Who are the top rated SIEM vendors in the United States?

The top rated SIEM vendors are:

What is a SIEM vendor solution?

Security Incident and Event Management (SIEM) is a term used to describe solutions that allow for the collection and review of, or response to network and security logs. SIEM solutions may be used alone or integrated with 3rd party systems for security incident reporting as well. SIEM solutions are designed to collect as much data as possible, including both benign events and alerts which indicate potential or actual security incidents from all their information systems, automated tools, and security solutions to enable visibility into their environment to thwart attacks in real-time or to hunt for persistent threats.

Top rated SIEM vendors feature matrix table.
SIEM Vendors 1-6 matrix.
 TrustwaveCybriant NetsurionVikingCloudNTT Security ServicesCipher
Threat Detection and ResponseXXXXXX
Performance Monitoring  XXX 
Automation and OrchestrationX XXXX
Real-time Event CorrelationXXXXXX
Behavioral Analysis (AI & ML)XXXXXX
Automated ResponseXXX XX
Threat IntelligenceXXXXXX
Compliance Monitoring/ReportingXXXXXX
Security Training SolutionXX XX 
On-premisesXX  XX
CloudXXXXXX
HybridXXX XX
Global OperationsXXUS and IndiaXXX
Management of existing SIEM X   X
Deployment of 3rd party SIEM X   X
Proprietary SIEM platformX XXX 
Cloud log source integrationVia appliancesDepends on SIEMVia appliancesLog collection agentsVia appliancesDepends on SIEM

SIEM Vendors 6-12 matrix.
 ArmorPointBlueVoyantBulletproofConservaDimension DataDXC Technology
Threat Detection and ResponseXXXXXX
Performance MonitoringX  XXX
Automation and OrchestrationXX  XX
Real-time Event CorrelationXXXXXX
Behavioral Analysis (AI & ML)XXXXXX
Automated ResponseXX  X 
Threat IntelligenceXXXXXX
Compliance Monitoring/ReportingXXXXXX
Security Training SolutionXXXXX 
On-premisesX  XX 
CloudXXXXXX
HybridXXXXX 
Global Operations X  XX
Management of existing SIEM Azure Sentinel or Splunk XSplunk
Deployment of 3rd party SIEM Azure Sentinel or SplunkAlienVaultXSplunk
Proprietary SIEM platformX X   
Cloud log source integrationOn-premise via appliances or cloud-nativeOn-premise via agents, appliances, or cloud-nativeOn-premise via agents, appliances, or cloud-nativeOn-premise via agents, appliances, or cloud-nativeDepends on SIEMOn-premise via agents, appliances, or cloud-native
Best SIEM Solution list

Top rated SIEM vendors

SD WAN Readiness Assessment

Take the quiz, create your own personalized SASE Cybersecurity or SD WAN shortlist.

The simplest way for IT decision makers to shortlist Gartner SASE & SD WAN solutions vs your needs.

We've built self assessment quizzes to specifically help IT decision makers create their own unique vendor or managed provider shortlist.

Overview

What features should IT decision makers consider when comparing managed SIEM services?

Organizations looking to implement managed SIEM services are going to find a range of different offerings no matter where they go. One of the main things that sets apart the managed SIEM providers is the surrounding and complimentary offerings from that same provider. Knowing the trajectory of the provider’s product and service offerings is important from the beginning. This allows organizations to start long-term partnerships with providers that will be there for their current and future needs.

As with any product or service provider, organizations should be looking at vendors who provide the best solution for their business needs. For SIEM, this includes features like threat detection and response, incident management, event correlation, performance monitoring, log management, integration and automation capabilities. Also important to consider are compliance concerns that need to be addressed (for example, ability to meet and enforce retention requirements). Finally, managed security service providers who can offer complimentary services like penetration testing, secure software development, or forensic and incident response capabilities provide can provide more holistic coverage rather than simply offering a point solution.

Overview

Who are the top rated SIEM vendors?

The following is a list of SIEM vendors with a link to their Netify marketplace listing.

SIEM

1. Trustwave Managed SIEM

Trustwave is a provider of a comprehensive set of security services aimed at helping organizations who require a high level of security and desire to have it handled externally. Trustwave prides itself on their culture of innovation when new information, practices or policies are established. The managed services provided by Trustwave are backed by SpiderLabs threat hunters to provide top notch detection and response using their proprietary platform.

