Alternatives to iSecurity SIEM / DAM Support
Compare iSecurity SIEM / DAM Support alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to iSecurity SIEM / DAM Support in 2026. Compare features, ratings, user reviews, pricing, and more from iSecurity SIEM / DAM Support competitors and alternatives in order to make an informed decision for your business.
-
1
ManageEngine Log360
Zoho
Detect, investigate, and resolve security incidents and threats using a single, scalable SIEM solution. Log360 provides you with actionable insights and analytics-driven intelligence for real-time security monitoring, advanced threat detection, incident management, and behavioral analytics-based anomaly detection. Built as the bedrock for your SOC, ManageEngine Log360 comes with out-of-the-box correlation and workflow rules, dashboards, reports, and alert profiles to help you address vital security issues with little manual intervention. -
2
ConnectWise SIEM
ConnectWise
ConnectWise SIEM (formerly Perch) offers threat detection and response backed by an in-house Security Operations Center (SOC). Defend against business email compromise, account takeovers, and see beyond your network traffic. Our team of threat analysts does all the tedium for you, eliminating the noise and sending only identified and verified treats to action on. Built with multi-tenancy, ConnectWise SIEM helps you keep clients safe with the best threat intel on the market.Starting Price: $10 per month -
3
iSecurity AP-Journal
Raz-Lee Security
iSecurity AP-Journal protects business-critical information from insider threats and from external security breaches, and notifies managers of any changes to information assets and streamlines IBM i journaling procedures. iSecurity AP-Journal logs the who, what, when and which of activities. It logs database access (READ operations) directly into the journal receivers, which is not provided by IBM i journaling and is an important component of compliance. Monitors changes to objects, application files and members. Supports periodic file structure changes to application files. Enables monitoring application files across changes to file structures. Programmable field-specific exit routines. Real-time alerts indicating changes in business-critical data; these application alerts are activated by user-defined thresholds. Comprehensive reports displaying all application changes on a single timeline in various formats. -
4
iSecurity Audit
Raz-Lee Security
iSecurity Audit enhances native IBM i auditing by monitoring and reporting on all activities in the IBM i environment. It employs real-time detection to identify security events as they occur and record details in a log file. Audit logs can be displayed in simple, graphical formats with accompanying explanations for each entry to aid quick interpretation of statistical information. More importantly, real-time detection triggers alerts and/or takes immediate corrective action. iSecurity Audit is the only security auditing product available for the IBM i that is designed from the ground up for ease-of-use by non-technical personnel such as outside auditors and managers. Audit is a cutting-edge security auditing application that examines events in real time, and triggers alerts and other responsive actions to potential threats. It contains a powerful report generator with over one hundred pre-fabricated built-in reports. -
5
Monitor your IBM i for critical security events and receive real-time notifications, so you can respond quickly—before important business information is deleted, corrupted or exposed. Send security-related events directly to your enterprise security monitor. Through integration with your security information and event management (SIEM) console, Powertech SIEM Agent simplifies and centralizes security and integrity monitoring. Monitor security-related events from the network, operating system, and any journal or message queue in real-time, including changes to user profiles and system values, invalid login attempts, intrusion detections, and changed or deleted objects. Maintain awareness of every security event on your system in real-time so you never miss a potential security breach. Powertech SIEM Agent for IBM i will provide alerts to ensure critical issues are escalated.
