tech users to navigate.

**Cons:**

- Users find the **UI improvements lacking** , with search limitations and poor report building hindering their experience.
- Users find IBM QRadar SIEM to be **expensive** , especially for small or mid-size companies due to high costs.
- Users note the **high costs** associated with IBM QRadar SIEM, which may burden smaller organizations significantly.
- Users are frustrated by **dashboard issues** , including limited editing rights and difficulties in offense management and reporting.
- Users find the **time-consuming search queries** to be frustrating and inefficient for log retrieval in QRadar SIEM.

#### What Are Recent G2 Reviews of IBM QRadar SIEM?

**"[QRADAR Integrates Easily and Makes Logs &amp; Alerts Report-Ready](https://www.g2.com/survey_responses/ibm-qradar-siem-review-13061810)"**

**Rating:** 4.5/5.0 stars
*— Zahid A.*

[Read full review](https://www.g2.com/survey_responses/ibm-qradar-siem-review-13061810)

---

**"[Strong Correlation, Mature Security Monitoring, and Compliance Reporting](https://www.g2.com/survey_responses/ibm-qradar-siem-review-12986703)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/ibm-qradar-siem-review-12986703)

---



### 10. [Cynet](https://www.g2.com/products/cynet/reviews)
Cynet is the unified, AI-powered cybersecurity platform that delivers robust and comprehensive protection for security teams while maximizing operational efficiency for managed service providers (MSPs). This platform consolidates a wide array of security capabilities into a single, user-friendly interface, ensuring that organizations can effectively safeguard their digital assets without the complexity often associated with multi-solution environments. Cynet’s platform simplifies security management by integrating various functionalities, such as endpoint protection, threat detection, and incident response, into one cohesive system. This integration not only streamlines operations but also allows organizations to allocate their resources more effectively, ultimately enhancing their overall security posture. One of the standout features of Cynet’s platform is its remarkable performance in the MITRE ATT&amp;CK Evaluations. Cynet delivered 100% visibility and 100% analytic coverage without requiring any configuration changes three years in a row. This capability ensures that organizations can monitor their environments comprehensively and respond to threats with precision. The platform’s built-in analytics and reporting tools provide actionable insights, enabling users to make informed decisions about their cybersecurity strategies. Additionally, Cynet offers 24/7 expert support, which is crucial for organizations that may not have in-house cybersecurity expertise. This round-the-clock assistance ensures that users can quickly address any security incidents or concerns, minimizing potential downtime and damage. The combination of advanced technology and dedicated support positions Cynet as a valuable partner for SMEs and service providers looking to enhance their cybersecurity measures. In summary, Cynet’s unified, AI-powered cybersecurity platform stands out in the crowded cybersecurity market by offering a unified solution tailored to the needs of MSPs. Its comprehensive features, exceptional performance in industry evaluations, and continuous expert support make it a compelling choice for organizations seeking to bolster their cybersecurity defenses while maintaining operational efficiency.


**Average Rating:** 4.7/5.0
**Total Reviews:** 215
**How Do G2 Users Rate Cynet?**

- **Activity Monitoring:** 9.4/10 (Category avg: 9.1/10)
- **Data Examination:** 8.8/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.1/10 (Category avg: 8.7/10)
- **Log Management:** 8.9/10 (Category avg: 9.1/10)

**Who Is the Company Behind Cynet?**

- **Seller:** [Cynet](https://www.g2.com/sellers/cynet)
- **Company Website:** https://www.cynet.com/
- **Year Founded:** 2014
- **HQ Location:** Boston, MA
- **LinkedIn® Page:** https://www.linkedin.com/company/cynet-security/ (332 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** SOC Analyst, Technical Engineer
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 58% Mid-Market, 30% Small-Business


#### What Are Cynet's Pros and Cons?

**Pros:**

- Ease of Use (48 reviews)
- Features (36 reviews)
- Threat Detection (34 reviews)
- Customer Support (32 reviews)
- Security (31 reviews)

**Cons:**

- Limited Customization (11 reviews)
- Feature Limitations (10 reviews)
- Lack of Customization (10 reviews)
- Limited Features (10 reviews)
- Missing Features (10 reviews)


### What Do G2 Reviewers Say About Cynet?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of Cynet, enjoying its simplicity and comprehensive features in one dashboard.
- Users value the **unified platform** of Cynet for its ease of use and comprehensive security features.
- Users value Cynet for its **effective threat detection** and seamless integration, ensuring robust cybersecurity for their business.
- Users appreciate the **exceptional customer support** of Cynet, facilitating smooth deployment and effective threat management.
- Users commend Cynet for its **flawless threat monitoring and response** , enhancing overall security with effective detection capabilities.

**Cons:**

- Users express concern over **limited customization** options in reports and third-party integrations, impacting their experience.
- Users note the **feature limitations** of Cynet, especially in report customization and external tool integrations.
- Users express concern over the **lack of customization** , particularly in reporting and dashboard options for better usability.
- Users find Cynet has **limited features** like integrations and customization, which may restrict advanced functionality.
- Users note the **missing features** in Cynet, particularly the lack of web filtering and a firewall option.

#### What Are Recent G2 Reviews of Cynet?

**"[Cynet delivers a standout XDR at a reasonable price.](https://www.g2.com/survey_responses/cynet-review-13072458)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Computer &amp; Network Security*

[Read full review](https://www.g2.com/survey_responses/cynet-review-13072458)

---

**"[Great MDR/XDR Platform](https://www.g2.com/survey_responses/cynet-review-9481539)"**

**Rating:** 4.5/5.0 stars
*— JEROME J.*

[Read full review](https://www.g2.com/survey_responses/cynet-review-9481539)

---


#### What Are G2 Users Discussing About Cynet?

- [What is Cynet 360 AutoXDR™ used for?](https://www.g2.com/discussions/what-is-cynet-360-autoxdr-used-for)
- [What is cynet XDR?](https://www.g2.com/discussions/what-is-cynet-xdr) - 1 comment
- [What is cynet used for?](https://www.g2.com/discussions/what-is-cynet-used-for) - 1 comment
- [Is cynet 360 good?](https://www.g2.com/discussions/is-cynet-360-good) - 3 comments
- [How much does cynet cost?](https://www.g2.com/discussions/how-much-does-cynet-cost) - 1 comment

### 11. [Elastic Security](https://www.g2.com/products/elastic-elastic-security/reviews)
Modernize your SOC with AI Security is a data problem. Your team needs to detect, investigate, and respond to threats quickly. Elastic Security unifies next-gen SIEM and XDR with native automation, with AI built into every step. Built on Elasticsearch, the open-source search platform trusted by millions, Elastic provides complete visibility across your environment. Our data mesh architecture streamlines analysis to raise team productivity and reduce attacker dwell time. Bolster your defenses - Detect threats faster by analyzing data from across your attack surface - Stop attacks with the industry&#39;s best-rated XDR protection - Close the loop faster with Elastic Workflows, blending scripted automation with agentic AI reasoning - Get more accurate AI assistance, grounded in your data using Elasticsearch&#39;s leading relevance capabilities With Elastic Security, your SOC team can use generative AI to distill alerts, automate repetitive tasks, and get tailored guidance, all with your choice of LLM and full transparency into reasoning and sources. SOC leaders choose Elastic Security when they need a unified, open platform ready to run on any cloud, on-prem, or air-gapped.


**Average Rating:** 4.5/5.0
**Total Reviews:** 23
**How Do G2 Users Rate Elastic Security?**

- **Activity Monitoring:** 9.7/10 (Category avg: 9.1/10)
- **Data Examination:** 8.3/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.8/10 (Category avg: 8.7/10)
- **Log Management:** 9.8/10 (Category avg: 9.1/10)

**Who Is the Company Behind Elastic Security?**

- **Seller:** [Elastic](https://www.g2.com/sellers/elastic)
- **Company Website:** https://www.elastic.co
- **Year Founded:** 2012
- **HQ Location:** San Francisco, CA
- **Twitter:** @elastic (65,200 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/814025/ (5,079 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services
- **Company Size:** 61% Mid-Market, 52% Small-Business


#### What Are Elastic Security's Pros and Cons?

**Pros:**

- Integrations (7 reviews)
- Ease of Use (5 reviews)
- Features (5 reviews)
- Easy Integrations (4 reviews)
- Efficiency Improvement (3 reviews)

**Cons:**

- Limitations (4 reviews)
- Complex Implementation (3 reviews)
- Complexity (3 reviews)
- Complex Setup (3 reviews)
- Integration Issues (3 reviews)


### What Do G2 Reviewers Say About Elastic Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **seamless integrations** of Elastic Security, enhancing data visualization and incident management efficiency.
- Users value the **ease of use** of Elastic Security, appreciating its straightforward setup and seamless integrations.
- Users admire the **flexibility and pre-built security use-cases** of Elastic Security for seamless integration and adaptability.
- Users appreciate the **easy integrations** of Elastic Security, facilitating seamless workflows and efficient investigations across tools.
- Users value the **efficiency improvement** in investigations, enabling quick, actionable insights with Elastic Security&#39;s robust features.

**Cons:**

- Users face challenges with **steep learning curves and operational overhead** , impacting efficiency and resource management in Elastic Security.
- Users find the **complex implementation** of Elastic Security challenging, especially due to the steep learning curve and maintenance overhead.
- Users find the **complexity** of maintaining Elastic Security&#39;s infrastructure and learning new query languages challenging and burdensome.
- Users point out the **complex setup** of Elastic Security, citing a steep learning curve and significant administrative overhead.
- Users frequently experience **integration issues** with Elastic Security, complicating log correlation and overall functionality.

