Are you using a SIEM product? If yes, which one and what has been your experience so far w.r.t  1. Implementation 2. Effectiveness 3. TCO

Top Answer : Elastic SIEM with DIY customizations. 1. Fairly straightforward OOTB. 2. Very.  Does exactly what we ask it to do. 3. TCO is much better than the RSA Security Analytics / Netwitness SIEM it replaced.

Orange Terminal
Educational Services
Elastic SIEM with DIY customizations. 1. Fairly straightforward OOTB. 2. Very.  Does exactly what we ask it to do. 3. TCO is much better than the RSA Security Analytics / Netwitness SIEM it replaced.
0 upvotes
Black Terminal
Software
Elastic and Splunk. Easy, effective, but expensive.
0 upvotes
Red Charger
Software
We keep cycling through different options. The SaaS models for this get expensive fast, or you sacrifice data because of cost.  The on prem or open source options require a lot of dedicated time to configure.
0 upvotes