Trustwave’s managed SIEM is deployed as an on-premise physical appliance, or virtual appliance which can be on-premise or hosted in the cloud. All log sources are integrated using these appliances.

The Trustwave service offering is full of options and solutions for any organization. With so many options, Trustwave is can be an organization’s complete outsourced security operations center (SOC) while also providing preventative and responsive security measures as well as compliance monitoring and reporting.

Trustwave_SIEM

Resources and Downloadable Content

Request the very latest Trustwave data sheet PDF directly from your local account team. Please check your junk folder if not received.

Book a demo of the Trustwave SD WAN and SASE security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.

Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.

SIEM

2. Cybriant SIEM

Cybriant is a managed security service provider that can handle everything from extended detection and response (XDR) and managed SIEM to mobile and application security. This is a good resource for organizations who have an immediate need for managed XDR or SIEM, but who may later grow into needing a more complete suite of managed security services. Additionally, Cybriant has an in-depth training and education delivery platform that provides easy access to the tools an organization needs to ensure their frontline workforce is capable of maintaining an adequate security posture.

While Cybriant don’t actually have their own SIEM platform, their managed services can manage and monitor a customer’s existing SIEM platform, or they can include deployment of their own.

The managed SIEM services provided by Cybriant are full-featured with capabilities for advanced persistent threat detection and remediation, log and report optimization, and automated periodic health checks. This along with the complete portfolio of service offerings makes Cybriant stand out as a managed services solution any organization can benefit from, especially those looking to learn to take on more security responsibilities themselves as time goes on.

Cybriant_managed_siem

Resources and Downloadable Content
Request the very latest Cybriant data sheet PDF directly from your local account team. Please check your junk folder if not received.
Book a demo of the Cybriant security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
SIEM

3. Netsurion SIEM

Netsurion’s EventTracker is the core platform which through which they deliver their managed SIEM services, as well as other managed security services including threat hunting, endpoint security and vulnerability management. Netsurion uses open-source threat intelligence and while this may not sound as ‘sexy’ as an in-house threat intelligence team or subscribing to expensive commercial threat intelligence feeds, open-source intelligence is often the most up-to-date. Open-source intelligence can also be verified independently and more quickly than proprietary counterparts when it matters the most.

Netsurion’s SIEM uses log collection appliances to collect and analyze log sources from inside of your network. Coupled with Netsurion managed secure edge network solutions, Netsurion can be good fit for industries like retail and hospitality where organizations need to scale quickly but don’t have their own technical resources to deploy and manage viable network defenses.

Netsurion_Siem

Resources and Downloadable Content
Request the very latest Netsurion data sheet PDF directly from your local account team. Please check your junk folder if not received.
Book a demo of the Netsurion security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
SIEM

4. ControlScan/Viking Cloud SIEM

ControlScan’s managed security services are built on Viking Cloud. Viking Cloud offers SIEM-as-a-service along with their suite of managed security offerings. The Viking Cloud solution provides file security (File Integrity Management, FIM) and some more unique offerings like rogue wireless detection that looks for unauthorized access points or even skimmer devices, as well as data loss prevention (DLP) features that scan for unencrypted PII (Personally Identifiable Information). This is all offered on top of endpoint security, threat detection and response, and compliance management and monitoring capabilities.

Viking Cloud’s security solutions are delivered through their ‘cloud-native’ Asgard platform. Although the platform claims to be cloud-native, documentation suggests that log collection is facilitated through agents.

Viking Cloud is a great solution for an organization that needs a managed SIEM solution with a variety of security features and straight forward pricing plan. The services are offered in bundles which further emphasizes their dedication to simplifying the security needs for organizations.

Resources and Downloadable Content
Request the very latest ControlScan data sheet PDF directly from your local account team. Please check your junk folder if not received.
Book a demo of the ControlScan security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
SIEM

5. NTT Security Services SIEM

NTT is offering all the features of a managed SIEM, but do not clearly state that themselves (“SOC-as-a-service” is as close as it gets). With this in mind, their portfolio is larger than most on this list as it includes offerings blended with 3rd party products and services like managed cloud solutions, infrastructure solutions, global datacenter solutions, collaboration solutions as well as security solutions that include SOC-as-a-Service, threat detection and response, threat intelligence, and application security. Their breadth of their portfolio make them a formidable player in the managed security game.