#### What Are Recent G2 Reviews of Elastic Security?

**"[Powerful, Customisable Security Platform for Complex Environments](https://www.g2.com/survey_responses/elastic-security-review-12341245)"**

**Rating:** 4.5/5.0 stars
*— Jennifer S.*

[Read full review](https://www.g2.com/survey_responses/elastic-security-review-12341245)

---

**"[Seamless SIEM Solution with AI and Outstanding Support](https://www.g2.com/survey_responses/elastic-security-review-12438374)"**

**Rating:** 5.0/5.0 stars
*— Jordan J.*

[Read full review](https://www.g2.com/survey_responses/elastic-security-review-12438374)

---



### 12. [Datadog](https://www.g2.com/products/datadog/reviews)
Datadog is the monitoring, security and analytics platform for developers, IT operations teams, security engineers and business users in the cloud age. The SaaS platform integrates and automates infrastructure monitoring, application performance monitoring and log management to provide unified, real-time observability of our customers&#39; entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics.


**Average Rating:** 4.4/5.0
**Total Reviews:** 713
**How Do G2 Users Rate Datadog?**

- **Activity Monitoring:** 8.9/10 (Category avg: 9.1/10)
- **Data Examination:** 8.6/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.2/10 (Category avg: 8.7/10)
- **Log Management:** 9.5/10 (Category avg: 9.1/10)

**Who Is the Company Behind Datadog?**

- **Seller:** [Datadog](https://www.g2.com/sellers/datadog)
- **Company Website:** https://www.datadoghq.com/
- **Year Founded:** 2010
- **HQ Location:** New York
- **Twitter:** @datadoghq (51,207 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1066442/ (9,386 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, DevOps Engineer
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 47% Mid-Market, 34% Enterprise


#### What Are Datadog's Pros and Cons?

**Pros:**

- Ease of Use (145 reviews)
- Monitoring (144 reviews)
- Real-time Monitoring (122 reviews)
- Features (93 reviews)
- Analytics (88 reviews)

**Cons:**

- Expensive (92 reviews)
- Learning Curve (73 reviews)
- Pricing Issues (71 reviews)
- Cost (65 reviews)
- Learning Difficulty (56 reviews)


### What Do G2 Reviewers Say About Datadog?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Datadog, enabling intuitive dashboard setup and effortless monitoring across platforms.
- Users appreciate the **ease of monitoring** with Datadog, enjoying intuitive features and excellent enterprise support.
- Users appreciate the **real-time monitoring** capabilities of Datadog, streamlining application oversight and enhancing efficiency.
- Users value the **robust features** of Datadog, particularly appreciating its user-friendly interface and extensive integrations.
- Users appreciate the **intuitive dashboard creation** in Datadog, enhancing their analytics and monitoring capabilities effortlessly.

**Cons:**

- Users find Datadog&#39;s pricing **excessively expensive** , suggesting it should be more affordable for its offerings.
- Users find the **steep learning curve** challenging, especially with rapidly evolving features and the website&#39;s performance issues.
- Users find **pricing issues** with Datadog, citing high costs and unpredictable scaling as major concerns.
- Users express concern over **high and unpredictable costs** , feeling that Datadog&#39;s pricing is excessive for its value.
- Users find the **learning difficulty** of Datadog challenging, especially for new users needing training to navigate effectively.

#### What Are Recent G2 Reviews of Datadog?

**"[Datadog: Unified Logs, Metrics &amp; Traces for Real-Time Visibility and Faster Debugging](https://www.g2.com/survey_responses/datadog-review-13049319)"**

**Rating:** 4.5/5.0 stars
*— Anshul S.*

[Read full review](https://www.g2.com/survey_responses/datadog-review-13049319)

---

**"[Faster incident detection and root-cause analysis, leading to better customer experience.](https://www.g2.com/survey_responses/datadog-review-12850013)"**

**Rating:** 4.5/5.0 stars
*— Bertrand P.*

[Read full review](https://www.g2.com/survey_responses/datadog-review-12850013)

---


#### What Are G2 Users Discussing About Datadog?

- [How good is Datadog?](https://www.g2.com/discussions/how-good-is-datadog)
- [Does Datadog use AWS?](https://www.g2.com/discussions/does-datadog-use-aws) - 2 comments
- [What can Datadog monitor?](https://www.g2.com/discussions/what-can-datadog-monitor)
- [What is the use of Datadog?](https://www.g2.com/discussions/what-is-the-use-of-datadog) - 3 comments

### 13. [Google Security Operations](https://www.g2.com/products/google-security-operations/reviews)
Google Security Operations offers a unified experience across SIEM, SOAR, and threat intelligence to drive better detection, investigation, and response. Collect security telemetry data, apply threat intel to identify high priority threats, drive response with playbook automation, case management, and collaboration. It also provides Gemini-native agentic defense to help autonomously handle workflows like alert triage, threat hunting, and detection engineering. Google Security Operations also supports AI Threat Defense to monitor, detect, and respond to threats from code you do not own or cannot patch.


**Average Rating:** 4.4/5.0
**Total Reviews:** 47
**How Do G2 Users Rate Google Security Operations?**

- **Activity Monitoring:** 10.0/10 (Category avg: 9.1/10)
- **Data Examination:** 10.0/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.1/10 (Category avg: 8.7/10)
- **Log Management:** 9.7/10 (Category avg: 9.1/10)

**Who Is the Company Behind Google Security Operations?**

- **Seller:** [Google](https://www.g2.com/sellers/google)
- **Year Founded:** 1998
- **HQ Location:** Mountain View, CA
- **Twitter:** @google (31,899,995 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1441/ (341,888 employees on LinkedIn®)
- **Ownership:** NASDAQ:GOOG

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 42% Enterprise, 39% Mid-Market


#### What Are Google Security Operations's Pros and Cons?

**Pros:**

- Security (8 reviews)
- Ease of Use (6 reviews)
- Threat Detection (5 reviews)
- Comprehensive Security (3 reviews)
- Easy Integrations (3 reviews)

**Cons:**

- Expensive (6 reviews)
- Learning Curve (4 reviews)
- Complexity (3 reviews)
- Learning Difficulty (2 reviews)
- Limited Customization (2 reviews)


### What Do G2 Reviewers Say About Google Security Operations?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **excellent cybersecurity features** of Google Security Operations, appreciating its ease of use and scalability.
- Users find Google Security Operations to be **very easy to use** , effectively detecting threats with seamless integration.
- Users appreciate the **efficient threat detection** capabilities of Google Security Operations, enhancing security and response times.
- Users value the **comprehensive security** features of Google Security Operations for effective threat detection and response.
- Users value the **easy integrations** of Google Security Operations, enhancing their overall security management experience.

**Cons:**

- Users find Google Security Operations to be **costly and complex** , posing challenges for both setup and ongoing maintenance.
- Users report a **steep learning curve** with Google Security Operations, making effective utilization challenging for some organizations.
- Users find the **implementation complexity** of Google Security Operations challenging, requiring time and resources for effective use.
- Users find the **learning difficulty** of Google Security Operations to be a barrier due to complex features and configuration.
- Users find **limited customization** in Google Security Operations hinders adaptability and affects overall user experience.

#### What Are Recent G2 Reviews of Google Security Operations?

**"[Google SecOps: Intuitive UI and Powerful AI-Driven Detection with Gemini](https://www.g2.com/survey_responses/google-security-operations-review-11259633)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Insurance*

[Read full review](https://www.g2.com/survey_responses/google-security-operations-review-11259633)

---

**"[Fast, Scalable Platform That Speeds Up Security Investigations](https://www.g2.com/survey_responses/google-security-operations-review-12789503)"**

**Rating:** 4.5/5.0 stars
*— Ankith T.*

[Read full review](https://www.g2.com/survey_responses/google-security-operations-review-12789503)

---



### 14. [Splunk Enterprise Security](https://www.g2.com/products/splunk-enterprise-security/reviews)
Splunk Enterprise Security (ES) is a data-centric, modern security information and event management (SIEM) solution that delivers data-driven insights for full breadth visibility into your security posture so you can protect your business and mitigate risk at scale. With unparalleled search and reporting, advanced analytics, integrated intelligence, and prepackaged security content, Splunk ES accelerates threat detection and investigation, letting you determine the scope of high-priority threats to your environment so you can quickly take action. Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Our extensive ecosystem of Splunk, partner, and community-built integrations as well as flexible deployment options ensure your technology investments are working in tandem with Splunk ES whilst meeting you wherever you are on your cloud, multi-cloud, or hybrid journey.


**Average Rating:** 4.3/5.0
**Total Reviews:** 223
**How Do G2 Users Rate Splunk Enterprise Security?**

- **Activity Monitoring:** 8.8/10 (Category avg: 9.1/10)
- **Data Examination:** 8.5/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.1/10 (Category avg: 8.7/10)
- **Log Management:** 9.3/10 (Category avg: 9.1/10)

**Who Is the Company Behind Splunk Enterprise Security?**

- **Seller:** [Cisco](https://www.g2.com/sellers/cisco)
- **Year Founded:** 1984
- **HQ Location:** San Jose, CA
- **Twitter:** @Cisco (720,366 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,545 employees on LinkedIn®)
- **Ownership:** NASDAQ:CSCO

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 59% Enterprise, 30% Mid-Market


#### What Are Splunk Enterprise Security's Pros and Cons?

**Pros:**

- Ease of Use (15 reviews)
- Easy Integrations (13 reviews)
- Threat Detection (13 reviews)
- Features (12 reviews)
- User Interface (11 reviews)

**Cons:**

- Expensive (17 reviews)
- Complex Setup (8 reviews)
- Complex Implementation (6 reviews)
- Complexity (6 reviews)
- Difficult Learning (6 reviews)


### What Do G2 Reviewers Say About Splunk Enterprise Security?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of Splunk Enterprise Security, enhancing their monitoring and log management experience.
- Users appreciate the **easy integrations** of Splunk Enterprise Security, enabling seamless connection with various platforms and systems.
- Users highlight the **impressive threat detection** capabilities of Splunk Enterprise Security, enhancing security focus and reducing false alarms.
- Users value the **effective features** of Splunk Enterprise Security, enhancing security analysis with comprehensive logs and insights.
- Users appreciate the **user-friendly interface** of Splunk Enterprise Security, enabling efficient monitoring and attractive dashboards.

