Produkty na trhu

Nabídka produktů SIEM je v současnosti již značně široká. Poslední hodnotící zpráva „Magic Quadrant“ firmy Gartner z května minulého roku obsahuje analýzu šestnácti výrobců nástrojů SIEM. Mezi výborně hodnocené pokročilé nástroje SIEM patří produkty McAfee ESM, IBM QRadar, HP ArcSight, LogRhytm a Splunk. Vybrat nejlepší produkt, který by byl vhodný pro každého, však není možné, vždy záleží na specifických požadavcích zákazníka, rozsahu zamýšlené implementace a finančního rozpočtu projektu.

IBM QRadar dashboardRSA SA - modul paketové analýzy
IBM QRadar dashboard                                                             RSA SA - modul paketové analýzy

NázevPopis
ArcSight HPMicro Focus ArcSight is a cyber security product, first released in 2000, that provides big data security analytics and intelligence software for security information and event management (SIEM) and log management. ArcSight is designed to help customers identify and prioritize security threats, organize and track incident response activities, and simplify audit and compliance activities. ArcSight became a subsidiary of Hewlett-Packard in 2010. It was merged with Micro Focus on September 1, 2017.
QRadar IBMIBM® QRadar® Security Information and Event Management (SIEM) helps security teams accurately detect and prioritize threats across the enterprise, and it provides intelligent insights that enable teams to respond quickly to reduce the impact of incidents. By consolidating log events and network flow data from thousands of devices, endpoints and applications distributed throughout your network, QRadar correlates all this different information and aggregates related events into single alerts to accelerates incident analysis and remediation. QRadar SIEM is available on premises and in a cloud environment.
SplunkSplunk je softwarový produkt společnosti Splunk Inc., který je určen pro sběr a analýzu tzv. strojových dat. Na základě výsledků analýzy je pak možné např. predikovat chování systémů a uživatelů, sledovat trendy návštěvnosti a prodejnosti, upozorňovat na blížící se bezpečnostní incident, předvídat zemětřesení atd.
LogRhytmLogRhythm, Inc. is an American security intelligence company that unifies Security Information and Event Management (SIEM), log management, network and endpoint monitoring and forensics, and security analytics. LogRhythm claims to help customers detect and respond quickly to cyber threats before a material breach occurs
CyberArkCyberArk is a publicly traded information security company offering Privileged Account Security. The company's technology is utilized primarily in the financial services, energy, retail, healthcare and government markets. As of February 12, 2020 CyberArk had over 5,300 customers, including more than 50 percent of the Fortune 500 and more than 35 percent of the Global 2000. CyberArk is headquartered in Petah Tikva, Israel, with U.S. headquarters located in Newton, Massachusetts. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan.
Invea FlowmonVypořádejte se s anomáliemi ve vaší síti. Rozhodujte a plánujete sebevědomě, s potřebnými informacemi vždy na dosah. Napříč on-premise, virtuálním i cloudovým prostředím. S Flowmonem máte kontrolu ve svých rukách.
Traffic shaperTraffic shaping is a bandwidth management technique used on computer networks which delays some or all datagrams to bring them into compliance with a desired traffic profile.Traffic shaping is used to optimize or guarantee performance, improve latency, or increase usable bandwidth for some kinds of packets by delaying other kinds. It is often confused with traffic policing, the distinct but related practice of packet dropping and packet marking.
NetWitnessNetWitness Corporation was a Reston, Virginia-based network security company that provides real-time network forensics and automated threat analysis solutions. Its flagship product was NetWitness NextGen. In 2011, NetWitness was acquired by EMC Corporation and later integrated into the line of products at RSA Security