NTT’s managed SIEM is deployed using log collection appliances, and managed in their customer portal. While this means that on-premise log collection may make compliance requirements like log retention a bit simpler, the solution’s position within their global customer portal likely means it isn’t going to be as flexible as other more tailored SIEM solutions.

NTT Security Services is known for being customer-focused. Customers report their needs being met effectively and with the minimal headache. As an example, they insist on providing no-downtime release processes. The breadth of their managed service portfolio combined with their personalized and consultative approach makes them great for organizations that need a lot of help to fully understand where they currently stand and how to get to where they’d like to be.

Resources and Downloadable Content
Request the very latest NTT Security Services data sheet PDF directly from your local account team. Please check your junk folder if not received.
Book a demo of the NTT Security Services security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
SIEM

6. Cipher Security SIEM

Cipher Security offers a comprehensive cybersecurity portfolio including managed SIEM. While their global SOCs have experience integrating with a customer’s existing SIEM solutions or deploying their managed services using industry-leading SIEM platforms like Splunk, the security services offered by Cipher go far beyond managed SIEM and go into a full suite of cybersecurity services offered by Cipher as well as physical security services offered by their parent organization, Prosegur. Cipher’s cybersecurity solutions include their “Red Team Services (RTS)” which allow for deep investigation, threat research, penetration testing, forensic analysis, incident response, and secure code review. Cipher’s position as both a security consultant and security systems integrator allows them to offer a comprehensive managed SIEM solution with unlimited scalability to support growth of an organization’s security posture and meeting all their security needs including governance, risk, and compliance (GRC) management, incident response, threat intelligence, and more.

As an overall provider, Cipher (and Prosegur) offers one of broadest ranges of security services (both cyber and physical) in one provider. This makes them a great place for security departments to turn for a one-stop-shop.

 

Resources and Downloadable Content
Request the very latest Cipher Security data sheet PDF directly from your local account team. Please check your junk folder if not received.
Book a demo of the Cipher Security security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
SIEM

7. ArmorPoint SIEM

ArmorPoint is a managed SIEM provider that touts its simplification of the organization's procedures and processes as well as unifying the NOC and SOC with its next generation solutions. One of the highlights of ArmorPoint is their ability to stay up-to-date with the latest technology and security stacks while they focus on new intelligence, detection, and remediation methods for customer organizations. This allows ArmorPoint to future-proof their customer’s monitoring and detection capabilities in a way which would be difficult with a smaller in-house team managing their own SIEM. While ArmorPoint are well-known for their SIEM solution, they are an MSSP who are capable of providing a range of managed security services.

ArmorPoint’s SIEM platform is cloud-native and can facilitate log collection with cloud-native integrations or on-premise agents and collection appliances.

ArmorPoint provides some of the most advanced technologies in managed SIEM, so they may be a good choice for organizations who want to retain managed security services while staying ahead of the curve when it comes to security monitoring and threat detection.

ArmorPoint_managed_siem

Resources and Downloadable Content
Request the very latest ArmorPoint data sheet PDF directly from your local account team. Please check your junk folder if not received.
Book a demo of the ArmorPoint security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
SIEM

8. BlueVoyant SIEM

BlueVoyant is another MSSP who are most well-known for their managed SIEM solution. Their platform includes a combination of some of the world’s leading security technologies which use artificial intelligence and machine learning to enhance threat detection and response. BlueVoyant’s team includes industry experts with many years of experience in dealing with real world threats, and they can apply this knowledge to managing their customers’ cybersecurity and compliance. BlueVoyant’s SIEM and automated threat detection combined with their team of security experts deliver a level of security automation and intelligence which would be difficult to match – even for organizations with a mature in-house SOC.

BlueVoyant uses a 3rd party SIEM platform (Azure Sentinel or Splunk) integrated with their managed detection and response capabilities. Both Azure Sentinel and Splunk can facilitate log collection with cloud-native integrations or on-premise agents and collection appliances.