-
6
iSecurity Safe-Update
Raz-Lee Security
iSecurity Safe-Update protects IBM i business critical data against updates by unauthorized programs. Such programs are those who come from a library which is not used to store production programs, file editors, DFU and Start SQL (STRSQL). It ensures that updates are made by pre-confirmed programs or by programs that are not known as file editors. Government and industry regulations, including Sarbanes-Oxley (SOX), GDPR, PCI, and HIPAA, stipulate measures that companies must take to ensure proper data security and monitoring. They require that only specifically permitted programs can make updates to business-critical data in production environments. Safe-Update guards against unauthorized updates by dangerous programs – programs were not designed for the organization’s business rules and do not comply with them. If an unauthorized update is attempted, a window appears requesting the entry of a ticket. -
7
Alert Catcher
Softlist
Automate Incident Alerting. Alert Catcher allows you to consolidate and automate alerts that emanate from mission-critical systems (SIEM/EMS). All alerts and notifications can be customized on the basis of preference, with escalations creating tickets in Jira Service Desk. For department of Information Security Management. For owners of the Jira Service Desk platform, as well as departments, processing applications from external information systems. For IT and / or software development department. Custom endpoint for creating/updating incidents Custom restrictions for creating/updating incidents Ability to group incidents by rule and create problems Connection types for 3-rd party systems Workflow extensions for Jira Connection types for bi-directional integrations. Integrate with a wide range of SIEM / EMS systems. For identification of demands from third party systems in Alert Catcher, there is created the additional entity - connection.Starting Price: $10 per user, one-time payment -
8
Assuria ALM-SIEM
Assuria
ALM-SIEM ingests industry-leading Threat Intelligence feeds, automatically enriching log and event data with key intelligence from these external watchlists and threat data. ALM-SIEM also enriches the Threat Intelligence data feed with additional user-defined threat content, such as specific client context information, white lists etc, further enhancing threat-hunting services. ALM-SIEM is delivered with comprehensive out-of-the-box security controls, threat use cases, and powerful alerting dashboards. Automated analytics using these built-in controls and threat intelligence feeds provides immediately enhanced security defenses, visibility of security issues and mitigation support. Compliance failures also become evident. ALM-SIEM is delivered with comprehensive alerting and operational dashboards to support threat and audit reporting, security detection and response operations and analyst threat-hunting services. -
9
iSecurity Firewall
Raz-Lee Security
iSecurity Firewall is a comprehensive, all-inclusive intrusion prevention system that secures every type of internal and external access to the IBM i server. It enables you to easily detect remote network accesses and, most importantly, implement real-time alerts. Firewall manages user profile status, secures entry via pre-defined entry points and IBM i file server exit points, and profiles activity by time. Its “top-down” functional design and intuitive logic creates a work environment that even iSeries novices can master in minutes. Protects all communication protocols (including SQL, ODBC, FTP, Telnet, SSH, and Pass-through). Intrusion Prevention System (IPS) with real-time detection of access attempts. Precisely controls what actions users may perform after access is granted – unlike standard firewall products. Protects both native and IFS objects – all of your databases are secured. -
10
iSecurity Field Encryption
Raz-Lee Security
iSecurity Field Encryption protects sensitive data using strong encryption, integrated key management and auditing. Encryption is vital for protecting confidential information and expediting compliance with PCI-DSS, GDPR, HIPAA, SOX, other government regulations and state privacy laws. Ransomware attacks any file it can access including connected devices, mapped network drivers, shared local networks, and cloud storage services that are mapped to the infected computer. Ransomware doesn’t discriminate. It encrypts every data file that it has access to, including the IFS files. Anti-Ransomware quickly detects high volume cyber threats deployed from an external source, isolates the threat, and prevents it from damaging valuable data that is stored on the IBM i while preserving performance. -
11
Corner Bowl Server Manager
Corner Bowl Software Corporation
SIEM, Log Management, Server Monitoring and Uptime Monitoring Software for Less! Industry leading free and responsive phone and remote session support when you need it the most. Get compliant by centrally storing Event Logs, syslogs and application logs from any system or device. Receive real-time notifications when users login, accounts are locked out and accounts are changed. Satisfy auditing requirements such as JSIG and NIST with our out-of-the-box SIEM and security reports. Monitor server resources such as CPU, memory, disk space, directory size and process specific resource consumption. Restart services, kill processes, remote launch custom scripts and fire SNMP Traps. Generate file and directory user access audit reports. Receive SNMP Traps, monitor SNMP Get values and much more. Get real-time notifications when network performance degrades below acceptable performance thresholds. Monitor web, email, database, FTP, DNS and Active Directive servers. Monitor Docker Containers.Starting Price: $20 one-time fee -
12
NXLog
NXLog