**Cons:**

- Users note that the **high cost** of Splunk Enterprise Security is a major drawback for smaller organizations.
- Users find the **initial implementation complex** , needing expert resources and time to onboard Splunk Enterprise Security effectively.
- Users find the **complex implementation** of Splunk Enterprise Security challenging, requiring extensive expertise and resources.
- Users find the **complexity and extensive setup** of Splunk Enterprise Security to be time-consuming and challenging.
- Users find the **difficult learning** curve of Splunk Enterprise Security a challenge for beginners and costly to set up.

#### What Are Recent G2 Reviews of Splunk Enterprise Security?

**"[Powerful Visibility and Investigations with Splunk Enterprise Security](https://www.g2.com/survey_responses/splunk-enterprise-security-review-12695107)"**

**Rating:** 4.0/5.0 stars
*— Akil S.*

[Read full review](https://www.g2.com/survey_responses/splunk-enterprise-security-review-12695107)

---

**"[Powerful Threat Detection and Investigation with Splunk Enterprise Security](https://www.g2.com/survey_responses/splunk-enterprise-security-review-12982814)"**

**Rating:** 5.0/5.0 stars
*— Priyanshu S.*

[Read full review](https://www.g2.com/survey_responses/splunk-enterprise-security-review-12982814)

---


#### What Are G2 Users Discussing About Splunk Enterprise Security?

- [What is Splunk User Behavior Analytics used for?](https://www.g2.com/discussions/what-is-splunk-user-behavior-analytics-used-for)
- [What does Splunk Enterprise do?](https://www.g2.com/discussions/splunk-enterprise-security-what-does-splunk-enterprise-do)
- [What is the difference between Splunk Enterprise and Splunk Enterprise Security?](https://www.g2.com/discussions/what-is-the-difference-between-splunk-enterprise-and-splunk-enterprise-security) - 1 comment
- [Which Splunk app is used for enterprise security?](https://www.g2.com/discussions/which-splunk-app-is-used-for-enterprise-security)
- [What is Splunk Enterprise Security?](https://www.g2.com/discussions/what-is-splunk-enterprise-security)

### 15. [FortiSIEM](https://www.g2.com/products/fortisiem/reviews)
The complexity of managing network and security operations is resulting in increases in breaches worldwide. Discovery, isolation, and remediation of these incidents are measured in hundreds of days. And with a dwindling pool of skilled cyber security personnel able to manage the wide array of devices and data sources to protect their network assets, success requires a new approach. FortiSIEM provides organizations of all sizes with a comprehensive, holistic, and scalable solution for security, performance, and compliance management, from IoT to the cloud. FortiSIEM expands network visibility through the Fortinet Security Fabric&#39;s integrations with the leading security products present in most networks today.


**Average Rating:** 4.3/5.0
**Total Reviews:** 40
**How Do G2 Users Rate FortiSIEM?**

- **Activity Monitoring:** 8.7/10 (Category avg: 9.1/10)
- **Data Examination:** 7.9/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.6/10 (Category avg: 8.7/10)
- **Log Management:** 8.7/10 (Category avg: 9.1/10)

**Who Is the Company Behind FortiSIEM?**

- **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet)
- **Year Founded:** 2000
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @Fortinet (151,422 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,279 employees on LinkedIn®)
- **Ownership:** NASDAQ: FTNT

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 46% Mid-Market, 29% Enterprise


#### What Are FortiSIEM's Pros and Cons?

**Pros:**

- Alerting (1 reviews)
- Log Management (1 reviews)
- Threat Detection (1 reviews)
- Troubleshooting (1 reviews)
- Visibility (1 reviews)

**Cons:**

- Complex Configuration (1 reviews)
- Complex Setup (1 reviews)
- Difficult Customization (1 reviews)
- Learning Curve (1 reviews)
- Poor Interface Design (1 reviews)


### What Do G2 Reviewers Say About FortiSIEM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **real-time visibility** of FortiSIEM for effective threat detection and troubleshooting across their infrastructure.
- Users value the **single-pane-of-glass visibility** of FortiSIEM, enhancing threat detection and troubleshooting efficiency.
- Users value the **real-time threat detection** of FortiSIEM, enhancing visibility and facilitating quick troubleshooting across infrastructure.
- Users appreciate the **real-time correlation of logs and events** in FortiSIEM, enhancing threat detection and troubleshooting efficiency.
- Users love the **single-pane-of-glass visibility** of FortiSIEM, enhancing real-time threat detection and troubleshooting across infrastructure.

**Cons:**

- Users find the **complex configuration** of FortiSIEM challenging, making initial setup and customization difficult.
- Users find the **complex setup** and learning curve of FortiSIEM challenging, impacting the overall user experience.
- Users find **difficult customization** in FortiSIEM, particularly during initial setup and advanced reporting, frustrating and time-consuming.
- Users find the **learning curve** for setup and advanced reporting in FortiSIEM to be quite challenging.
- Users find the **poor interface design** of FortiSIEM complicated, making setup and advanced reporting challenging.

#### What Are Recent G2 Reviews of FortiSIEM?

**"[Unified Visibility and Real-Time Insights All in One Platform](https://www.g2.com/survey_responses/fortisiem-review-12189812)"**

**Rating:** 5.0/5.0 stars
*— Yogeshwaran R.*

[Read full review](https://www.g2.com/survey_responses/fortisiem-review-12189812)

---

**"[Unified Visibility and Faster Threat Detection with FortiSIEM](https://www.g2.com/survey_responses/fortisiem-review-12097381)"**

**Rating:** 4.5/5.0 stars
*— Seid H.*

[Read full review](https://www.g2.com/survey_responses/fortisiem-review-12097381)

---


#### What Are G2 Users Discussing About FortiSIEM?

- [What is FortiSIEM used for?](https://www.g2.com/discussions/what-is-fortisiem-used-for)

### 16. [Rapid7 Next-Gen SIEM](https://www.g2.com/products/rapid7-next-gen-siem/reviews)
Rapid7 InsightIDR is a SaaS SIEM for modern threat detection and response. InsightIDR enables security analysts to work more efficiently and effectively, by unifying diverse data sources, providing early and reliable out of the box detections, and delivering rich visual investigations and automation to expedite response. With a lightweight cloud deployment and intuitive UI and onboarding experience, InsightIDR customers recognize an accelerated return on their investment and start seeing valuable insights from Day 1. With InsightIDR, teams can advance their threat detection and response program without adding headcount.


**Average Rating:** 4.4/5.0
**Total Reviews:** 67
**How Do G2 Users Rate Rapid7 Next-Gen SIEM?**

- **Activity Monitoring:** 9.2/10 (Category avg: 9.1/10)
- **Data Examination:** 8.6/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.9/10 (Category avg: 8.7/10)
- **Log Management:** 9.2/10 (Category avg: 9.1/10)

**Who Is the Company Behind Rapid7 Next-Gen SIEM?**

- **Seller:** [Rapid7](https://www.g2.com/sellers/rapid7)
- **Year Founded:** 2000
- **HQ Location:** Boston, MA
- **Twitter:** @rapid7 (124,405 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/39624/ (3,274 employees on LinkedIn®)
- **Ownership:** NASDAQ:RPD

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 66% Mid-Market, 31% Enterprise


#### What Are Rapid7 Next-Gen SIEM's Pros and Cons?

**Pros:**

- Ease of Use (2 reviews)
- Easy Integrations (2 reviews)
- Integrations (2 reviews)
- Threat Detection (2 reviews)
- Visibility (2 reviews)

**Cons:**

- Limited Features (2 reviews)
- Alerting Issues (1 reviews)
- Alert Management (1 reviews)
- Difficult Customization (1 reviews)
- Difficult Setup (1 reviews)


### What Do G2 Reviewers Say About Rapid7 Next-Gen SIEM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Rapid7 Next-Gen SIEM, facilitating effortless log management and integration.
- Users appreciate the **easy integrations** of Rapid7 Next-Gen SIEM, enhancing compatibility with various third-party tools effortlessly.
- Users value the **easy integrations** with third-party tools, enhancing functionality and streamlining security management.
- Users appreciate the **effective threat detection** capabilities of Rapid7 Next-Gen SIEM, enhancing investigation speed and efficiency.
- Users appreciate the **visibility** of Rapid7 Next-Gen SIEM, enabling easy search and understanding of log data.

**Cons:**

- Users find the **limited features** of Rapid7 Next-Gen SIEM restrictive compared to larger competitors, hindering alert creation.
- Users find the **alerting capabilities limited** , making it challenging to create timely and effective alerts.
- Users find the **alert management limited** , making it challenging to create effective and timely alerts.
- Users find the **difficult customization** process frustrating, especially when creating alerts and setting patterns.
- Users find the **difficult setup** of Rapid7 Next-Gen SIEM frustrating, especially for creating alerts and patterns.

#### What Are Recent G2 Reviews of Rapid7 Next-Gen SIEM?

**"[Easiest SIEM Implementation with Transparent Pricing](https://www.g2.com/survey_responses/rapid7-next-gen-siem-review-12182908)"**

**Rating:** 5.0/5.0 stars
*— Joevanne V.*

[Read full review](https://www.g2.com/survey_responses/rapid7-next-gen-siem-review-12182908)

---

**"[Intuitive, High-Performance SIEM with Great Support and Cost-Effective Value](https://www.g2.com/survey_responses/rapid7-next-gen-siem-review-12711350)"**

**Rating:** 4.5/5.0 stars
*— Nihal J.*

[Read full review](https://www.g2.com/survey_responses/rapid7-next-gen-siem-review-12711350)

---


#### What Are G2 Users Discussing About Rapid7 Next-Gen SIEM?

- [What is InsightIDR used for?](https://www.g2.com/discussions/what-is-insightidr-used-for)
- [What is rapid7 InsightVM?](https://www.g2.com/discussions/what-is-rapid7-insightvm)
- [Is rapid7 a SIEM?](https://www.g2.com/discussions/is-rapid7-a-siem)
- [What is rapid7 used for?](https://www.g2.com/discussions/insightidr-what-is-rapid7-used-for)
- [What is InsightIDR?](https://www.g2.com/discussions/what-is-insightidr)

### 17. [aiSIEM](https://www.g2.com/products/aisiem/reviews)
Seceon Open Threat Management OTM Platform aiSIEM is a cybersecurity software designed to deliver threat detection, monitoring, and response automation for organizations. The software utilizes artificial intelligence and machine learning to analyze security data from various sources, enabling the identification of malicious activities, policy violations, and vulnerabilities. It provides automated correlation and contextualization of security events to support threat prioritization and alert management. The software offers integrated security information and event management SIEM capabilities, including log collection, normalization, and real-time analytics, cloud monitoring, and UBEA and NDR capabilities, allowing organizations to address security incidents and meet compliance requirements. The platform aims to streamline security operations by reducing manual efforts and supporting efficient incident resolution.


