Why choose Prelude SIEM ?

The completeness of the product

Prelude SIEM is a complete SIEM product. It offers all the features that can be expected from a SIEM today. The Archive module offers you a complete Log Management module and the Alert module ensures the detection of attacks in real time. You can also enhance your product with SOC options for mapping, CTI and advanced client workstation security.

The power of in depth detection

Unlike some market players who oppose the different detection techniques to each other, Prelude SIEM has been able to combine them within its depth intrusion detection engine (DID Engine) in order to always improve the performance of its detection. Prelude SIEM also proposes to work on all the company's data (logs, netflows, vulnerability, etc.) to extend the effectiveness of its processing.

The IDMEF standard

By choosing a standard product you ensure your system:

  • Better detection and contextualization efficiency.
  • A sustainable investment in both implementation and operation.
  • Native compatibility with a wide range of probes and open-source tools.

Prelude services

The Prelude SIEM team can assist you in all phases of your project. Whether you decide to entrust us with the complete implementation of the turnkey project (Plan, Deploy, Run) or whether you wish to be supported to fully appropriate the tools when they are implemented (Training, Serenity and Emergency). Or of course if you want a combination of these two strategies. For more information, you can visit our page services.


Prelude SIEM pricing is based on the number of event sources on your network. This allows you to fully control the cost of your deployment. No surprise in case of an attack if suddenly your EPS rate starts to rise sharply. During a crisis, you actually have something else to do than to contact your editor to negotiate a license extension!

TCO (Total Cost of Operation)

Prelude SIEM is designed as a priority to facilitate the work of operators. Inspired by the ITIL method, many tools are available to level operators for the industrialization of procedures. As a result, your Level 1 operators work faster and more efficiently without requiring a high level of expertise. In addition, Prelude offers many advanced interfaces for forensic and expertise. Many log management alternatives seem simpler and faster to deploy but in the end it is during the operating phase that the costs will be much higher.


Prelude SIEM inherits open-source excellence in terms of security. The provision of the source code for the core product has always required the Prelude team to maintain a very high level of quality and safety. Few if not no commercial tools are subject to such a number of reviewers. In addition, and in a certification process, the V5 version of Prelude completes this code security with an advanced security of the execution environment. Minimization of the number of installed packets, fine configuration of SELinux services, reinforcement of system security, etc. The Prelude team follows the many ANSSI (French National Security Agency) recommendations to achieve a level of security equivalent to classified environments.

The Security - Performance monitoring convergence

Thanks to the combination of Prelude SIEM and Vigilo NMS, we can offer you a complete and homogeneous range to cover all the safety indicators of your company. Despite the many ISO recommendations around the CID (Confidentiality - Integrity - Availability) tryptic, the monitoring of availability/performance is still too largely dissociated from intrusion detection. Through Unity360, we propose a complete and coherent offer to manage "all" of the company's security (Availability included). This offer allows you to improve the efficiency of your management but also to reduce your costs both in CAPEX (Special rates on the Unity package) and in OPEX with common interfaces and tools.

A complete and efficient alternative

Prelude SIEM is the only European SIEM to offer a high-performance and complete alternative to the solutions of major American editors. Prelude SIEM offers the two major functions of a SIEM, a log management module (SIM) and a real-time detection module for intrusion attempts (SEM). In addition, Prelude SIEM includes the features for investigation, reporting and incident management.

Modularity / Adaptability / Customization

Prelude SIEM has been developed to adapt to all environments. Prelude SIEM can be installed on a single system or in distributed mode. Each macro function is available as a module (collection, detection, correlation, manager, etc.) These modules can be parallelized or hierarchically linked. Prelude SIEM includes numerous interfaces to interact with your existing operation environments (tickets, inventory, etc.). Prelude SIEM also offers several interfaces and APIs to connect to existing tools in your SOC.

Proven efficiency

Present on the SIEM market for many years, Prelude SIEM, in its open-source version and then its commercial version, has been deployed on multiple architectures of all sizes throughout the world. Prelude OSS is the SIEM reference in most Linux distributions. First SIEM to comply with the IDMEF standard, it demonstrated the full effectiveness of the latter. Prelude SIEM has also adapted with completely renewed ergonomic interfaces and by completing its detection techniques with new advances based on the use of artificial intelligence.


Your question about Prelude SIEM