Achieve complete security observability with powerful insights from your log data. Improve your infrastructure visibility and enhance threat prevention with a versatile multi-platform tool. With support for over 100 operating system versions and more than 120 configurable modules, gain comprehensive insights and increased security. Cut the cost of your SIEM solution by reducing noisy and unnecessary log data. Filter events, truncate unused fields, and remove duplicates to increase the quality of your logs. Collect and aggregate logs from systems across the entire breadth of your organization with a single tool. Reduce complexity in managing security-related events and decrease detection and response times. Empower your organization to meet compliance requirements by centralizing some logs in an SIEM and archiving others in your long-term storage. NXLog Platform is an on-premises solution for centralized log management, with versatile processing. -
13
Anlyz Cyberal
Anlyz
A unique analytics module set-up easily on existing SIEM, which operates as an analytical machine ensemble to produce data to identify known and unknown threats proactively. This version of Anlyz SIEM acts as a compressed analytical layer to gain insights from existing SIEM without an overhaul of existing information security arena. Anlyz SIEM is also available as a complete, sophisticated threat intelligence SIEM with integrated UEBA/UBA capabilities providing advance visibility, detection and investigation capabilities across the board. Real-time intelligence to help security teams scrutinize threats proactively with contextual insights to detect and identify inside or outside threat attackers. Unparalleled analytics capability without any parametric constraints and highly scalable (unlimited data lake); enables analysts to zoom into and protect against threats based on priority and policy. -
14
IBM QRadar SIEM
IBM
Market-leading SIEM built to outpace the adversary with speed, scale and accuracy As digital threats loom large and cyber adversaries grow increasingly sophisticated, the roles of SOC analysts are more critical than ever. Going beyond threat detection and response, QRadar SIEM enables security teams face today’s threats proactively with advanced AI, powerful threat intelligence, and access to cutting-edge content to maximize analyst potential. Whether you need cloud-native architecture built for hybrid scale and speed or a solution to complement your on-premises infrastructure, IBM can provide you with a SIEM to meet your needs. Experience the power of IBM enterprise-grade AI designed to amplify the efficiency and expertise of every security team. With QRadar SIEM, analysts can reduce repetitive manual tasks like case creation and risk prioritization to focus on critical investigation and remediation efforts. -
15
empow
empow
If you had to invent the perfect SIEM from scratch it would combine a rules-free engine and a voluminous and continually updated database of threats. Well, the dream SIEM is here today. empow uses its proprietary AI and natural language processing to read the minds of attackers and determine the intent of each kernel of IP data. This power is now integrated with Elastic’s database and search capabilities. Think of it as an integrated “i-SIEM empowered by Elastic" - bringing enterprises a single place to manage all of their IT and data security functions. It’s a scalable data lake solution, with empow’s SIEM serving as an active infrastructure brain that detects, confirms and prevents attacks before they do harm. -
16
ZeroHack SIEM
WhizHack
ZeroHack SIEM centralizes logging and security event monitoring, enhancing security management with real-time alerts and insights. It aggregates data from various IT sources, enabling real-time monitoring and proactive defense against cyber threats. ZeroHack SIEM provides an in-depth view of network activities. By aggregating log and event data from various sources, it helps security teams understand the full scope of potential threats. ZeroHack SIEM seamlessly integrates data from diverse sources such as firewalls, switches, etc. This comprehensive data collection ensures that no potential threat goes unnoticed. Enjoy uninterrupted protection against evolving threats with seamless scalability and optimal performance, even under heavy loads. Choose from on-premises, cloud-based, or hybrid deployment options, tailored to your organization's specific requirements. -
17
TeskaLabs SIEM
TeskaLabs
A state-of-the-art tool for security information and event management. A security surveillance tool that allows you to automatically monitor, correlate, and evaluate security events and create reports in real-time. TeskaLabs SIEM will bring a central overview of the entire company infrastructure and early detection helps eliminate risks and their possible effects on the operation of your company. TeskaLabs SIEM will always be one step ahead of potential threats and you will gain absolute supervision. TeskaLabs is a cybersecurity expert and therefore all our products meet the security standards of your company. TeskaLabs SIEM ensures regulatory compliance with legislation covering Cyber Security, GDPR, and ISO 27001:2013. Automated real-time detection and reporting of known incidents and anomalies will allow you to quickly react and prioritize the solution to individual incidents. Time savings allow you to proactively search for potential threats. -
18
StratoZen
ConnectWise
Cut the cost and reduce the complexity of delivering cybersecurity with StratoZen. MSPs require the best in cybersecurity to keep their clients secure. ConnectWise now offers StratoZen co-managed SIEM solutions and SOC-as-a-Service that integrate with your current security offerings to closely monitor and work within your system. StratoZen was built with service providers in mind, offering unmatched flexibility and high levels of accuracy—so you can take your security practice to the next level. Enjoy the benefits of a comprehensive SIEM-as-a-service solution that’s fully hosted in the cloud—without the hassle or high expense. SIEM systems and output are complex. A co-managed SIEM does all the heavy lifting for you—so you always get the highest level of both value and security. Avoid the headache that comes with building and maintaining an in-house Security Operations Center (SOC) with StratoZen’s flexible SOC options. -