**Average Rating:** 4.7/5.0
**Total Reviews:** 18
**How Do G2 Users Rate aiSIEM?**

- **Activity Monitoring:** 9.8/10 (Category avg: 9.1/10)
- **Data Examination:** 9.2/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.7/10 (Category avg: 8.7/10)
- **Log Management:** 9.4/10 (Category avg: 9.1/10)

**Who Is the Company Behind aiSIEM?**

- **Seller:** [Seceon](https://www.g2.com/sellers/seceon)
- **Year Founded:** 2015
- **HQ Location:** Westford, Massachusetts, United States
- **Twitter:** @Seceon_Inc (1,209 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/seceon/ (177 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 45% Mid-Market, 41% Small-Business



#### What Are Recent G2 Reviews of aiSIEM?

**"[Seceon aiSIEM Simplifies SOC Ops with AI-Driven Threat Visibility](https://www.g2.com/survey_responses/aisiem-review-12620528)"**

**Rating:** 5.0/5.0 stars
*— Jayesh S.*

[Read full review](https://www.g2.com/survey_responses/aisiem-review-12620528)

---

**"[My Experience with Seceon aiSIEM](https://www.g2.com/survey_responses/aisiem-review-12718779)"**

**Rating:** 5.0/5.0 stars
*— Kanchan M.*

[Read full review](https://www.g2.com/survey_responses/aisiem-review-12718779)

---



### 18. [Blumira Automated Detection &amp; Response](https://www.g2.com/products/blumira-automated-detection-response/reviews)
Blumira is an integrated security operations platform built for growing teams and the partners supporting them to gain complete visibility into their environment, identify and address risk faster, and deliver advanced security and compliance. The platform includes: - Managed Detections for automated threat hunting to identify attacks early - AI Investigation with 98.5% accurate, human-in-the-loop triage validated against real cases - Rapid Response with automation and 1-click actions to contain and block threats immediately - One Year of Data Retention with unlimited log ingestion to satisfy compliance requirements - Advanced Reporting and dashboards for forensics and easy investigation - Endpoint &amp; Identity Protection (EDR/ITDR) for real-time remediation across devices and users - 24/7 Security Operations support for critical priority issues


**Average Rating:** 4.6/5.0
**Total Reviews:** 122
**How Do G2 Users Rate Blumira Automated Detection &amp; Response?**

- **Activity Monitoring:** 8.7/10 (Category avg: 9.1/10)
- **Data Examination:** 8.4/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.0/10 (Category avg: 8.7/10)
- **Log Management:** 8.7/10 (Category avg: 9.1/10)

**Who Is the Company Behind Blumira Automated Detection &amp; Response?**

- **Seller:** [Blumira](https://www.g2.com/sellers/blumira)
- **Company Website:** https://www.blumira.com
- **Year Founded:** 2018
- **HQ Location:** Ann Arbor, Michigan
- **Twitter:** @blumira (1 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/blumira/ (67 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** IT Manager
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 51% Mid-Market, 36% Small-Business


#### What Are Blumira Automated Detection &amp; Response's Pros and Cons?

**Pros:**

- Ease of Use (34 reviews)
- Customer Support (21 reviews)
- Setup Ease (19 reviews)
- Alerting (17 reviews)
- Alert Management (17 reviews)

**Cons:**

- Limited Customization (11 reviews)
- Alert System (6 reviews)
- Expensive (6 reviews)
- Faulty Detection (6 reviews)
- Insufficient Information (6 reviews)


### What Do G2 Reviewers Say About Blumira Automated Detection &amp; Response?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Blumira, noting the quick setup and responsive support team.
- Users value the **responsive and personalized support** from Blumira&#39;s SOC team, enhancing their overall experience significantly.
- Users find the **setup process incredibly easy** , with intuitive integration and immediate alert functionalities boosting security management.
- Users value the **reliable real-time alerting** of Blumira, enhancing their experience without overwhelming them with unnecessary notifications.
- Users value the **reliable real-time alerting** of Blumira, appreciating its clarity and ease of management.

**Cons:**

- Users find the **limited customization** in detection filters a drawback, despite helpful support for creating custom detections.
- Users face issues with **false positives** from alerts, which can disrupt business functions and waste valuable time.
- Users find the **pricing model inflexible and expensive** , making it difficult to meet their budgetary needs.
- Users face challenges with **false positives** in Blumira, leading to frustration and wasted time on repetitive alerts.
- Users note the **insufficient information** available on data intake, making search and usability challenging.

#### What Are Recent G2 Reviews of Blumira Automated Detection &amp; Response?

**"[Breeze From Sales to Onboarding With an Intuitive, Easy-to-Configure UI](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-12984186)"**

**Rating:** 5.0/5.0 stars
*— Blake C.*

[Read full review](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-12984186)

---

**"[A well-rounded detection system with fantastic support](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-10479545)"**

**Rating:** 5.0/5.0 stars
*— Jeremy A.*

[Read full review](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-10479545)

---


#### What Are G2 Users Discussing About Blumira Automated Detection &amp; Response?

- [What are the benefits and drawbacks of using Blumira for threat detection?](https://www.g2.com/discussions/what-are-the-benefits-and-drawbacks-of-using-blumira-for-threat-detection)
- [What is cloud SIEM?](https://www.g2.com/discussions/what-is-cloud-siem)
- [What does the term Siem stand for?](https://www.g2.com/discussions/what-does-the-term-siem-stand-for)
- [What does Blumira do?](https://www.g2.com/discussions/what-does-blumira-do)
- [What is Blumira automated detection &amp; response?](https://www.g2.com/discussions/what-is-blumira-automated-detection-response)

### 19. [Coralogix](https://www.g2.com/products/coralogix/reviews)
Coralogix is a modern, full-stack observability platform transforming how businesses process and understand their data. Our unique architecture powers in-stream analytics without reliance on indexing or hot storage. We specialize in comprehensive monitoring of logs, metrics, trace and security events, enhancing operational efficiency and reducing total cost of ownership by up to 70%. Coralogix stands out for its simple pricing model, based solely on data volume ingested and retained, and offers free, fast customer support with less than 30 second response time and 1 hour resolution time. Our platform covers the entire range of observability with features such as APM, RUM, SIEM, Kubernetes monitoring and more, all streamlined for quick integration and immediate value. Components within the stream store the system state to provide stateful insights and real-time alerting without ever needing to index the data — so there are never any trade-offs to achieve observability. Once ingested, parsed, and enriched, data is written remotely to an archive bucket controlled by the client. The archive can be queried directly at any time, from the platform UI or via CLI, giving users infinite retention with full control over, and access to, their data. View and query your data from any dashboard using any syntax. Coralogix has successfully completed relevant security and privacy compliances by BDO including GDPR, SOC 2, PCI, HIPAA, and ISO 27001/27701.


**Average Rating:** 4.6/5.0
**Total Reviews:** 339
**How Do G2 Users Rate Coralogix?**

- **Activity Monitoring:** 8.7/10 (Category avg: 9.1/10)
- **Data Examination:** 8.7/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.8/10 (Category avg: 8.7/10)
- **Log Management:** 9.0/10 (Category avg: 9.1/10)

**Who Is the Company Behind Coralogix?**

- **Seller:** [Coralogix](https://www.g2.com/sellers/coralogix)
- **Company Website:** https://www.coralogix.com
- **Year Founded:** 2014
- **HQ Location:** San Francisco, CA
- **Twitter:** @Coralogix (4,102 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/3763125/ (588 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, DevOps Engineer
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 53% Mid-Market, 34% Enterprise


#### What Are Coralogix's Pros and Cons?

**Pros:**

- Ease of Use (82 reviews)
- Log Management (70 reviews)
- Customer Support (65 reviews)
- Real-time Monitoring (57 reviews)
- User Interface (57 reviews)

**Cons:**

- Learning Curve (25 reviews)
- Missing Features (25 reviews)
- Slow Performance (24 reviews)
- Learning Difficulty (22 reviews)
- Difficult Learning (21 reviews)


### What Do G2 Reviewers Say About Coralogix?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** in setting up Coralogix, benefiting from seamless integrations and efficient monitoring.
- Users value the **integrated log management** of Coralogix, enhancing speed and accuracy in root-cause analysis.
- Users praise the **responsive customer support** of Coralogix, ensuring quick resolutions and enhanced user experience.
- Users value the **real-time monitoring** capabilities of Coralogix, enhancing user experience and incident response efficiency.
- Users appreciate the **user-friendly interface** of Coralogix, making it easy to search and export logs efficiently.

**Cons:**

- Users find the **learning curve steep** , making it challenging for beginners to navigate and master metrics collection.
- Users find the **missing feature for exporting searched strings** limits their ability to efficiently manage logs.
- Users experience **slow performance** with Coralogix, leading to frustrating delays in loading and retrieving logs.
- Users find **learning difficulty** with Coralogix, especially concerning advanced features and navigating the overwhelming UI.
- Users note the **difficult learning curve** in navigating Coralogix’s complex setup and technical syntax initially.

