SIEM Rules Logo

Pricing

Simple pricing. No translations needed.

  • Basic

  • 1 user
  • Unlimited public rules
  • Unlimited private rules
  • All supported conversions
  • No data export
  • No integrations
  • $0
  • /forever
  • GET STARTED →

  • Premium

  • Up to 4 users
  • Unlimited public rules
  • Unlimited private rules
  • All supported conversions
  • No data export
  • No integrations
  • $199
  • /month
  • UPGRADE NOW →

  • Enterprise

  • Up to 12 users
  • Unlimited public rules
  • Unlimited private rules
  • All supported conversions
  • Data export (STIX 2.1)
  • Integrations API
  • $249
  • /month
  • UPGRADE NOW →

FAQ

What is a rule?
A rule is designed to detect malicious security events. Our rules follow the Sigma Rule standard. Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner. Sigma is for log files what Snort is for network traffic and YARA is for files.
What SIEM's do you support Sigma Rule translations for?
Our translations of Sigma Rules to rule formats used by major security tools (e.g. Splunk SPL) continually evolve. Please check the app itself for the latest list of supported translations available.
Do you integrate with product X,Y,Z?
Many security tools now support the STIX 2.1 data format natively (which is how all SIEM Rules data is stored). You can export this data to these tools using the SIEM Rules REST API.
Can we invite users outside of our company?
For our standard plans, all users in a group must share the same email domain. You will need to purchase a community license (not shown above) if you want to create groups containing users from different organisations. Please contact us to discuss.