19
Securonix Unified Defense SIEM
Securonix
Built on big data, Securonix Unified Defense SIEM combines log management, user and entity behavior analytics (UEBA), and security incident response into a complete, end-to-end security operations platform. It collects massive volumes of data in real-time, uses patented machine learning algorithms to detect advanced threats, and provides artificial intelligence-based security incident response capabilities for fast remediation. The Securonix platform automates security operations while our analytics capabilities reduces noise, fine tunes alerts, and identifies threats both inside and out of the enterprise. The Securonix platform delivers analytics driven SIEM, SOAR, and NTA, with UEBA at its core, as a pure cloud solution without compromise. Collect, detect, and respond to threats using a single, scalable platform based on machine learning and behavioral analytics. With a focus on outputs, Securonix manages the SIEM so you can focus on responding to threats. -
20
Polar SIEM
Polar Bear Cyber Security Group
Securing data with a wide range of unintegrated security solutions causes a large volume of security reports exclusive to each, a high volume of produced alerts, and inconsistent and incorrect reports which in turn bring about attack prediction, detection, and response failures. Covering all these security needs without making fundamental changes in the structure of the systems, an advanced SOC is needed to be designed to enable 7/24 monitoring and controlling the data flow in-an-outside the organization which in turn requires powerful SIEM tools. Polar SIEM and its modules in the following is the one produced to receive, monitor and analyze the most diverse events. -
21
Huntsman SIEM
Huntsman Security
Trusted by defence agencies and government departments, as well as businesses globally, our next generation Enterprise SIEM is an easy to implement and operate cyber threat detection and response solution for your organisation. Huntsman Security’s Enterprise SIEM incorporates a new easy-to-use dashboard, featuring the MITRE ATT&CK® framework for SOC or IT teams to detect threats and identify and classify their type and severity. As the sophistication of cyber-attacks continues to increase, threats are inevitable – that’s why we have worked to develop responsive in-stream processes, reduced hand-off time, and stronger overall speed and accuracy of threat detection and management, in our next generation SIEM. -
22
SureLog
Surelog
SureLog SIEM. Capabilities. SureLog Enterprise SIEM is a next-generation log and event management reporting platform that analyzes log event data in real time to detect and prevent security attacks. By consolidating events from all log sources, SureLog Enterprise correlates and aggregates events into normalized alerts to spot cyber security threats and instantly notifies your IT & security teams. SureLog includes advanced SIEM capabilities like real-time event management, entity and user behaviour analytic, machine learning, incident management, threat intelligent and reporting. SureLog enterprise has more than 2000 out-of-box correlations rules for broad selection of security, privacy and compliance use cases. Use Cases. Gain full visibility into logs, data flow, and events across on-premises, IoT, and cloud environments. Satisfy regulatory compliance with pre-built reports including PCI, GDPR, HIPAA, SOX, PIPEDA, OSFI and more. Automatically detect threats -
23
Tarsal
Tarsal
Tarsal's infinite scalability means as your organization grows, Tarsal grows with you. Tarsal makes it easy for you to switch where you're sending data - today's SIEM data is tomorrow's data lake data; all with one click. Keep your SIEM and gradually migrate analytics over to a data lake. You don't have to rip anything out to use Tarsal. Some analytics just won't run on your SIEM. Use Tarsal to have query-ready data on a data lake. Your SIEM is one of the biggest line items in your budget. Use Tarsal to send some of that data to your data lake. Tarsal is the first highly scalable ETL data pipeline built for security teams. Easily exfil terabytes of data in just just a few clicks, with instant normalization, and route that data to your desired destination. -
24
LogPoint
LogPoint
Get a simple and fast security analytics implementation, along with a user-friendly interface that can be integrated with an entire IT infrastructure with LogPoint. LogPoint’s modern SIEM with UEBA provides advanced analytics and ML-driven automation capabilities that enable their customers to securely build-, manage, and effectively transform their businesses.They have a flat licensing model, based on nodes rather than data volume. This helps to reduce the cost of deploying a SIEM solution on-premise, in the cloud or even as an MSSP. The solution integrates easily with all devices in your network, giving a holistic and correlated overview of events in your IT infrastructure. LogPoint’s Modern SIEM solution translates all data into one common language, making it possible to compare events across all systems. Having a common language makes it both very easy and efficient to search, analyze and report on data. -
25
Exabeam
Exabeam
Exabeam helps security teams outsmart the odds by adding intelligence to their existing security tools – including SIEMs, XDRs, cloud data lakes, and hundreds of other business and security products. Out-of-the-box use case coverage repeatedly delivers successful outcomes. Behavioral analytics allows security teams to detect compromised and malicious users that were previously difficult, or impossible, to find. New-Scale Fusion combines New-Scale SIEM and New-Scale Analytics to form the cloud-native New-Scale Security Operations Platform. Fusion applies AI and automation to security operations workflows to deliver the industry’s premier platform for threat detection, investigation and response (TDIR). -