#### What Are Recent G2 Reviews of Coralogix?

**"[Coralogix Game Changer Logging Tool](https://www.g2.com/survey_responses/coralogix-review-11633887)"**

**Rating:** 4.5/5.0 stars
*— Shakti V.*

[Read full review](https://www.g2.com/survey_responses/coralogix-review-11633887)

---

**"[Reliable Log Monitoring with Room for Improvement](https://www.g2.com/survey_responses/coralogix-review-12091026)"**

**Rating:** 4.5/5.0 stars
*— Aayush M.*

[Read full review](https://www.g2.com/survey_responses/coralogix-review-12091026)

---



### 20. [Securonix Security Operations and Analytics Platform](https://www.g2.com/products/securonix-security-operations-and-analytics-platform/reviews)
Securonix is working to radically transform all areas of data security with actionable security intelligence.


**Average Rating:** 4.0/5.0
**Total Reviews:** 14
**How Do G2 Users Rate Securonix Security Operations and Analytics Platform?**

- **Activity Monitoring:** 9.4/10 (Category avg: 9.1/10)
- **Data Examination:** 9.7/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.7/10 (Category avg: 8.7/10)
- **Log Management:** 9.2/10 (Category avg: 9.1/10)

**Who Is the Company Behind Securonix Security Operations and Analytics Platform?**

- **Seller:** [Securonix](https://www.g2.com/sellers/securonix)
- **Year Founded:** 2008
- **HQ Location:** Addison, US
- **Twitter:** @Securonix (4,275 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/759889 (667 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services
- **Company Size:** 50% Enterprise, 36% Small-Business


#### What Are Securonix Security Operations and Analytics Platform's Pros and Cons?

**Pros:**

- Alerting (1 reviews)
- Alerting System (1 reviews)
- Alert Notifications (1 reviews)
- Alerts (1 reviews)
- Analysis (1 reviews)

**Cons:**

- Complex Setup (1 reviews)
- Information Deficiency (1 reviews)
- Insufficient Detail (1 reviews)
- Integration Issues (1 reviews)
- Limited Features (1 reviews)


### What Do G2 Reviewers Say About Securonix Security Operations and Analytics Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **efficient alert correlation** of Securonix, making analysis straightforward and minimizing false positives.
- Users value the **automatic correlation of alerts** in Securonix, enhancing analysis and minimizing false positives.
- Users value the **automatically correlated alerts** which enhance analysis and minimize false positives effectively.
- Users value the **pre-correlated alerts** , which enhance analysis, minimize false positives, and simplify alert management.
- Users appreciate the **ease of alert analysis** with Securonix, highlighting its effective correlation and reduced false positives.

**Cons:**

- Users find the **complex setup** of Securonix challenging, especially with difficult integration and troubleshooting errors.
- Users struggle with **information deficiency** in Securonix, finding analysis and troubleshooting challenging.
- Users find the **insufficient detail** in Securonix limits their analysis and complicates troubleshooting integration errors.
- Users face **integration challenges** with Securonix, complicating analysis and troubleshooting processes significantly.
- Users find the **limited features** of Securonix hindered their analysis and troubleshooting capabilities.

#### What Are Recent G2 Reviews of Securonix Security Operations and Analytics Platform?

**"[Modern SIEM Tool with good features and Support](https://www.g2.com/survey_responses/securonix-security-operations-and-analytics-platform-review-9514109)"**

**Rating:** 5.0/5.0 stars
*— Pritam M.*

[Read full review](https://www.g2.com/survey_responses/securonix-security-operations-and-analytics-platform-review-9514109)

---

**"[Correlated Alerts Made Easy, with Fewer False Positives](https://www.g2.com/survey_responses/securonix-security-operations-and-analytics-platform-review-12366950)"**

**Rating:** 5.0/5.0 stars
*— Saikumar M.*

[Read full review](https://www.g2.com/survey_responses/securonix-security-operations-and-analytics-platform-review-12366950)

---


#### What Are G2 Users Discussing About Securonix Security Operations and Analytics Platform?

- [What is Securonix Security Operations and Analytics Platform used for?](https://www.g2.com/discussions/what-is-securonix-security-operations-and-analytics-platform-used-for) - 1 comment, 1 upvote

### 21. [Palo Alto Cortex XSIAM](https://www.g2.com/products/palo-alto-cortex-xsiam/reviews)
Product Description: Palo Alto Networks&#39; Cortex XSIAM is an AI-driven security operations platform designed to transform traditional Security Operations Centers by integrating and automating key functions such as data centralization, threat detection, and incident response. By leveraging machine learning and automation, it enables organizations to detect and respond to threats more efficiently, reducing manual workloads and improving overall security posture. Key Features and Functionality: - Data Centralization: Aggregates data from various sources into a unified platform, providing comprehensive visibility across the enterprise. - AI-Powered Threat Detection: Utilizes machine learning algorithms to identify anomalies and potential threats in real-time. - Automated Incident Response: Streamlines response processes through automation, enabling rapid mitigation of security incidents. - Integrated SOC Capabilities: Combines functions such as Extended Detection and Response , Security Orchestration, Automation, and Response , Attack Surface Management , and Security Information and Event Management into a cohesive platform, eliminating the need for multiple disparate tools. - Scalability: Designed to handle large volumes of data and adapt to the evolving needs of modern enterprises. Primary Value and Problem Solved: Cortex XSIAM addresses the challenges of disjointed data, weak threat defense, and heavy reliance on manual work in traditional SOCs. By centralizing data and automating security operations, it simplifies processes, enhances threat detection accuracy, and accelerates incident response times. This transformation enables organizations to proactively outpace threats, reduce operational costs, and achieve a more robust security posture.


**Average Rating:** 4.4/5.0
**Total Reviews:** 64
**How Do G2 Users Rate Palo Alto Cortex XSIAM?**

- **Activity Monitoring:** 9.2/10 (Category avg: 9.1/10)
- **Data Examination:** 8.4/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.4/10 (Category avg: 8.7/10)
- **Log Management:** 9.1/10 (Category avg: 9.1/10)

**Who Is the Company Behind Palo Alto Cortex XSIAM?**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Company Website:** https://www.paloaltonetworks.com
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,951 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (22,313 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 49% Enterprise, 29% Mid-Market


#### What Are Palo Alto Cortex XSIAM's Pros and Cons?

**Pros:**

- Log Management (13 reviews)
- Dashboard Design (11 reviews)
- Real-time Monitoring (11 reviews)
- Simple (11 reviews)
- Dashboard Customization (9 reviews)

**Cons:**

- Resource Intensive (9 reviews)
- Complex Setup (8 reviews)
- Cost (7 reviews)
- Dashboard Issues (7 reviews)
- Difficult Setup (7 reviews)


### What Do G2 Reviewers Say About Palo Alto Cortex XSIAM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight **best-in-class log management** and effective alerting features, enhancing the overall usability and integration.
- Users appreciate the **user-friendly dashboards** of Palo Alto Cortex XSIAM, highlighting ease of understanding alerts and metrics.
- Users value the **real-time monitoring** capabilities of Palo Alto Cortex XSIAM, enhancing threat detection and response efficiency.
- Users appreciate the **user-friendly interface** of Palo Alto Cortex XSIAM, making monitoring and deployment seamless and efficient.
- Users appreciate the **good dashboard customization** in Palo Alto Cortex XSIAM, citing ease of use and integration.

**Cons:**

- Users find the solution **resource intensive** , increasing costs and complicating implementation due to high hardware requirements.
- Users find the **complex implementation** of Palo Alto Cortex XSIAM time-consuming and resource-intensive, requiring significant technical expertise.
- Users find the **cost** of Palo Alto Cortex XSIAM to be higher than competitors, impacting affordability for smaller companies.
- Users report **dashboard issues** that hinder monitoring and create a messy interface, impacting usability and visibility.
- Users struggle with the **difficult setup** of Palo Alto Cortex XSIAM, finding it complex and time-consuming for implementation.

#### What Are Recent G2 Reviews of Palo Alto Cortex XSIAM?

**"[Palo Alto Cortex XSIAM Streamlines SOC Work with Smart Noise Reduction and Automation](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-12626074)"**

**Rating:** 5.0/5.0 stars
*— Rohan K.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-12626074)

---

**"[Streamlines Security Operations with Automation](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-13067964)"**

**Rating:** 4.0/5.0 stars
*— Ronald D.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-13067964)

---


#### What Are G2 Users Discussing About Palo Alto Cortex XSIAM?

- [What is IBM Security ReaQta used for?](https://www.g2.com/discussions/what-is-ibm-security-reaqta-used-for)
- [What does QRadar stand for?](https://www.g2.com/discussions/what-does-qradar-stand-for) - 1 comment, 1 upvote
- [How do I use IBM QRadar?](https://www.g2.com/discussions/how-do-i-use-ibm-qradar) - 1 comment
- [What are the key component of IBM QRadar?](https://www.g2.com/discussions/what-are-the-key-component-of-ibm-qradar) - 1 comment
- [What is IBM QRadar Siem?](https://www.g2.com/discussions/what-is-ibm-qradar-siem) - 1 comment

### 22. [Pandora FMS](https://www.g2.com/products/pandora-fms/reviews)
Pandora FMS is a unified monitoring and observability platform designed to consolidate visibility, alerting, reporting, and automation across heterogeneous IT environments. Instead of combining multiple point tools for networks, servers, applications, and cloud services, Pandora FMS centralizes data collection and operational workflows in a single console, reducing integration effort and operational complexity in on-premise, hybrid, and multi-cloud architectures. The platform collects telemetry using multiple methods, including agents, remote checks, standard protocols (e.g., SNMP/WMI), APIs, and log/event ingestion. This enables teams to monitor infrastructure and services end-to-end, correlate signals, and maintain consistent alerting policies and dashboards across distributed estates. Pandora FMS also supports capacity and trend analysis to anticipate resource constraints and identify recurring patterns, and includes AI-assisted capabilities for anomaly detection and automated thresholds to surface hard-to-spot operational signals. Pandora FMS is extensible through a large plugin ecosystem (500+ plugins and integrations), covering a wide range of enterprise and infrastructure technologies such as SAP, Oracle, Citrix, JBoss, VMware, AWS, SQL Server, Red Hat, and WebSphere. This extensibility helps organizations standardize monitoring across legacy and modern stacks without redesigning their monitoring approach per technology. Core capabilities: -Unified monitoring for networks, servers, applications, cloud services, endpoints, and logs -Centralized alerting, event correlation, dashboards, and scheduled reporting -Flexible data collection via agents, remote checks, APIs, and plugins -Scalability for distributed environments and large numbers of monitored elements -Analytics for trend/capacity planning plus AI-assisted anomaly detection and dynamic thresholds -A key differentiator is direct vendor support, which simplifies escalation and ensures continuity of expertise for deployment, tuning, and ongoing operations.


