“SIEMonster can now ingest, process and action infinitely scalable events per second (EPS) to satisfy a range of clients from small organizations all the way up to enterprise customers. Collaboration with SIEMonster gives AWS the opportunity to showcase its services in the cybersecurity SIEM space, one of the fastest-growing sectors in information technology. By collaborating with Amazon, SIEMonster can leverage the AWS global network of sales teams and customers to grow further.”

Chris Rock, SIEMonster Chief Information Security officer


Run SIEMonster now:   AWS Marketplace

How our collaboration evolved

The journey began when Amazon provided SIEMonster AWS credit during the New York Techstars summer program in 2018 to further develop the SIEMonster solution in the AWS cloud. Using optimized AWS services, along with the cream of open-source offerings, SIEMonster developers built a point and click, multi-AZ, complete end-to-end SIEMonster deployment. By embracing cutting edge technologies such as:

Fargate/ECS, serverless functions

UltraWarm caching for Elasticsearch

Managed EKS

Kafka streaming

Next level SOAR automation

Enterprise Case Studies

Learn how SIEMonster provided a global steel manufacturer with the alerting they required to defend themselves against the ever-increasing threats against complex SCADA systems. The cost of security-monitoring tools often puts them out of the reach of small and resource-challenged companies – but cost has been no obstacle for steel giant BlueScope’s CSO, David Johnston who has overseen implementation of SIEMonster the open-source alternative that’s providing global, real-time security monitoring while saving hundreds of thousands of dollars in the process.

Read More 

The University of Massachusetts needed to find a solution that would allow them to properly process and analyze the amount of data generated, but also to find a solution that wasn’t prohibitively expensive. Prior to adopting SIEMonster’s solution, they had tried several other Gartner Quadrant-ranked SIEM solutions, none of which were able to meet their needs, and none for a reasonable price. Learn how SIEMonster solved UMass problem with a SIEM solution to ingest over 250,000 EPS at a fraction of the cost of our competitors.

Read More 

Public References

“SIEMonster makes it possible for any organization to take advantage of SIEM technology at an affordable price. Highly customizable and scalable to meet your business requirements. Create dashboards and alerts with ease so you can focus in on areas that are most critical to your business operations. SIEMonster has extensive integration and automation  capabilities which can only be limited by your imagination. “

Jason Evans –  Senior Cyber Security Analyst – Ottawa Hospital, Canada.

“I have been using SIEMonster from the beginning when it was Version 1. The fact that I can monitor all my devices, and use the best of Open Source within the SIEM sells it for me. SIEMonster is very powerful and much more affordable than its competitors. I also like that I can modify it to work with other tools like Support Desks.”

Evan Bronson – Private Consultant, Utah, USA

“SIEMonster is a collection of opensource security tools designed for small, medium, large and MSSP clients. SIEMonster includes Opendistro Elasticsearch for SIEM, Elastalert Praeco for alerting, alerta.io alarm board, Suricata Network Intrusion Detection System (NIDS), Wazuh Host Intrusion Detection System (HIDS), Kafka Message Queuing System, Apache NiFi Event Flow Processing Engine, PatrOwl for Asset Management that can be integrated with Vulnerability Management tools such as OpenVAS, MISP Threat Intelligence Platform, and a custom Reporting Module for scheduling recurring Kibana visualization reports. “

Greg Gray –  CIO of Meridian – Atlanta, USA

“SIEMonster has provided us with a scalable SIEM which supports us in the Identify, Respond, and Recover phases. The platform readily handles a high volume of events, analyzing them for both known attack patterns which it then alerts us on, as well as providing us with the ability to identify anomalies in the events. Built off of open source components, SIEMonster gives us the flexibility to not only manage events from traditional sources such as networks and operating systems, but more business critical systems such as Monotype’s proprietary applications ensuring a timely identification of attacks. SIEMonster not only identifies the attacks, but provides us with incident management capabilities which allows us to record the entirety of the investigation, an event’s relationship with similar events, understand its’ TTPs and how it maps to the Mitre attack framework. SIEMonster gives us the capability to automate the analysis of events against threat intelligence, as well as the capability to capture and communicate to threat intelligence services based upon the results of our internal investigations. Critically, SIEMonster provides us with the ability to automate key incident responses so that our response to the vast majority of attacks are executed with uniform precision and speed.”


Walt Williams – Director of Information Security of Monotype, Boston USA

“We have successfully worked with them for over 3 years and have been very happy with their level of service and support. They have delivered a product that meets our needs and has been cost effective.  During our time as a customer, they have continually improved the product and have kept updated on their progress. We can always count on them for a quick response and fast action when we need anything. They have truly been a partner for our SIEM needs.”


Dan Christensen Security Engineer at Keap – USA