2017 Security 100: 20 Coolest SIEM And Threat Detection Vendors

SIEM And Security Analytics

Security is getting more complicated, making security management systems all the more important for companies to keep an eye on alerts and manage all of their security systems. However, a growing talent shortage in the security industry and a rising number of threats also mean analytics, automation and orchestration are more important than ever in those systems, as companies need to prioritize alerts and automate simpler security tasks. From hot new startups to some of the biggest security companies in the business, take a look at 20 SIEM and security analytics companies that made this year's annual CRN Security 100 list.

AlienVault

Barmak Meftah, CEO

Headquarters: San Mateo, Calif.

AlienVault's Unified Security Management platform uses the cloud to provide businesses with a single pane of glass for security monitoring, including asset discovery, behavioral monitoring, vulnerability assessment, SIEM and intrusion detection. AlienVault also offers threat intelligence capabilities through its crowd-sourced Open Threat Exchange.

BitSight

Shaun McConnon, CEO

Headquarters: Cambridge, Mass.

BitSight allows businesses to get a security rating score, similar to a credit score, to find out the performance of their own internal systems, as well as those of their third-party vendors and peers. The company landed $40 million in funding last fall as attention to third-party security risk continues to rise.

BlackStratus

Dale Cline, CEO

Headquarters: Piscataway, N.J.

Last year, enterprise SIEM vendor BlackStratus dove into the SMB market with the launch of CyberShark, a SIEM-as-a-Service offering for SMBs. It is available as a white-label offering to MSPs, including 24/7 security monitoring, alerts, remediation, event correlation, compliance and more.

Demisto

Slavik Markovich, CEO

Headquarters: Cupertino, Calif.

Founded in 2015, Demisto has garnered significant venture capital attention – including $20 million in funding in February – for its security automation platform. The offering helps SOC analysts automate alert triage, track and manage incidents, automate threat feed correlation, and facilitate incident investigations.

EiQ Networks

Vijay Basani, President, CEO

Headquarters: Boston

EiQ Networks offers a series of hybrid Software-as-a-Service security solutions aimed at helping midmarket customers raise their security posture. The SaaS service includes critical security controls auditing, co-managed SIEM and log management, continuous vulnerability management, 24/7 security monitoring, incident analysis and remediation guidance, and compliance reporting.

Exabeam

Nir Polak, Co-Founder, CEO

Headquarters: San Mateo, Calif.

Exabeam dove into the SIEM market this year with the launch of its new Security Intelligence Platform, an offering it said will extend its user behavior analytics offering to disrupt the legacy SIEM market. The platform includes capabilities for log management, analytics, incident response, threat hunting and cloud.

Fortscale

Idan Tendler, Co-Founder, CEO

Headquarters: San Mateo, Calif.

Fortscale's user behavior analytics offering is designed to detect prolonged attacks in the enterprise, protect critical assets and shut down insider threats using analytics and machine learning to pinpoint unusual behavior. The company's offering integrates with SIEM, firewall, intrusion detection systems/intrusion prevention systems, unified threat management and more.

Gigamon

Paul Hooper, CEO

Headquarters: Santa Clara, Calif.

Gigamon works with existing security products in a company's environment to provide additional network visibility and traffic monitoring, allowing service providers and enterprises to more clearly monitor and manage network and application traffic and help them make real-time strategic decisions.

Gurucul

Saryu Nayyar, CEO

Headquarters: Los Angeles

Gurucul helps companies pinpoint and prioritize threats by applying machine learning and behavioral analytics to what information a user has access to and what privileges they should be allowed. The company dove into the channel in 2016, launching its first partner program and naming its first channel chief.

Hexadite

Eran Barak, Co-Founder, CEO

Headquarters: Boston

Hexadite looks to change the way incident response teams respond to threats, with a security automation offering that leverages artificial intelligence to automatically launch an investigation, gather context and remediate. In February, the company landed $8 million in venture capital funding, including from Hewlett Packard Ventures.

IBM

Ginni Rometty, Chairwoman, President, CEO

Headquarters: Armonk, N.Y.

IBM has long held a spot in the SIEM market with its QRadar platform. However, the company further ramped up its security analytics offerings in a big way in 2017 with the launch of IBM Watson for Cyber Security, which it said is part of a push to build a cognitive platform for security operations.

LogRhythm

Andy Grolnick, Chairman, President, CEO

Headquarters: Boulder, Colo.

LogRhythm looks to bring SIEM to the next generation, with a security intelligence and analytics platform that includes SIEM, log management, network and endpoint monitoring, user and entity behavior analytics, automation and orchestration and analytics. As the market need for this grows, the company is reportedly exploring IPO options.

Phantom

Oliver Friedrichs, Founder, CEO

Headquarters: Palo Alto, Calif.

Winner of last year's prestigious RSA Innovation Sandbox contest, Phantom offers a security and orchestration platform that "supercharges your SOC" by automatically detecting and triaging events, correlating incidents with threat intelligence and orchestrating workflows for automated response. The company announced $13.5 million in additional funding this year.

Rapid7

Corey E. Thomas, CEO

Headquarters: Boston

Companies are looking to unify their security approach and achieve compliance. Rapid7 has offerings for vulnerability management, network and application visibility, SIEM, analytics and automation. The company, which went public in 2015, has expanded to the Internet of Things market this year, with new consulting and security assessment services.

RedOwl Analytics

Guy Filippelli, CEO

Headquarters: Baltimore, Md.

With insider threats still comprising a large majority of threats to a business, RedOwl Analytics looks to leverage analytics to identify risk, prioritize high-risk insiders and pinpoint malicious or compromised users. The company won the prestigious RSA Innovation Sandbox startup contest in 2014.

RedSeal

Ray Rothrock, CEO

Headquarters: Sunnyvale, Calif.

RedSeal helps customers move beyond protection and detection technologies with a platform that provides visibility into their infrastructure. From there, customers can improve their security, leverage analytics, validate compliance, write security policies, identity and prioritize vulnerabilities, accelerate incident response, and build in best practices.

RSA

Rohit Ghai, President

Headquarters: Bedford, Mass.

RSA has offerings for advanced threat detection and response, identity and access management, fraud prevention and governance, risk and compliance. The company gained new ownership in 2016, as parent company EMC was acquired by Dell in a blockbuster deal.

SecurityScorecard

Aleksandr Yampolskiy, Co-Founder, CEO

Headquarters: New York

SecurityScorecard offers a SaaS platform that gathers data to determine security risk factors for an organization and assigns a risk rating. It can be used to assess a company's own risk or that of third-party vendors. SecurityScorecard transitioned to a channel-led company in 2017 with the launch of its inaugural partner program.

Splunk

Douglas Merritt, CEO

San Francisco

Splunk has dived into the security market in a big way, bringing its analytics technology to upend and revolutionize the SIEM market. The company's security strategy centers around what is calls "adaptive response," providing a framework for integrating multi-vendor environments into a single interface for an improved security posture.

UpLevel Security

Roselle Safran, Co-Founder, CEO

Headquarters: New York

Launched by a former White House cybersecurity chief, UpLevel Security helps companies manage incident response with a platform that centralizes alerts, threat intelligence and applies analytics. From there, security analysts can collaborate, manage incidents, automate and orchestrate responses, assess security performance, and more.