26
Omega Core Audit
DATAPLUS
Your Oracle database is usually the company’s most valuable informational assets, containing data on customers, partners, transactions, financial and much more. With the advent of the information age, millions of such records are now owned by even medium and relatively small companies. Database security has become one of the top concerning priorities of the companies that need to comply with more internal and external regulatory compliance practices and standards, that require stronger information security controls. Omega Core Audit is an out-of-box, software-only security and compliance solution that addresses the above compliance issues by providing Access Control, Continuous Audit Monitoring and Real-Time Protection, thus enforcing duty separation, control of privileged accounts and meeting compliance requirements. With built-in support for Splunk SIEM and GrayLog SIEM.Starting Price: $1499 USD -
27
iSecurity Anti-Ransomware
Raz-Lee Security
Advanced Ransomware Threat Protection for IFS. Anti-Ransomware iSecurity Anti-Ransomware protects against ransomware attacks and other kinds of malware that may access and change IBM i data on the IFS. It prevents ransomware from damaging valuable data while preserving performance. Today’s IBM i is no longer an isolated system. It is connected to other databases through networked systems and connectivity. Businesses are encouraged to open up their IBM i servers and to use APIs, microservices, and modern user interfaces to leverage the data and business processes they contain. The data stored on the IFS is like any other file that the mapped PC can access. Ransomware attacks any file it can access including connected devices, mapped network drivers, shared local networks, and cloud storage services that are mapped to the infected computer. Ransomware doesn’t discriminate. It encrypts every data file that it has access to, including the IFS files. -
28
Security Blue Team
Security Blue Team
Security Blue Team delivers practical, hands‑on defensive cybersecurity training and certifications designed to develop the skills of aspiring and established security professionals worldwide. Its core offerings include the Blue Team Level 1 Junior Security Operations certification, covering phishing analysis, digital forensics, threat intelligence, SIEM usage, and incident response across eight domains in approximately 30 hours; the Blue Team Level 2 Advanced Security Operations certification, focusing on malware analysis, threat hunting, vulnerability management, and advanced SIEM emulation over six domains in roughly 50 hours; and the SecOps Manager certification, which teaches planning, building, and maturing security operations teams through six comprehensive domains. Learners engage with gamified labs, biweekly challenges, and real‑world capstone projects via the Blue Team Labs Online platform to apply concepts in cloud environments and downloadable scenarios.Starting Price: $538.11 one-time payment -
29
SentryXDR
Logically
Logically’s award-winning SOC-as-a-Service is light-years beyond your average SIEM. Get next-level visibility, threat detection, and actionable intelligence across your network. SentryXDR leverages machine learning and AI to analyze, correlate, detect, and respond to known and unknown threats without the additional time and expense of hiring and training an in-house security team. At Logically, we see organizations struggle with increasingly complex IT infrastructures made even more challenging by rapidly evolving cyber threats and a lack of human resources. SentryXDR combines powerful SIEM technology driven by AI and machine learning (ML) with a SOC team to deliver relevant, actionable alerts in real time and bridge gaps in your organization’s cybersecurity. In today’s data-dependent business environments, cyber threats are a 24/7/365 reality. -
30
LogMan.io
TeskaLabs
TeskaLabs Logman.io is a modern and effective tool for log management, collection, archiving, and log analysis. Scalable Log Management can be easily upgraded to the full-scale tool TeskaLabs SIEM (security information and event management). Be always one step ahead of all potential threats and achieve a total overview of the security of your IT infrastructure. Thanks to timely and clear threat detection, TeskaLabs LogMan.io protects important data and sensitive information. TeskaLabs is a cybersecurity expert and therefore all our products meet the security standards of your company. LogMan.io ensures regulatory compliance with legislation covering cyber security and GDPR. Logman.io can grow with your needs. It can be easily upgraded to TeskaLabs SIEM. You can promptly get a central essential overview of the entire IT infrastructure, a full-scale tool for threat modeling, risk management, and vulnerability scanning. -
31
OpenText Core EDR
OpenText
OpenText Core EDR is an all-in-one endpoint detection and response solution that unifies endpoint protection, SIEM (security information and event management), SOAR (security orchestration, automation, and response), alert triage, and vulnerability assessment into a single platform, eliminating the need to manage disparate security tools. It uses a lightweight agent with pre-configured policies, enabling deployment in minutes and simplifying management across devices without complex scripting. By correlating endpoint, network, and identity events in real time, built-in SIEM and SOAR playbooks surface suspicious behavior and automatically guide containment, remediation, and investigation actions. Continuous, global threat intelligence powers real-time monitoring, helping detect malware, ransomware, zero-day attacks, and other advanced threats before they spread, and enabling rapid isolation or remediation of compromised endpoints. -