BlueVoyant is known to have some of the best analytics in the industry, and aims to use them to combine external security monitoring and internal security management into a single unified solution. Additionally, BlueVoyant’s global team of cybersecurity experts and worldwide partner network allow them to provide a high level of service for customers with a global footprint.

Resources and Downloadable Content
Request the very latest BlueVoyant data sheet PDF directly from your local account team. Please check your junk folder if not received.
Book a demo of the BlueVoyant security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
SASE Vendor

9. Bulletproof SIEM

Bulletproof’s S.W.A.T. Defence product is their managed SIEM solution which provides world-class threat detection and response while supporting compliance programs. The product is backed up by S.W.A.T. SpecialOps, which is Bulletproof’s threat intelligence research team and security lab. SpecialOps also drives Bulletproof’s innovation in their offerings, including their S.W.A.T. Defence managed SIEM product. This solution is one of many in a portfolio of managed services provided by Bulletproof, making them another great choice for any organization with growing security needs who are willing to transfer responsibility to a group of experts as the world of cybersecurity continues to evolve into a more complex situation.

Bulletproof’s SIEM platform is cloud-native and can facilitate log collection with cloud-native integrations or on-premise agents and collection appliances.

Bulletproof’s solution aims to detect threats and anomalies while also assessing vulnerabilities and security posture by targeting the known flow of a current cyber threat (which they call “kill chain protection”). This means that they have tools and procedures for all the stages of an incident, allowing them to ensure there aren’t any holes in the defenses.

Bulletproof_Managed_SIEM

Resources and Downloadable Content
Request the very latest Bulletproof data sheet PDF directly from your local account team. Please check your junk folder if not received.
Book a demo of the Bulletproof security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
SIEM

10. Corserva SIEM

Corserva’s goal is to provide the most comprehensive cybersecurity solutions possible. The Corserva suite of services is there for organizations that need any number of cybersecurity services, including SIEM. Specifically, their Managed SIEM service aims to be the most complete solution available. The solution is built to leave no stone unturned, with its implementation taking a ‘zero trust’ approach to ensure the most complete coverage. This means their monitoring and threat detection coverage will include endpoint security or systems with integrated third party products, and their automation capabilities for workflow customization are robust.

Corserva utilizes AT&T Cybersecurity’s AlienVault SIEM platform, which collects logs using sensors that can be cloud-native integrations, on-premise, or agents deployed on physical or virtual machines.

While their managed SIEM service offering is attractive, they also offer a huge range of solutions from physical access control to desktop support services to disaster recovery planning. This type of coverage is great for organizations who may have plans which could further utilize some of their other managed security and IT services, and would prefer to deal with one vendor.

Corserva_managed_SIEM

Resources and Downloadable Content
Request the very latest Corserva data sheet PDF directly from your local account team. Please check your junk folder if not received.
Book a demo of the Corserva security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
SIEM

11. Dimension Data SIEM

Dimension Data offers everything from private 5G networks for global private cloud connectivity to application development. They are both a managed IT services provider (MSP) and MSSP.  Their managed security services include threat detection and response, device security management and compliance reporting and monitoring.  While they don’t have a SIEM offering themselves, they offer integration with leading SIEM solutions.  And with NTT being its parent company, this may be a good choice for companies with a global footprint who like the idea of getting voice, data, and security services from one global vendor. Dimension Data has a global network that provides a range of services and is filling a large gap in services in some under-serviced areas around the world as they bring connectivity and security to the globe. 

While Dimension Data don’t actually have their own SIEM platform, their managed services can manage and monitor a customer’s existing SIEM platform, or they can include deployment of their own.

Dimension Data intends to bring intelligence and reach to every organization with fair and flexible pricing. Their range of services outside of managed security is too large to mention here but include business intelligence solutions, infrastructure solutions, connectivity solutions, and more.

Resources and Downloadable Content
Request the very latest Dimension Data data sheet PDF directly from your local account team. Please check your junk folder if not received.
Book a demo of the Dimension Data security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
SIEM

12. DXC Technology SIEM

DXC Technology is a world class provider of engineering services, outsourced IT services, and managed security services. Their approach is meant to cover the organization with innovative technology solutions that see, report and integrate to each other providing cutting edge analytics, data management, and compliance monitoring and reporting. Included in their managed security services portfolio is, indeed, a managed SIEM service that provides an innovative approach to incident and event management. The DXC Technology team of engineers and analysts has built an ecosystem of services provided by their platform to make any organization's security posture some of the best in class.

