Try our new research platform with insights from 80,000+ expert users

NetWitness Platform vs Securonix Next-Gen SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
29th
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
37
Ranking in other categories
Log Management (37th)
Securonix Next-Gen SIEM
Ranking in Security Information and Event Management (SIEM)
16th
Average Rating
8.6
Reviews Sentiment
6.4
Number of Reviews
35
Ranking in other categories
Identity Threat Detection and Response (ITDR) (8th)
 

Mindshare comparison

As of July 2025, in the Security Information and Event Management (SIEM) category, the mindshare of NetWitness Platform is 0.6%, down from 0.7% compared to the previous year. The mindshare of Securonix Next-Gen SIEM is 1.1%, down from 1.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

MOTASHIM Al Razi - PeerSpot reviewer
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
Mohammed Nadeem Rais - PeerSpot reviewer
The visibility and analytics from Securonix SIEM have become indispensable in identifying and stopping potential threats before they escalate.
The most valuable feature of Securonix Next-Gen SIEM is its advance analytics, flexibility and scalability. We ingest billions of logs without worrying about resource allocation. This makes it a robust and cost-effective solution for our needs. Its user entity and behavior analytics (UEBA) are also integral for detecting insider threats and lateral movements within the organization. These features help organizations strengthen their security posture, protect sensitive data, and maintain compliance with strict regulatory requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are the threat prediction and network forensics."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"The newer 11.5 version that my team is using has found it to have good mapping."
"Their technical support responds quickly and are knowledgable."
"Performance and reporting are very good."
"SNYPR has a bundle of features. It has the UEBA feature that tells you about the behavior of a person or entity. In the tool itself, there is an incident management feature, which is definitely valuable."
"Risk scoring was nice. We could exactly see which user had the highest risk score, and then we could pick it up and work on it."
"The solution's AI features reduce the need for manual analysis and help in decision-making. It displays the report in seconds. It saves my resources three to four hours of work."
"There aren't any positive aspects of the solution. It was a complete failure. There are no redeeming features."
"The scalability is one of the remarkable qualities of this product, which makes it very effective, especially when we are dealing with substantial data volumes in the cloud."
"The solution has proven to be stable so far...The solution is easy to scale up."
"I find customer service to be very good."
"One of the valuable features of Securonix is the auto-incident creation, which was not available two or three years ago."
 

Cons

"The initial setup was complex because it takes a lot of time to complete the implementation."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"The initial setup is very complex and should be simplified."
"Technical support could be improved."
"The implementation needs assistance."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"The log system is a bit complex and has room for improvement."
"A helpful feature would be an event export. A way to create more substantial summary reports would be nice."
"Parsing needs to be improved. Every time we integrate a new, specific data source, we face a lot of problems in parsing, even for the old data source."
"Sometimes, the injectors lag and are not loading. It would be nice if that could be improved."
"We thought they were going to be a great product, however, they're actually not great at all as an MSP."
"We would like to see better integration with other products."
"Securonix Next-Gen SIEM's deployment is complex and you need a team to do it."
"Securonix could open up information regarding the indicators of compromise or cyber-threat intelligence database that they use. The idea is that they share what threats they are detecting."
"It could be improved a little bit more for admin users. There should be more administrative options related to security for admin users. For example, for forensic purposes, the admin should be able to stop a specific user from erasing some information. I would be helpful in certain situations, such as during an internal fraud."
 

Pricing and Cost Advice

"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."
"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."
"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
"We are on an annual license for the use of the solution."
"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
"The product is expensive."
"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
"Its price is fine. We found it to be cheaper than LogRhythm, Exabeam, Splunk, as well as Elastic Security. A few months ago, when we were comparing Securonix with Elastic Security, we found Securonix to be cheaper than Elasticsearch. We were pretty surprised that Elastic Security is more expensive than Securonix because Elasticsearch is just starting, and it cannot compete with Securonix at this time. So, the pricing of Securonix is pretty good for now."
"A good thing about Securonix is that they don't charge by volume of data or number of devices... They charge by the number of employees, which is a much more predictable number for me, versus data. Our costs are in the $100,000 range over a three-year subscription."
"I rate the pricing an eight on a scale of one to ten, where one is cheap, and ten is very expensive. It is a pretty expensive tool."
"Its pricing is quite similar to others and is very competitive. The other solutions have different types of licensing, but when you do the math, it is competitive."
"Compared to other brands it seems more affordable to us."
"We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service."
"We went in on a three-year agreement which has an annual licensing fee, based upon the number of people that we're monitoring. There have not been any additional costs to the standard licensing fees."
"The pricing is fine compared to the market but I think that at some point the competitors will catch up on price."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
861,481 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
17%
Computer Software Company
17%
Manufacturing Company
5%
Real Estate/Law Firm
5%
Computer Software Company
19%
Financial Services Firm
12%
Government
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What is your primary use case for Securonix Security Analytics?
We have actually used our company, which is a large one, and we are using multiple Securonix Next-Gen SIEM technologies. For the on-premises environment, we are using Securonix Next-Gen SIEM, and f...
What do you like most about Securonix Next-Gen SIEM?
The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features.
 

Also Known As

RSA Security Analytics
Securonix Security Analytics
 

Overview

 

Sample Customers

Los Angeles World Airports, Reply
Dtex Systems, Pfizer, Western Union, Harris, ITG
Find out what your peers are saying about NetWitness Platform vs. Securonix Next-Gen SIEM and other solutions. Updated: June 2025.
861,481 professionals have used our research since 2012.