32
Juniper Secure Analytics
Juniper Networks
Juniper Secure Analytics is a leading security information and event management (SIEM) system that consolidates large volumes of event data in near real-time from thousands of network devices, computing endpoints, and applications. Using big data analytics, it transforms the data into network insights and a list of actionable offenses that accelerate incident remediation. Juniper Secure Analytics is an essential part of the Juniper Connected Security portfolio, which extends security to every network point of connection to protect users, data, and infrastructure against advanced threats. A virtual security information and event management (SIEM) system that collects, analyzes, and consolidates security data from global networked devices to quickly detect and remediate security incidents. -
33
IBM i Security Suite
Fresche Solutions
The Fresche IBM i Security Suite is a comprehensive, cloud-compatible security, auditing, and intrusion detection platform designed specifically for IBM i environments to protect against ransomware, cybercrime, and data theft by increasing governance, compliance, and operational efficiency. It monitors critical exposure points, including IFS files, network connectivity (ODBC, FTP, web apps, sockets), and exit points, providing real-time notifications, lockdown controls, and pre-defined compliance reports. The suite delivers centralized management through a modern dashboard with visual monitoring, privilege escalation configuration, network access controls, and over 360 built-in compliance reports, while offering user profile management, access escalation, inactive session lockdown, and privileged access oversight to safeguard assets. Advanced capabilities include intrusion detection with SIEM integration, and field-level encryption/masking with sensitive field identification.Starting Price: $833 per month -
34
Unizo
Unizo
Unizo is an integration fabric for cybersecurity, IT, and AI platforms. It provides Unified APIs, Webhook Exchange, and MCP server support across 150+ vendors including EDR, SIEM, IAM, vulnerability management, ticketing, and cloud security tools. Security and DevOps product teams use Unizo to ship 40+ integrations in weeks, eliminate maintenance overhead, and deliver AI-ready normalized data. SOC 2 Type II certified. -
35
ConnectProtect Managed Detection and Response
Secon Cyber
Choosing to outsource SIEM and SOC services to ConnectProtect® MDR enables your organisation to take advantage of SIEM and an experienced SOC to quickly provide your organisation with the knowledge and skills to reduce risk and effectively combat cyber threats. Through a combination of state-of-the-art technology and genuine human insight, you can get skilled security expertise at the turn of a key. Our simple and rapid onboarding process enables you to start realising value with minimal impact on your internal IT/Security teams. 24x7x365 monitoring of your secure access layers to help address the gap between automation and user awareness and alert you when something does slip through. We'll give you the management information (MI) to give you the confidence that things are working and improving. Let us help you embrace the benefits of ConnectProtect® Managed Detection and Response. -
36
Integrate and automate best-of-breed data security solutions. Take control of your destiny. With Seclore’s Data-Centric Security Platform you can unify best-of-breed Data-Centric Security solutions into a cohesive, automated framework without added integration costs. While DLP, Classification, and Rights Management each have their strengths, together they ensure documents are properly protected and tracked wherever they travel. And let’s not forget your existing Enterprise systems! EFSS, eMail, ECM, Directories, and SIEM can be easily added to the framework to further automate the process. Seamlessly unite best-in-class DLP, Data Classification, Rights Management and SIEM systems into an automated process for superior information security without added integration costs. The Seclore Unified Policy Manager enables you to orchestrate identity management, policy management, connectivity, encryption, and the collection of document usage insights.
-
37
Lucidum
Lucidum
Your attack surface is not just what’s connected to the internet, it’s not just your IOT or endpoints, it’s everything. Other CAASM providers want to replace your SIEM or upgrade your spreadsheet. We don’t disrupt your workflow, we serve it, we don’t fight your SIEM, we fit it. Lucidum opens your eyes to the main sources of data loss, security incidents, and mismanagement. You’ll get amazing value out of 4-6 connections. But we don’t charge for connectors or ingestion, hook them all up. Directly inject our CAASM into your SIEM. Cut costs through significantly reduced ingestion and streamlined computing. We empower cybersecurity professionals with CAASM-driven insights to map, manage, and monitor every cyber asset, enhancing their ability to uncover hidden threats and mitigate risks. By leveraging the combined strength of CAASM for comprehensive asset visibility and AI for predictive analytics and automation, we offer unprecedented control over the technology landscape. -
38
Abacode Cyber Lorica
Abacode
