The original post: /r/cybersecurity by /u/chapterhouse27 on 2024-05-17 13:18:52.
Hey guys, my company is an MSP that offers some limited MSSP services. We recently had the…pleasure…of moving to the Kaseya platform and changed up all the tools we use. Without getting too deep into why I want to jump off the roof most days, one of those changes was from an unmanaged SIEM that was literally just log storage, to Rocket Cyber. Rocket Cyber is a challenge to work with and I would never recommend them to anyone…within 5 months things have come to a head and we are looking at replacing them.
I’m hoping to get some recommendations here for managed SIEM providers and your experiences working with them. Unfortunately managements initial draw to Rocket Cyber was the very low price point, so I think some of the bigger players out there like Splunk and Log Rhythm are out for us, but basically just need a managed SIEM that is capable of ingesting firewall/switch logs, windows event logs, and can integrate with 365.
Any insight would be much appreciated.