We performed a comparison between Securonix Next-Gen SIEM and SolarWinds Security Event Manager based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The pricing of the product is excellent."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"Free ingestion for Azure logs (with E5 licence)"
"The Log analytics are useful."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The feature that I have found most valuable is their analytics platform where they have the open security data-link, which they introduced. This is typically different from the other vendors."
"The scalability is one of the remarkable qualities of this product, which makes it very effective, especially when we are dealing with substantial data volumes in the cloud."
"There aren't any positive aspects of the solution. It was a complete failure. There are no redeeming features."
"Its console is very easy to use and configure. It is very intuitive for our use cases. App integrations are also pretty nice."
"One of the most valuable features is the integration of all types of data sources to extract relevant information regarding events. It is a good solution when it comes to the correlations that it makes within all the data handled in our company."
"When we were looking for products for our security monitoring needs, our biggest requirement was that we wanted something based on machine-learning and analytics. If you go with rules, it can raise a lot of noise. Securonix, with its UEBA capability, had the best analytics use-cases."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"The most valuable feature is being able to look at users' behavioral profiles to see what they typically access. One of the key events that we monitor is people's downloading of objects... It's very easy to see people's patterns, what they typically do."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"The most valuable feature is the reporting."
"The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms."
"We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before."
"It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."
"SolarWinds is effective for server, network, and log monitoring. It's also good for IP address management. We also have a patch manager, but we're still working on getting that operational."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"Sometimes, the injectors lag and are not loading. It would be nice if that could be improved."
"The technical support of the solution is an area with shortcomings and needs improvement."
"It could be improved a little bit more for admin users. There should be more administrative options related to security for admin users. For example, for forensic purposes, the admin should be able to stop a specific user from erasing some information. I would be helpful in certain situations, such as during an internal fraud."
"We would like to see better integration with other products."
"We would like a little more face-to-face training. Securonix has several tutorials on its website, but we want there to be a person in Colombia who does training or workshops to give us a better understanding of the platform."
"The analytics-driven approach for finding sophisticated threats and reducing false positives is positive and good, but the platform requires a more dynamic concept. Everything is a bit static."
"Securonix could open up information regarding the indicators of compromise or cyber-threat intelligence database that they use. The idea is that they share what threats they are detecting."
"When they did upgrades or applied patches, sometimes, there was downtime, which required the backfill of data. There were times when we had to reach out and get a lot of things validated."
"The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"There is no correlation made between log entries, so no threat information is presented."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"The company had to use a third party for the implementation of the solution."
"We'd like more customization capabilities."
"The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment."
"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."
More SolarWinds Security Event Manager Pricing and Cost Advice →
Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while SolarWinds Security Event Manager is ranked 20th in Security Information and Event Management (SIEM) with 24 reviews. Securonix Next-Gen SIEM is rated 8.6, while SolarWinds Security Event Manager is rated 7.8. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Exabeam Fusion SIEM and Seceon Open Threat Management Platform, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Wazuh and Microsoft Defender XDR. See our Securonix Next-Gen SIEM vs. SolarWinds Security Event Manager report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