Abacode’s 24/7/365 managed threat detection and response solution, Cyber Lorica™, is a product-agnostic monthly subscription service that utilizes industry-leading Security Information & Event Management (SIEM) and AI Threat Detection software with our in-house Security Operations Center (SOC) to determine real-time visibility of your entire threat landscape. Cyber Lorica™ is an advanced level of protection that detects and responds to potential security incidents around the clock from our Security Operations Center (SOC). Our platform offers custom-built security, monitored 24/7/365, by industry leading experts. SIEM and AI Threat Detection software that monitors your on-premises and cloud network devices. Managed network surveillance provided by trained IT Security Operations Center (SOC) Analysts who manage various threat detection platforms and enact incident escalation protocols. Threat exchange communities that enable sharing web reputation information. -
39
AppProfileSafe
IT-Consulting Kinner
AppProfileSafe is an enterprise-grade Windows tool for application-level backup and restore of Registry data, files, and NTFS ACLs. Unlike USMT (deprecated since Windows 11 24H2), it operates per application using XML-based App Definitions — backing up exactly what each app needs, nothing more. Features include dry run simulation with diff reports showing every Registry key, file, and ACL that would change before committing. A tamper-evident HMAC hash-chained audit trail records every operation with integrity verification. The path mapping engine rewrites Registry and file paths when usernames or drive letters differ between source and target. The Community Edition is free forever — full GUI, unlimited apps, simulation, mapping, and audit logging. No registration, no time limit. Enterprise adds CLI automation, SIEM integration (CEF, LEEF, JSON, Syslog), compliance reporting, and a redaction engine. Built on .NET 8 for Windows 10/11 and Server 2016–2025.Starting Price: €8/month/user -
40
CylusOne
Cylus
Ensures optimal security and smooth rail operations. Protects the critical assets through security monitoring of the signaling and control networks, including trackside devices, interlocking, and managing workstations. Provides protection from cyber threats such as malicious insiders, misconfigurations, or hidden communications. Provides complete visibility into the signaling network, from the network’s topology to the granular level of each and every asset. This in-depth view eliminates blind spots, reveals asset connections, and classifies redundant ones. CylusOne is easily operated by security or rail professionals and seamlessly integrates into the rail OCC or SIEM environment, where alerts are managed. The dashboard provides access to all the incidents’ data, with drill-down capabilities, forensics tools, actionable insights, mitigation procedures, and reporting options, to create and execute an effective response plan. -
41
Avertium
Avertium
Expanding endpoints, cloud computing environments, accelerated digital transformation, and the move to work from home have decimated the perimeter in an ever-expanding attack surface. You can monitor your SIEM all day, but if your network has structural problems, your SIEM will only go so far. Shoring up your defenses requires knowledge of your entire attack surface, integrated technologies, as well as proactive action that addresses potential points of exposure. Visualize your attack surface through our in-depth onboarding diagnostic. Leverage cyber threat intel (CTI) to understand your most likely attack scenarios. Get clarity of how to begin remediation efforts without compromising business continuity. Avertium’s approach arms companies with the strategic insight needed to drive board-level decisions, blending tactical action with a big-picture approach that protects business-critical assets. -
42
Axoflow
Axoflow
Axoflow, the Security Data Layer is the foundation for your SIEM and analytics tools enabling the use of AI, up to 70% faster investigations, and more than 50% reduction in SIEM spend by feeding them with actionable data. Axoflow Platform is built up of the following parts: A pipeline acting as the transportation layer for your security data and also acting as an automated ‘translator’ between data schemas. AI - If you prefer to run your detection content locally - whether it’s an AI or ML model, a threat intel lookup, or another type of enrichment - we’ve got you covered. Storage solutions to facilitate the cost-effective storage of security data and also acting as local storage to run your decentralized detection. Orchestration to weave all of the parts together in an easy-to-use GUI that lets youmonitor and manage, and control and search your data. -
43
Legion
Castle Shield
Our patented IP has been proven to scale for billions of security events from thousands of customers, in real-world security environments. Castle Shield’s solution utilizes a leading-edge log collection engine with robust correlation and analysis as well as a multi-tenant SIEM Platform. Multi-tenancy allows our customers to employ one Security Analyst per 100 customers. Our solution begins the process of a single pane of glass analysis required to monitor and manage numerous environments to achieve cybersecurity awareness. Our solution is flexible and can be installed in the provider’s local (cloud) environment allowing complete control while adhering to chain of custody concerns to meet established forensic investigation standards. The customer benefits from a scalable multi-tenant platform, delivering security products and remediation services in a cost-effective manner.Starting Price: $1000/month -
44
DNIF HYPERCLOUD
DNIF
DNIF provides a high value solution by combining technologies such as the SIEM, UEBA and SOAR into one product at an extremely low total cost of ownership. DNIF's hyper scalable data lake makes it ideal to ingest and store terabytes of data. Detect suspicious activity using statistics and take action before any damage occurs. Orchestrate processes, people and technology initiatives from a single security dashboard. Your SIEM will come built-in with essential dashboards, reports and response workflows. Coverage for threat hunting, compliance, user behavior monitoring and network traffic anomaly. In-depth coverage map with the MITRE ATT&CK and CAPEC framework. Maximize your logging capacity without fretting over costs—double, perhaps even triple your capacity with your existing budget. With the HYPERCLOUD, the fear of overlooking crucial information is a thing of the past. Log everything, leave nothing behind.Starting Price: $0.76/GB -