**Average Rating:** 4.6/5.0
**Total Reviews:** 212
**How Do G2 Users Rate Pandora FMS?**

- **Activity Monitoring:** 10.0/10 (Category avg: 9.1/10)
- **Data Examination:** 8.3/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.1/10 (Category avg: 8.7/10)
- **Log Management:** 10.0/10 (Category avg: 9.1/10)

**Who Is the Company Behind Pandora FMS?**

- **Seller:** [Pandora FMS](https://www.g2.com/sellers/pandora-fms)
- **Company Website:** https://pandorafms.com/
- **Year Founded:** 2004
- **HQ Location:** Madrid, Spain
- **Twitter:** @pandorafms (5,458 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/pandora-pfms/ (56 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Data Analyst
- **Top Industries:** Information Technology and Services, Telecommunications
- **Company Size:** 50% Mid-Market, 37% Small-Business


#### What Are Pandora FMS's Pros and Cons?

**Pros:**

- Monitoring (138 reviews)
- Ease of Use (114 reviews)
- Real-time Monitoring (96 reviews)
- Flexibility (64 reviews)
- Network Monitoring (61 reviews)

**Cons:**

- Learning Curve (44 reviews)
- Complex Setup (32 reviews)
- Learning Difficulty (29 reviews)
- Complex Configuration (27 reviews)
- Difficult Learning (27 reviews)


### What Do G2 Reviewers Say About Pandora FMS?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **reliable remote monitoring** of Pandora FMS, appreciating its seamless integration and ease of access.
- Users appreciate the **ease of use** of Pandora FMS, making server monitoring and management seamless and efficient.
- Users value the **real-time monitoring** capabilities of Pandora FMS, enhancing visibility and quick response across IT systems.
- Users value the **flexibility** of Pandora FMS, easily adapting monitoring to diverse systems and specific needs.
- Users value the **real-time network monitoring** of Pandora FMS, which provides instant alerts for any issues.

**Cons:**

- Users find the **learning curve steep** , especially for beginners navigating complex scripts and configurations.
- Users find the **complex setup** of Pandora FMS to be challenging, impacting initial experiences and usability.
- Users find the **learning curve steep** with Pandora FMS, particularly when customizing and integrating specific functionalities.
- Users struggle with the **complex configuration** of Pandora FMS, finding the setup process time-consuming and challenging to navigate.
- Users find the **difficult learning curve** of Pandora FMS challenging, affecting their overall experience with the software.

#### What Are Recent G2 Reviews of Pandora FMS?

**"[Fast Deployment, Easy to Use, and Strong Performance Even in the Community Version](https://www.g2.com/survey_responses/pandora-fms-review-12677659)"**

**Rating:** 5.0/5.0 stars
*— David D.*

[Read full review](https://www.g2.com/survey_responses/pandora-fms-review-12677659)

---

**"[Why we decided to bet on PandoraFMS](https://www.g2.com/survey_responses/pandora-fms-review-7666873)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Commercial Real Estate*

[Read full review](https://www.g2.com/survey_responses/pandora-fms-review-7666873)

---


#### What Are G2 Users Discussing About Pandora FMS?

- [What are the benefits and drawbacks of using Pandora FMS for IT monitoring?](https://www.g2.com/discussions/what-are-the-benefits-and-drawbacks-of-using-pandora-fms-for-it-monitoring)

### 23. [LogRhythm SIEM](https://www.g2.com/products/exabeam-logrhythm-siem/reviews)
Rapidly deploy LogRhythm SIEM, the leading self-hosted SIEM, to secure your organization with powerful detections, synchronized threat intelligence, automated workflows, and achieve faster, more accurate threat detection, investigation, and response (TDIR).


**Average Rating:** 4.2/5.0
**Total Reviews:** 137
**How Do G2 Users Rate LogRhythm SIEM?**

- **Activity Monitoring:** 8.9/10 (Category avg: 9.1/10)
- **Data Examination:** 8.4/10 (Category avg: 8.6/10)
- **Ease of Use:** 8.3/10 (Category avg: 8.7/10)
- **Log Management:** 9.0/10 (Category avg: 9.1/10)

**Who Is the Company Behind LogRhythm SIEM?**

- **Seller:** [Exabeam](https://www.g2.com/sellers/exabeam)
- **Year Founded:** 2013
- **HQ Location:** Broomfield, CO
- **Twitter:** @exabeam (5,374 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/exabeam (793 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Information Security Analyst, Cyber Security Analyst
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 40% Mid-Market, 40% Enterprise



#### What Are Recent G2 Reviews of LogRhythm SIEM?

**"[More than a SIEM](https://www.g2.com/survey_responses/logrhythm-siem-review-10516628)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Banking*

[Read full review](https://www.g2.com/survey_responses/logrhythm-siem-review-10516628)

---

**"[LogRhythm SIEM - Best Solution In Market](https://www.g2.com/survey_responses/logrhythm-siem-review-11463953)"**

**Rating:** 5.0/5.0 stars
*— Vishwa  K.*

[Read full review](https://www.g2.com/survey_responses/logrhythm-siem-review-11463953)

---


#### What Are G2 Users Discussing About LogRhythm SIEM?

- [What are some SIEM tools?](https://www.g2.com/discussions/what-are-some-siem-tools)
- [What does a SIEM platform do?](https://www.g2.com/discussions/what-does-a-siem-platform-do)
- [How does Siem LogRhythm work?](https://www.g2.com/discussions/how-does-siem-logrhythm-work)
- [What is LogRhythm software?](https://www.g2.com/discussions/what-is-logrhythm-software)

### 24. [Microsoft Security Copilot](https://www.g2.com/products/microsoft-security-copilot/reviews)
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI


**Average Rating:** 4.3/5.0
**Total Reviews:** 12
**How Do G2 Users Rate Microsoft Security Copilot?**

- **Ease of Use:** 8.9/10 (Category avg: 8.7/10)

**Who Is the Company Behind Microsoft Security Copilot?**

- **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft)
- **Year Founded:** 1975
- **HQ Location:** Redmond, Washington
- **Twitter:** @microsoft (13,091,739 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (231,632 employees on LinkedIn®)
- **Ownership:** MSFT

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services
- **Company Size:** 75% Enterprise, 17% Mid-Market


#### What Are Microsoft Security Copilot's Pros and Cons?

**Pros:**

- Ease of Use (7 reviews)
- Security (5 reviews)
- Security Protection (5 reviews)
- Threat Detection (5 reviews)
- Automation (4 reviews)

**Cons:**

- Complexity (3 reviews)
- Expensive (3 reviews)
- Difficult Learning Curve (2 reviews)
- False Positives (2 reviews)
- Access Control (1 reviews)


### What Do G2 Reviewers Say About Microsoft Security Copilot?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Microsoft Security Copilot, thanks to its seamless integration and intuitive interface.
- Users value the **AI integration** in Microsoft Security Copilot for its enhanced threat detection and faster incident response.
- Users appreciate the **AI-driven threat detection** of Microsoft Security Copilot, enhancing security team&#39;s efficiency in identifying risks.
- Users value the **AI-driven threat detection** of Microsoft Security Copilot, significantly enhancing their security operations efficiency.
- Users value the **automation capabilities** of Microsoft Security Copilot, enhancing incident response and simplifying security management.

**Cons:**

- Users find Microsoft Security Copilot&#39;s **complexity** challenging, especially for inexperienced team members adapting to AI-based solutions.
- Users feel the product is **expensive** , suggesting a need for more cost-effective options for broader accessibility.
- Users find the **difficult learning curve** of Microsoft Security Copilot challenging, particularly for inexperienced team members.
- Users find that **false positives** often lead to wasted time and necessitate additional verification, complicating their workflow.
- Users criticize the **limited access** to Microsoft Security Copilot, impacting its usability for all users.

#### What Are Recent G2 Reviews of Microsoft Security Copilot?

**"[A Critical Analysis of AI in Cybersecurity](https://www.g2.com/survey_responses/microsoft-security-copilot-review-9887878)"**

**Rating:** 4.5/5.0 stars
*— Abhishek N.*

[Read full review](https://www.g2.com/survey_responses/microsoft-security-copilot-review-9887878)

---

**"[Co-pilot :A Dictionary of Guidance](https://www.g2.com/survey_responses/microsoft-security-copilot-review-9999338)"**

**Rating:** 5.0/5.0 stars
*— Viswanadh Gupta T.*

[Read full review](https://www.g2.com/survey_responses/microsoft-security-copilot-review-9999338)

---



### 25. [RunReveal](https://www.g2.com/products/runreveal/reviews)
RunReveal is a modern security data platform built for AI-forward security teams. RunReveal unifies logs, data pipelines, detections, AI-investigations, and analytics into one platform, so security teams are no longer stitching together tools to manage and use their security data. The platform ingests from 70+ sources, supports built-in and custom detections, and includes an AI agent for faster and automated investigations. RunReveal also support unlimited ingest, and prices based off of predictable data storage. If you&#39;re evaluating your first SIEM, escaping renewal sticker shock, or tired of paying enterprise prices for a SIEM that still require additional tooling, RunReveal gives you a unified platform for log management without the complexity or cost.


