Home > Categories > Security Incident and Event Management > Making Sense of SIEM Pricing: The Top Four Options

Software Category

Security Incident and Event Management

Write Review

Making Sense of SIEM Pricing: The Top Four Options

As the SIEM market continues to grow, organizations have more options than ever to decide which SIEM is right for them. While SIEM vendors continue to innovate, sometimes it comes down to price. In the first of this five-part series on SIEM pricing, we investigate the different pricing options on the market and what these mean for organizations looking to invest in a SIEM.

The four options that are currently at play in today’s market are as follows:

  • Data volume
  • User base
  • Asset base
  • Platform modules

Traditionally, SIEM pricing models forced organizations to invest in a large up-front capital expenditure for both hardware and software in order to install the solution on-premises. Add on top of this, sizeable operating expenses that depended on how much data the SIEM could collect and the SIEM quickly becomes a large expenditure for any organization. To support the OpEx calculation, IT teams were required to determine the amount and kinds of data that would be fed into the SIEM; a project unto itself.

This traditional model was adopted by many SIEM vendors such as McAfee, SolarWinds, and Splunk, and as such, organizations had no other options for how they priced the operational expenses of their SIEM. New vendors to the market saw this lack of optional pricing as an opportunity in what seemed to be a consolidated market and came in fast with new pricing models aimed at different-sized organizations. With this, the market changed, and IT teams no longer had to determine the amount of data they would be feeding into the SIEM, instead, they simply needed to know how many users or how many assets would be part of their services.

But the story does not end there. Throughout the remaining pieces in this series on SIEM pricing models, we will explore the advantages and disadvantages of each offering. In the second of these five briefs, we will discuss why data volume’s perceived restrictive model may in fact save organizations money and help mature their overall security. Stay tuned for our next piece.

Source: Security Incident and Event Management at SoftwareReviews, Report Published October 2019

Our Take

With so many SIEM vendors out there, it becomes increasingly challenging to distinguish which one is right for your organization. While the price tag is a key consideration in any IT team’s decision, how the price is calculated plays an equally important role in helping to determine which SIEM is chosen. If your organization is worried about racking up its SIEM bill because its data surpasses its contractually limited data volumes, perhaps this is because your organization didn’t quantify how much data it was producing in the first place. In the SIEM selection game, it is critical to make an informed decision that is tailored to the needs of your organization, versus one based on a pricing model that is easier to calculate.

Want to Know More?

Develop Foundational Security Operations Processes

Other Recent Research in Security Incident and Event Management

Security Incident and Event Management

Chronicle Expands Its North American Presence by Partnering With Herjavec Group

Chronicle, Alphabet’s enterprise security company, expands its North American partner base with Herjavec Group, its first Canadian partner. Herjavec Group is the first service provider in Canada to be certified in, and provide access to, Chronicle’s security intelligence products.

Security Incident and Event Management

IBM Raises Price on Software Support; Shoves Customers Toward the Cloud

IBM is changing the terms of its ubiquitous Passport Advantage agreement to remove entitled discounts on over 5,000 on-premises software products, resulting in an immediate price increase for IBM Software & Support (S&S) across its vast customer landscape.

Security Incident and Event Management

Organizations Report Higher Satisfaction When Switching to Software With an Info-Tech Award

Thinking about choosing a new software vendor but don't know where to start? Narrow down your shortlist by focusing on software that has received an Info-Tech Research Group award. New data from SoftwareReviews shows that organizations reported higher satisfaction when they switched to software that had received an Info-Tech award.

Security Incident and Event Management

Bomgar & BMC Team Up to Speed Trouble-Ticket Resolution

For organizations that experience time-sensitive incidents that must be resolved in the most optimal and efficient manner, Bomgar (Beyond Trust) and BMC Software may have the solution. The two vendors have teamed up to address a reduction in the time it takes to resolve problematic tickets and assist in lessening the impact of cyber threats to which all organizations are subjected.