45
ELLIO
ELLIO
IP Threat Intel delivers real-time threat intelligence that helps security teams reduce alert fatigue and speed up triage in TIPs, SIEM & SOAR platforms. Available as an API for your SIEM/SOAR/TIP or as a local database for most demanding on-premise workloads. The feed provides detailed information on IP addresses observed in the last 30 days, including ports targeted by an IP. Updated every 60 minutes, it reflects the current threat landscape. Each IP entry includes context on event volume over the past 30 days and the most recent detection by ELLIO's deception network. Provides a list of all IP addresses observed today. Each IP entry includes tags and comments with context on targeted regions, connection volume, and the last time the IP was observed by ELLIO's deception network. Updated every 5 minutes, it ensures you have the most current information for your investigation and incident response.Starting Price: $1.495 per month -
46
Cydarm
Cydarm
Cydarm is a cybersecurity incident response management platform designed to help security operations teams coordinate and manage cyber incidents more effectively across an organization. It supports the full lifecycle of incident response, enabling teams to detect, analyze, investigate, respond to, and report on cybersecurity events within a unified environment. It functions as a secure case management system where alerts from different security tools can be consolidated, investigated, and tracked as incidents, providing visibility into threats occurring across a network. Cydarm integrates with existing security infrastructure such as SIEM systems, messaging tools, authentication platforms, and IT service management solutions, allowing alerts and cases to be created automatically and enabling teams to collaborate through their existing operational tools. -
47
Sumo Logic
Sumo Logic
Sumo Logic, Inc. helps make the digital world secure, fast, and reliable by unifying critical security and operational data through its Intelligent Operations Platform. Built to address the increasing complexity of modern cybersecurity and cloud operations challenges, we empower digital teams to move from reaction to readiness—combining agentic AI-powered SIEM and log analytics into a single platform to detect, investigate, and resolve modern challenges. Customers around the world rely on Sumo Logic for trusted insights to protect against security threats, ensure reliability, and gain powerful insights into their digital environments. Sumo Logic Cloud SIEM helps your team detect, investigate, and respond to threats with faster behavioral analytics and automation—powered by real-time data and logs-first intelligence. Sumo Logic UEBA baselines user and entity behavior in minutes—training models on historical data to reduce false positives and surface high-risk anomalies.Starting Price: $270.00 per month -
48
TheHive
StrangeBee
TheHive is a collaborative security case management platform that integrates with security tools such as SIEM, EDR, threat intelligence platforms and more, enabling security teams to manage alerts, conduct investigations and respond to incidents from a single interface. The platform works in conjunction with Cortex, an open-source engine also developed by StrangeBee to automate observable enrichment and response actions through an extensive library of analyzers and responders. Today, TheHive boasts 3500+ users worldwide, enabling them to centralize, automate and scale security operations and incident response across multiple teams, environments or clients. -
49
Fluency SIEM
Fluency Security
Managing Service Level Agreements (SLAs) can be a complex and time-consuming process, but with Fluency you can easily meet those obligations. We’re able to provide real-time log data processing with thousands of rules running simultaneously. This ensures that every element of your log is monitored as it happens rather than waiting on scheduled searches or manual input. With us on your side, meeting your SLA targets is easy! Fluency is the only SIEM that is fully compliant with Sigma, the open-source standard in SIEM rules. Fluency can run all Sigma rules simultaneously without a performance hit. There is no conversion of rules, nor is there a down-selection. The rules analyze data as it enters the system, always creating real-time alerts, meaning zero mean time to detection (MTTD). Fluency is even compatible with the proposed features of Sigma. This means that your analysts benefit from the largest community of open-source researchers for log analysis.Starting Price: $5 per asset per month -
50
DNSSense
DNSSense
DNSEye detects malicious traffic on your network and reports whether this traffic can be blocked by your other security devices. DNS is used by all protocols like HTTP, HTTPS, SMTP, and IoT. DNS traffic provides information about your entire network, regardless of its network protocol. With DNS tunnelling, data exfiltration attacks cannot be detected by DLP products. It requires DNS log analysis for an effective solution. 80% of malware domains currently do not have an IP address. Malware requests that do not have an IP address can only be detected in the DNS log. DNSservers generate a large number of difficult-to-understand logs. DNSEye enables the collection, enrichment, and AI-based classification of the DNS logs. With its advanced SIEM integration, it saves time and EPS by transferring to SIEM only the data that SOC teams need to see. DNSEye can collect logs from many different brands and models of DNS servers without the need for making any change in your network structure.Starting Price: $1000