**Average Rating:** 4.9/5.0
**Total Reviews:** 10
**How Do G2 Users Rate RunReveal?**

- **Activity Monitoring:** 10.0/10 (Category avg: 9.1/10)
- **Data Examination:** 10.0/10 (Category avg: 8.6/10)
- **Ease of Use:** 9.7/10 (Category avg: 8.7/10)
- **Log Management:** 9.2/10 (Category avg: 9.1/10)

**Who Is the Company Behind RunReveal?**

- **Seller:** [RunReveal](https://www.g2.com/sellers/runreveal)
- **Company Website:** https://runreveal.com
- **Year Founded:** 2023
- **HQ Location:** Austin, US
- **LinkedIn® Page:** https://www.linkedin.com/company/runreveal/ (20 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software
- **Company Size:** 50% Mid-Market, 30% Small-Business


#### What Are RunReveal's Pros and Cons?

**Pros:**

- Detection Speed (4 reviews)
- Security (4 reviews)
- Threat Detection (4 reviews)
- Artificial Intelligence (3 reviews)
- Features (3 reviews)

**Cons:**

- Expensive (1 reviews)
- Feature Limitations (1 reviews)
- Lack of Features (1 reviews)
- Limited Features (1 reviews)


### What Do G2 Reviewers Say About RunReveal?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend the **exceptional detection speed** of RunReveal, enhancing efficiency in security investigations and response.
- Users appreciate the **exceptional security capabilities** of RunReveal, transforming their detection and response processes effectively.
- Users value the **exceptional threat detection** capabilities of RunReveal, transforming their approach to security with unmatched efficiency.
- Users highlight the **thoughtful AI implementation** of RunReveal, enhancing threat detection and simplifying investigations effectively.
- Users highlight the **powerful MCP server** , revolutionizing large-scale investigations and enhancing detection and response capabilities.

**Cons:**

- Users are frustrated by the **expensive paywall** limiting access to features in RunReveal&#39;s free version.
- Users find the **feature limitations** of RunReveal restrictive, particularly with important tools behind a paywall.
- Users feel frustrated by the **lack of features** in the free version, limiting their use in homelabs.
- Users express frustration over **limited features** in RunReveal&#39;s free version, hindering full utilization in personal projects.

#### What Are Recent G2 Reviews of RunReveal?

**"[RunReveal Integrations and AI Triage Make Security Findings Easy to Act On](https://www.g2.com/survey_responses/runreveal-review-13022957)"**

**Rating:** 5.0/5.0 stars
*— Julio J.*

[Read full review](https://www.g2.com/survey_responses/runreveal-review-13022957)

---

**"[RunReveal is the only SIEM and Detection and Response Platform that is ready for the AI age](https://www.g2.com/survey_responses/runreveal-review-12350471)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Logistics and Supply Chain*

[Read full review](https://www.g2.com/survey_responses/runreveal-review-12350471)

---




## What Is Security Information and Event Management (SIEM) Software?

[System Security Software](https://www.g2.com/categories/system-security)

## What Software Categories Are Similar to Security Information and Event Management (SIEM) Software?

- [Incident Response Software](https://www.g2.com/categories/incident-response)
- [Log Analysis Software](https://www.g2.com/categories/log-analysis)
- [Security Orchestration, Automation, and Response (SOAR) Software](https://www.g2.com/categories/security-orchestration-automation-and-response-soar)


---

## How Do You Choose the Right Security Information and Event Management (SIEM) Software?

### What You Should Know About SIEM Software

### What is security information and event management (SIEM) software?

Security Information and Event Management (SIEM) is a centralized system for threat detection that aggregates security alerts from multiple sources, simplifying threat response and compliance reporting. SIEM software is one of the most commonly used tools for security administrators and security incident response professionals. They provide a single platform capable of facilitating event and threat protection, log analysis and investigation, and threat remediation. Some cutting-edge tools provide additional functionality for creating response workflows, data normalization, and advanced threat protection.

SIEM platforms help security programs operate by collecting security data for future analysis, storing these data points, correlating them to security events, and facilitating analysis of those events.

Security teams can define rules for typical and suspicious activities with SIEM tools. Advanced Next-Gen SIEM solutions leverage [machine learning](https://www.g2.com/articles/what-is-machine-learning) and [AI](https://www.g2.com/articles/what-is-artificial-intelligence) to refine behavior models continuously, enhancing [User and Entity Behavior Analytics (UEBA)](https://www.g2.com/categories/user-and-entity-behavior-analytics-ueba) and reducing false positives. These systems analyze data against set rules and behavioral patterns, flagging notable events when anomalies are detected.

Companies using SIEM solutions deploy sensors across digital assets to automate data collection. Sensors relay information back to the SIEM’s log and event database. When additional security incidents arise, the SIEM platform detects anomalies. It correlates similar logs to provide context and threat information for security teams as they attempt to remediate any existing threats or vulnerabilities.

#### **What does SIEM stand for?**

SIEM stands for security information and event management (SIEM), which is a combination of two different acronyms for security technology: security information monitoring (SIM) and security event management (SEM).

SIM is the practice of collecting, aggregating, and analyzing security data, typically in the form of logs. SIM tools automate this process and document security information for other sources, such as [intrusion detection systems](https://www.g2.com/categories/intrusion-detection-and-prevention-systems-idps), [firewalls](https://www.g2.com/categories/firewall-software), or [routers](https://www.g2.com/categories/routers). Event logs and their associated informational components are recorded and stored for long periods for either retrospective analysis or compliance requirements.

SEM is a family of security software for discovering, analyzing, visualizing, and responding to threats as they arise. SEM is a core component of a security operations system. While SIM tools are designed for log collection and storage, SEM tools typically rely on SQL databases to store specific logs and other event data as they are generated in real time by security devices and IT systems. They usually also provide the functionality to correlate and analyze event data, monitor systems in real time, and alert security teams of abnormal activity.

SIEM combines the functionality of SIM and SEM to centralize control over log storage, event management, and real-time analysis. SIM and SEM have become defunct technologies, as SIEM’s rise has provided dual-purpose functionality. SIEM vendors offer a single tool capable of performing data aggregation, information correlation, and event management.

### Types of SIEM solutions

#### **Traditional SIEM**

Traditional SIEM tools are deployed on-premises with sensors placed on IT assets to analyze events and collect system logs. The data is used to develop baseline references and identify indicators of compromise. The SIEM product alerts security teams for intervention when a system becomes compromised.&amp;nbsp;

#### **Cloud or virtual SIEM**

Cloud-based and virtualized SIEM software are tools typically used to secure cloud infrastructure and services a cloud provider delivers. These tools are often less expensive than on-premises solutions and more accessible to implement, as no physical labor is required. They are ideal for companies without local IT infrastructure.

#### [**Managed SIEM services**](https://www.g2.com/categories/managed-siem-services)

Companies that do not have a full-fledged security program may choose managed SIEM services to aid in management and reduce work for internal employees. These SIEM services are delivered by managed service providers who provide the customer data and dashboards with security information and activity, but the provider handles implementation and remediation.&amp;nbsp;

### What are the common features of SIEM systems?

The following are some core features within SIEM software that can help users collect security data, analyze logs, and detect threats:

**Activity monitoring:** SIEM systems document the actions from endpoints within a network. The system alerts users of incidents and abnormal activities and documents the access point. Real-time tracking will document these for analysis as an event takes place.

**Asset management:** These SIEM features keep records of each network asset and its activity. The feature may also refer to the discovery of new assets accessing the network.

**Log management:** This functionality documents and stores event logs in a secure repository for reference, analysis, or compliance reasons.

**Event management:** As events occur in real time, the SIEM software alerts users of incidents. This allows security teams to intervene manually or trigger an automated response to resolve the issue.

[**Automated response**](https://www.g2.com/categories/security-information-and-event-management-siem/f/automated-response) **:** Response automation reduces the time spent diagnosing and resolving issues manually. The features are typically capable of quickly resolving common network security incidents.

**Incident reporting:** Incident reports document cases of abnormal activity and compromised systems. These can be used for forensic analysis or as a reference point for future incidents.

**Threat intelligence:** Threat intelligence feeds integrate information to train SIEM systems to detect emerging and existing threats. These threat feeds store information related to potential threats and vulnerabilities to ensure issues are discovered and teams are provided with the information necessary to resolve the problems as they occur.

[**Vulnerability assessment**](https://www.g2.com/categories/security-information-and-event-management-siem/f/vulnerability-assessment) **:** Vulnerability assessment tools may scan networks for potential vulnerabilities or audit data to discover non-compliant practices. Mainly, they’re used to analyze an existing network and IT infrastructure to outline access points that can be easily compromised.

[**Advanced analytics**](https://www.g2.com/categories/security-information-and-event-management-siem/f/advanced-analytics) **:** Advanced analytics features allow users to customize analysis with granular or individually specific metrics pertinent to the business’ resources.

[**Data examination**](https://www.g2.com/categories/security-information-and-event-management-siem/f/data-examination) **:** Data examination features typically facilitate the forensic analysis of incident data and event logs. These features allow users to search databases and incident logs to gain insights into vulnerabilities and incidents.

### What are the benefits of using SIEM products?

Below are a few of the main reasons SIEM software is commonly used to protect businesses of all sizes:

**Data aggregation and correlation:** SIEM systems and companies collect vast amounts of information from an entire network environment. This information is gathered from virtually anything interacting with a network, from endpoints and servers to firewalls and antivirus tools. It is either given directly to the SIEM or using agents (decision-making programs designed to identify irregular information). The platform is set up to deploy agents and collect and store similar information together according to security policies set in place by administrators.

**Incident alerting:** As information comes in from a network’s various connected components, the SIEM system correlates it using rule-based policies. These policies inform agents of normal behavior and threats. If any action violates these policies or malware or intrusion is discovered. At the same time, the SIEM platform monitors network activity; it is labeled as suspicious, security controls restrict access, and administrators are alerted.

