Showing results for 
Search instead for 
Did you mean: 
Create Post
Product Manager
Product Manager


As an IT professional, dealing with the sheer variety of cyber attacks—ransomware, malicious insider attacks, and advanced persistent threats, among others—can require a broad, layered approach to infrastructure threat monitoring

But where do you begin? What tools do you need? How does compliance play a role in your threat monitoring strategy?

SolarWinds® Threat Monitor is a cloud-based tool designed to give you a centralized view into your infrastructure, so you can detect security threats, respond intelligently using the most up-to-date threat intelligence from around the world, and demonstrate regulatory compliance by using integrated reporting tools that can be customized to meet the needs of your organization. Some of the specific benefits you can achieve include:

  • Centralized, cloud-based security monitoring
  • Continuously updated threat intelligence data
  • Security Information and Event Management (SIEM)
  • Automated threat response
  • Integrated compliance reporting tools

Please share your feedback, questions, and ideas here. We want to hear from you!

3 Replies
Level 8

In overly simplistic terms, is it accurate to say that TM focuses on external threats and LEM focuses more on internal threats?  Can you elaborate a bit more on the differences of each?


0 Kudos
Product Manager
Product Manager

Hi gscroggin​, Threat Monitor is not based on LEM.  It's a completely different platform on a different technology stack.  Although there is some minor overlap in capability between the two, the two most notable differences are:

  1. SaaS.  Threat Monitor is hosted in our secure cloud infrastructure vs. you having to deploy it yourself.  We manage it.  We maintain it.  You use it to look for threats and respond to threats.  Having it hosted as a SaaS solution allows you to focus on your day job.  We make sure it is functional and available.
  2. Threat Intelligence.  Threat Monitor includes integrated threat intelligence to feed the built-in IDS that is delivered as part of a Collector that you deploy into your environment.  The Collector is a virtual machine (Hyper-V or VMware) that allows you to collect data locally and monitor the network.  The threat intelligence includes IDS ruleset updates and fully integrated reputation data to help identify bad things in your network.
  3. Subscription.  Threat Monitor is a subscription product.  LEM is a perpetual product. 

Happy to discuss in more depth if interested.  Hope this helps.

Level 8

What is the difference between Threat Monitor and LEM (Long and Event Manager)? Is TM just a managed service of LEM or is it a completely separate platform?

0 Kudos