Transform your capabilities with
SIEMonster behind your brand.

Introducing SIEMonster Partnerships

SIEMonster is an architecturally superior, infinitely scalable solution you can trust. Built with Red Team expertise to deliver Blue Team defense for your customer, whatever their size, industry, or environment. Seriously secure, seriously cost effective. It’s the proactive defense your customers have been waiting for.


“SIEMonster makes it possible for any organization to take advantage of SIEM technology at an affordable price. Highly customizable and scalable to meet your business requirements. Create dashboards and alerts with ease so you can focus in on areas that are most critical to your business operations. SIEMonster has extensive integration and automation capabilities which can only be limited by your imagination. “

Jason Evans

Senior Cyber Security Analyst – Ottawa Hospital, Canada.

“I have been using SIEMonster from the beginning when it was Version 1. The fact that I can monitor all my devices, and use the best of Open Source within the SIEM sells it for me. SIEMonster is very powerful and much more affordable than its competitors. I also like that I can modify it to work with other tools like Support Desks.”

Evan Bronson

Private Consultant, Utah, USA

“SIEMonster is a collection of opensource security tools designed for small, medium, large and MSSP clients. SIEMonster includes Opendistro Elasticsearch for SIEM, Elastalert Praeco for alerting, alarm board, Suricata Network Intrusion Detection System (NIDS), Wazuh Host Intrusion Detection System (HIDS), Kafka Message Queuing System, Apache NiFi Event Flow Processing Engine, PatrOwl for Asset Management that can be integrated with Vulnerability Management tools such as OpenVAS, MISP Threat Intelligence Platform, and a custom Reporting Module for scheduling recurring Kibana visualization reports. “

Greg Gray

CIO of Meridian – Atlanta, USA

“SIEMonster has provided us with a scalable SIEM which supports us in the Identify, Respond, and Recover phases. The platform readily handles a high volume of events, analyzing them for both known attack patterns which it then alerts us on, as well as providing us with the ability to identify anomalies in the events. Built off of open source components, SIEMonster gives us the flexibility to not only manage events from traditional sources such as networks and operating systems, but more business critical systems such as Monotype’s proprietary applications ensuring a timely identification of attacks. SIEMonster not only identifies the attacks, but provides us with incident management capabilities which allows us to record the entirety of the investigation, an event’s relationship with similar events, understand its’ TTPs and how it maps to the Mitre attack framework. SIEMonster gives us the capability to automate the analysis of events against threat intelligence, as well as the capability to capture and communicate to threat intelligence services based upon the results of our internal investigations. Critically, SIEMonster provides us with the ability to automate key incident responses so that our response to the vast majority of attacks are executed with uniform precision and speed.”

Walt Williams

Director of Information Security of Monotype, Boston USA

“We have successfully worked with them for over 3 years and have been very happy with their level of service and support. They have delivered a product that meets our needs and has been cost effective. During our time as a customer, they have continually improved the product and have kept updated on their progress. We can always count on them for a quick response and fast action when we need anything. They have truly been a partner for our SIEM needs.”

Dan Christensen

Security Engineer at Keap – USA


How do I get started?

If you have 10 or more customers, with your SIEMonster SIEM integrated, we can support you further with custom integration, professional services, wholesale pricing, a private portal and support from SIEMonster’s sales and tech experts. If you’d like to talk to one of our experts please follow the link below to book a meeting

Can I run SIEMonster in other cloud providers like Microsoft Azure or Oracle OCI?

No. SIEMonster has been developed using the state of the art AWS features including Open Search, Managed Kubernetes and managed Kafka. At this stage other cloud providers can not support SIEMonsters scalability and features.

Can I run SIEMonster as a partner on local hardware?

No, SIEMonster's autoscale up-down features are not suitable for local hardware.

Do you have a list of other partners running SIEMonster with small and large tenants?

SIEMonster has partners all around the world running 1-1000 tenants of all sizes. We even have some tenants running 2,000,000 Events Per Second. However due to obvious privacy reasons with whitelabeling we can not provide a list.

Can I rebrand SIEMonster with my own company's logos?

Yes SIEMonster is a white label solution and can be branded using your own company's logos immediately.

Where has the SIEMonster Professional and Enterprise license tenant model gone?

The SIEMonster team's goal was to create a product that could infinitely scale out and retract as partner tenants grew their business. Having a Professional Edition with 1-200 endpoints and an Enterprise edition with 200+ endpoints meant we had customers hit the license/product limit, who then had to redeploy an Enterprise edition. By having one product, we could remove this model altogether. Now the MSSP tenant is just SIEMonster from 1-1,000,000 endpoints without the need for redeployments on customers.

If the licensing model for Professional and Enterprise is gone, what is the new pricing model?

When you scope out a customer, and ask them how many endpoints they require you can determine how many servers will be required to support their endpoints. For example, 1-200 endpoints would be 1 server, 200-400 endpoints would be 2 servers, and anything greater than 400 endpoints would be 3 servers. SIEMonster’s licensing model now is per server - as your client grows in size, new servers will deploy automatically to take on the new load. Using AWS Cloudformation deployment stacks, customer loads can increase and a server is auto-deployed and scaled back when there is no load

Can I run SIEMonster in our own AWS?

Yes, you can run SIEMonster in your own AWS account.