**Security analysis:** Retrospective analysis may be performed by searching log data during specific periods or based on specific criteria. Security teams may suspect a certain misconfiguration or kind of malware caused an event. They may also suspect an unapproved party went undetected at a specific time. Teams will analyze the logs and look for specific characteristics in the data to determine whether their suspicion was right. They may also discover vulnerabilities or misconfigurations that leave them susceptible to attack and remediate them.

### Software related to SIEM tools

Many network and system security solutions involve collecting and analyzing event logs and security information. SIEM systems are typically the most all-encompassing solutions available, but many other security solutions may integrate with them for added functionality or complementary use. These are a few different technology categories related to SIEM software.

[Threat intelligence software](https://www.g2.com/categories/threat-intelligence) **:** Threat intelligence software is an informational service that provides SIEM tools and other information security systems with up-to-date information on web-based threats. They can inform the system of zero-day threats, new forms of malware, potential exploits, and different kinds of vulnerabilities.

[Incident response software](https://www.g2.com/categories/incident-response) **:** SIEM systems may facilitate incident response, but these tools are specifically designed to streamline the remediation process or add investigative capabilities during security workflow processes. Incident response solutions will not provide the same compliance maintenance or log storage capabilities. Still, they can be used to increase a team’s ability to tackle threats as they emerge.

[Network security policy management (NSPM) software](https://www.g2.com/categories/network-security-policy-management-nspm) **:** NSPM software has some overlapping functionality to ensure security hardware and IT systems are correctly configured but cannot detect and resolve threats. They are typically used to ensure devices like firewalls or DNS filters are functioning correctly and in alignment with the security rules put in place by security teams.

[Intrusion detection and prevention systems (IDPS)](https://www.g2.com/categories/intrusion-detection-and-prevention-systems-idps) **:** While SIEM systems specialize in log management, alerting, and correlation, IDPS provide additional detection and protection features to prevent unapproved parties from accessing sensitive systems and network breaches. However, they will not facilitate the analysis and forensic investigation of logs with the same level of detail as an SIEM system.

[Managed security services providers](https://www.g2.com/categories/managed-security-services) **:** Various managed security services are available for businesses without the resources or staff necessary to operate a full-fledged security administration and operations team. Managed services are a viable option and will provide companies with skilled staff to protect their customers’ systems and keep their sensitive information protected.

### Challenges with SIEM software

**Staffing:** There is an existing shortage of skilled security professionals. Managing SIEM products and maintaining a well-rounded security posture requires dedicated personnel with highly specialized skills. Some smaller or growing companies may not have the means to recruit, hire, and retain qualified security pros. In such cases, businesses can consider managed services to outsource the labor.&amp;nbsp;

**Compliance:** Some industries have specific compliance requirements determined by various governing bodies, but SIEM software can be used across several industries to maintain compliance standards. Many industry-specific compliance requirements exist, but most require security teams to protect sensitive data, restrict access to unapproved parties, and monitor changes made to identities, information, or privileges. For example, SIEM systems can maintain GDPR compliance by verifying security controls and data access, facilitating long-term storage of log data, and notifying security staff of security incidents, as GDPR requires.

### Which companies should buy SIEM solutions?

**Vertical industries:** Vertical industries, such as healthcare and financial services, often have additional compliance requirements related to data protection and privacy. SIEM is an ideal solution for outlining requirements, mapping threats, and remediating vulnerabilities.&amp;nbsp;

**SaaS business:** SaaS businesses utilizing resources from a cloud service provider are still responsible for a significant portion of the security efforts required to protect a cloud-native business. These companies may jump for cloud-native SIEM tools but will benefit from any SIEM to prevent, detect, and respond to threats.&amp;nbsp;

### How to choose the best SIEM software

#### Requirements Gathering (RFI/RFP) for Security Information and Event Management (SIEM) Software

The first step to purchasing a SIEM solution is to outline the options. Companies should be sure whether they need a cloud-based or on-premises solution. They should also outline the number of interconnected devices they need and whether they want physical or virtual sensors to secure them. Additional and possibly obvious requirements should include budgetary considerations, staffing limitations, and required integrations_.&amp;nbsp;_

#### **Compare Security Information and Event Management (SIEM) Software Products**

##### **Create a long list**

Once the requirements are outlined, buyers should prioritize the tools and identify the ones with as many features as possible that fit the budget window. It is recommended to restrict the list to products with desired features, pricing, and deployment methods to identify a dozen or so options. For example, if the business needs a cloud-native SIEM for less than $10k a year, half of the SIEM options will be eliminated.&amp;nbsp;

When choosing a SIEM provider, focus on the vendor’s experience, reputation, and specific functionality relevant to your security needs. Core capabilities ensure essential threat detection, while next-gen features add advanced intelligence and automation, allowing for a more proactive security posture. Here’s a breakdown to guide your selection:

**Core SIEM capabilities**

- Threat detection: Look for SIEMs with robust threat detection, which uses rules and behavioral analytics, along with threat feed integration, to accurately identify potential threats.
- Threat intelligence and security alerting: Leading SIEMs incorporate threat intelligence feeds, aggregate security data, and alert you when suspicious activities are detected, ensuring real-time updates on evolving threats.
- Compliance reporting: Compliance support is crucial, especially for meeting standards like HIPAA, PCI, and FFIEC. SIEMs streamline compliance assessment and reporting, helping prevent costly non-compliance.
- Real-time notifications: Swift alerts are vital; SIEMs that notify you of breaches immediately enable faster responses to potential threats.
- Data aggregation: A centralized view of all network activities ensures no area is left unmonitored, which is crucial for comprehensive threat visibility as your organization scales.
- Data normalization: SIEMs that normalize incoming data make it easier to analyze security events and extract actionable insights from disparate sources.

**Next-gen SIEM capabilities**

- Data collection and management: Next-gen SIEMs pull data from the cloud, on-premises, and external devices, consolidating insights across the entire IT environment.
- Cloud delivery: Cloud-based SIEMs use scalable storage, accommodating large data volumes without the limitations of on-premises hardware.
- User and entity behavior analytics (UEBA): By establishing normal user behavior and identifying deviations, UEBA helps detect insider threats and new, unknown threats.
- Security orchestration and automation response (SOAR): SOAR automates incident response, integrates with IT infrastructure, and enables coordinated responses across firewalls, email servers, and access controls.
- Automated attack timelines: Next-gen SIEMs automatically create visual attack timelines, simplifying investigation and triage, even for less experienced analysts.

Selecting an SIEM vendor with both core and next-gen capabilities offers your organization a comprehensive and agile approach to security, meeting both current and future requirements.

##### **Create a short list**

Narrowing down a short list can be tricky, especially for the indecisive, but these decisions must be made. Once the long list is limited to affordable products with the desired features, it’s time to search for third-party validation. For each tool, the buyer must analyze end-user reviews, analyst reports, and empirical security evaluations. Combining these specified factors should help rank options and eliminate poorly performing products. _&amp;nbsp;_

##### **Conduct demos**

With the list narrowed down to three to five possible products, businesses can contact vendors and schedule demos. This will help them get first-hand experience with the product, ask targeted questions, and gauge the vendors&#39; quality of service.&amp;nbsp;

Here are some essential questions to guide your decision:

- Will the tool enhance log collection and management?: 

Effective log collection is foundational. Look for compatible software across systems and devices, offering a user-friendly dashboard for streamlined monitoring.

- Does the tool support compliance efforts?

Even if compliance isn&#39;t a priority, choosing an SIEM that facilitates auditing and reporting can future-proof your operations. Look for tools that simplify compliance processes and reporting.

- Can the tool leverage past security events in threat response?

One of SIEM’s strengths is using historical data to inform future threat detection. Ensure the tool offers in-depth analytics and drill-down capabilities to analyze and act on past incidents.

- Is the incident response fast and automated?

Timely, effective responses are critical. The tool should provide customizable alerts that notify your team immediately when needed so you can confidently leave the dashboard.&amp;nbsp;

#### Selection of Security Information and Event Management (SIEM) Software

##### **Choose a selection team**

Decision-makers need to involve subject matter experts from all teams that will use the system in choosing a selection team. For backup software, this primarily involves product managers, developers, IT, and security staff. Any manager or department-level leader should also include individuals managing any solution the backup product will be integrating with.&amp;nbsp;

##### **Negotiation**

The seniority of the negotiation team may vary depending on the maturity of the business. It is advisable to include relevant directors or managers from the security and IT departments as well as from any other cross-functional departments that may be impacted.

##### **Final decision**

If the company has a chief information security officer (CISO), that individual will likely decide.&amp;nbsp;If not, companies must trust their security professionals’ ability to use and understand the product.&amp;nbsp;

### How much does SIEM software cost?

Potential growth should be considered if the buyer chooses a cloud-based SIEM tool that offers pricing on the SaaS pay-as-you-use model. Some solutions are inexpensive at the start and offer affordable, low-tier pricing. Alternatively, some may rapidly increase pricing and fees as the company and storage need to scale. Some vendors provide permanently free backup products for individuals or small teams.

**Cloud SIEM_:_** SIEM as a service pricing may vary, but it traditionally scales as storage increases. Additional costs may come from increased features such as automated remediation, security orchestration, and integrated threat intelligence.&amp;nbsp;

**On-premises SIEM:** On-premises solutions are typically more expensive and require more effort and resources. They will also be more costly to maintain and require dedicated staff. Still, companies with high compliance requirements should adopt on-premises security regardless.&amp;nbsp;

#### Return on Investment (ROI)

Cloud-based SIEM solutions will provide a quicker ROI, similar to their lower average cost. The situation is pretty cut and dry since there is much lower initial investment and lower demand for dedicated staffing.&amp;nbsp;

However, for on-premises systems, the ROI will depend on the scale and scope of business IT systems. Hundreds of servers will require hundreds of sensors, potentially more, as time wears on computing equipment. Once implemented, they must be operated and maintained by (expensive) security professionals.