DXC Technology use Splunk to deliver managed SIEM services.

DXC Technology also boasts a wide range of services and offerings including some that are industry specific (for example, they have services which are specific to financial services organizations or insurance provides). These offerings range from analytics and automation to business intelligence and cloud offerings. DXC is great for an organization looking for a partner who can meet security needs but also help them improve their returns on technology investments and keep current with standards, regulations and best-practices.

Splunk_SIEM

Resources and Downloadable Content
Request the very latest DXC data sheet PDF directly from your local account team. Please check your junk folder if not received.
Book a demo of the DXC security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
Summary

Further Information

Which SIEM Vendors have a presence only in the US:

  • Cybriant based in Atlanta, Georgia
  • ArmorPoint based in Phoenix, Arizona
  • Corserva based in Orlando, Florida and Trumbull, Connecticut

Which SIEM Vendors have a presence only in the UK:

  • Bulletproof

Which SIEM Vendors have a Global presence with a US HQ:

  • Trustwave has a global footprint with its headquarters in the U.S. (and its parent company is based in Singapore).
  • Viking Cloud has a worldwide footprint as well with its global headquarters in Dublin and its U.S. headquarters in Chicago.
  • Netsurion has a North American headquarters in the U.S. and a global headquarters in India.
  • BlueVoyant has a global footprint with its headquarters in New York City.
  • DXC Technology has a global footprint with its headquarters in the U.S.
  • Cipher Security is headquartered in the U.S. and its parent company (Prosegur) is headquartered in Spain.

Which SIEM Vendors have a Global presence:

  • NTT Security is based in Germany, and its parent company (Nippon Telegraph) is based in Japan.
  • Dimension Data is based in South Africa, and its parent company (Nippon Telegraph) is based in Japan.
IT Decision Makers Report

Download the the complete guide to the top 10 SD WAN solutions.

In this 98 page guide, you'll learn about the leading SD WAN providers and solutions which fit the needs of most businesses. Find out how each solutions meets specific business needs.

Checklist

SD WAN Buyers Checklist

Download our most popular IT decision makers SD WAN checklist. At-a-glance data covering all of the key points you need to understand when buying SD WAN.

Global SD WAN Providers Mindmap Checklist-1

Please provide the following information to request the IT decision makers SD WAN checklist.

Get the checklist

Briefings

Get real advice. Learn about the top 10 vendors and managed providers vs your needs in our free 30 minute Zoom session.

Join us via Zoom to where one of our research team will walk you through 10 top/best vendors and managed providers. We'll talk about your needs and map which Gartner leading solutions, niche players and startups match your requirements.

Netify free vendor Zoom advice briefing-1

Complete your details to learn more about the Netify vendor and managed service provider briefing.

Learn More

Guides

SD WAN pricing calculator

Try the beta version of our SD WAN and connectivity pricing calculator. Currently supporting Versa in our initial release.

Marketplace

There are no results matching your selection.

Company Performance

Cybersecurity Rating

Cato Networks4.5
Cisco Meraki3.8
Cloudflare4
Forcepoint4.9
Fortinet3
Open Systems4.5
Palo Alto Networks4.75
Versa Networks4.8
VeloCloud4.7
Zscaler4.9
Resources and Downloadable Content

IT decision makers are challenged to research the SD WAN and SASE security market. Netify vendor and service provider briefings offer clarity with actionable, objective insight into the top 10 Gartner rated solutions. Our research data is backed by proprietary data to help you make better decisions.

Chart

SASE Market Worth

(Projected)

Billion $ USD
2021$1.2
2026$4.1
Netify is the first dedicated global SD WAN & SASE comparison marketplace.

List Your Business

Netify Forbes member logo

For Global IT Decision Makers

The Global SD WAN & Cybersecurity Playbook

Download our vendor and managed service provider guide to the top 10 SD WAN & top 10 SASE cybersecurity solutions for Global companies.