If you’ve implemented SIEM, what solution are you using?

Security & GRCThreat Intelligence & Incident Response
4.4k viewscircle icon6 Comments
Sort by:
CIO in Education2 years ago

I/we implemented and are currently using Google Chronicle, but in the past I have also implemented QRadar and Splunk (at a former employer) 

CIO in Manufacturing2 years ago

We are looking at implementing a SIEM/SOC. Does anyone have experience with SilverSky as a managed service?

1 Reply
no title2 years ago

Have not worked with SilverSky but have had great success with ReliaQuest. 

Lightbulb on1
CISO in Insurance (except health)2 years ago

Currently we are using Splunk for our SIEM but with the purchase of Splunk last year by CISCO we are considering other options but would not implement a SIEM without a co-managed SIEM provider. 

Fractional CISO in Telecommunication2 years ago

The last deployment I made was using Microsoft Sentinel and we were generally very happy with its capabilities and integration options.

Looking forward to seeing how the new Co-Pilot tools will enhance it further.

Chief Information Security Officer in Software2 years ago

Last year I started implementing Wazuh (based on Elastic stack). I was effective, with both M365 technologies and AWS. Also have the advantage that the agent is running on Windows, MacOS and Linux. If you play a litlle bit with it you can automate mostly everything but Onprem hosted.

After. all I switched to Microsoft Sentinel mostly because I have no patch management to do, I can have all the information need without having patching the system supporting the SIEM. If I have a supporting team form my Secinfra I would go again with Wazuh. But the no brainer choice for me if Sentinel.
Most import is not only to set an SIEM but also have a SOC to deal with all the alerts.

Content you might like

Which cybersecurity metrics do you currently use with your board?

Read More Comments

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

What's your most indispensable cloud infrastructure tools to use in addition to what you get from GCP, AWS, Azure?

HashiCorp (Terraform, Vault, Packer, etc.)22%

Cloud infra automation (Ansible, Puppet, Chef, etc.)56%

APM (Datadog, AppD, SignalFX, NewRelic, etc.)10%

Others?10%

View Results

Have you used or evaluated any AI-driven SOC platforms? Do you think there are sufficient advantages to using an AI SOC analyst at this stage, or are you in ‘wait-and-see’ mode until solutions like this mature?

On a scale of 1-5, how would you rate your organization’s ability to successfully protect your organization's operational network (OT) and IT network from a cyber attack?

1. We are not at all prepared.3%

2. We are somewhat prepared.35%

3. We are moderately prepared.21%

4. We are generally prepared.33%

5. We are highly prepared.6%

View Results