Infinitely better SIEM

your way.

Introducing SIEMonster V5

Using optimized AWS services, along with the best in open-source offerings, SIEMonster developers have built a point and click, multi-AZ, complete end-to-end SIEMonster deployment. SIEMonster can now ingest, process and action infinitely scalable Events Per Second (EPS) to satisfy a range of clients from small organizations all the way up to enterprise customers.


“SIEMonster makes it possible for any organization to take advantage of SIEM technology at an affordable price. Highly customizable and scalable to meet your business requirements. Create dashboards and alerts with ease so you can focus in on areas that are most critical to your business operations. SIEMonster has extensive integration and automation capabilities which can only be limited by your imagination. “

Jason Evans

Senior Cyber Security Analyst – Ottawa Hospital, Canada.

“I have been using SIEMonster from the beginning when it was Version 1. The fact that I can monitor all my devices, and use the best of Open Source within the SIEM sells it for me. SIEMonster is very powerful and much more affordable than its competitors. I also like that I can modify it to work with other tools like Support Desks.”

Evan Bronson

Private Consultant, Utah, USA

“SIEMonster is a collection of opensource security tools designed for small, medium, large and MSSP clients. SIEMonster includes Opendistro Elasticsearch for SIEM, Elastalert Praeco for alerting, alarm board, Suricata Network Intrusion Detection System (NIDS), Wazuh Host Intrusion Detection System (HIDS), Kafka Message Queuing System, Apache NiFi Event Flow Processing Engine, PatrOwl for Asset Management that can be integrated with Vulnerability Management tools such as OpenVAS, MISP Threat Intelligence Platform, and a custom Reporting Module for scheduling recurring Kibana visualization reports. “

Greg Gray

CIO of Meridian – Atlanta, USA

“SIEMonster has provided us with a scalable SIEM which supports us in the Identify, Respond, and Recover phases. The platform readily handles a high volume of events, analyzing them for both known attack patterns which it then alerts us on, as well as providing us with the ability to identify anomalies in the events. Built off of open source components, SIEMonster gives us the flexibility to not only manage events from traditional sources such as networks and operating systems, but more business critical systems such as Monotype’s proprietary applications ensuring a timely identification of attacks. SIEMonster not only identifies the attacks, but provides us with incident management capabilities which allows us to record the entirety of the investigation, an event’s relationship with similar events, understand its’ TTPs and how it maps to the Mitre attack framework. SIEMonster gives us the capability to automate the analysis of events against threat intelligence, as well as the capability to capture and communicate to threat intelligence services based upon the results of our internal investigations. Critically, SIEMonster provides us with the ability to automate key incident responses so that our response to the vast majority of attacks are executed with uniform precision and speed.”

Walt Williams

Director of Information Security of Monotype, Boston USA

“We have successfully worked with them for over 3 years and have been very happy with their level of service and support. They have delivered a product that meets our needs and has been cost effective. During our time as a customer, they have continually improved the product and have kept updated on their progress. We can always count on them for a quick response and fast action when we need anything. They have truly been a partner for our SIEM needs.”

Dan Christensen

Security Engineer at Keap – USA