We performed a comparison between Securonix Next-Gen SIEM and Varonis Datalert based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The UI-based analytics are excellent."
"The connectivity and analytics are great."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The UI of Sentinel is very good and easy to use, even for beginners."
"One of the most valuable features it has is the thread chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before."
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"When we were looking for products for our security monitoring needs, our biggest requirement was that we wanted something based on machine-learning and analytics. If you go with rules, it can raise a lot of noise. Securonix, with its UEBA capability, had the best analytics use-cases."
"What I like most is that the threat models and risk scoring are very accurate and very helpful to the analysts on my team. They help highlight the most important things for them to look at."
"The solution is stable and scalable."
"The second feature is that within the SNYPR product there is a functionality called Spotter. We use that for link analysis diagrams and to run the stats command. That's extremely useful because it replaces a tedious, manual process we used to use, using Microsoft Excel and a couple of other methods, to bring data together."
"The solution has proven to be stable so far...The solution is easy to scale up."
"I rate the technical support a nine out of ten. They're friendly. Whenever we have a P1 issue, we write an email and our issue is resolved in one or two hours."
"The telemetry to capture everything and the reports are very easy to configure without having a developer degree."
"On the Varonis side, technical support is phenomenal. Their ability to explain is very good, and they seem to be very knowledgeable. When I get an alert that doesn't quite make sense, they dive in there and kind of take me through it. That's very useful and very good. There are some false alerts, but it is better to have a false alert than no alert at all."
"It can easily identify unusual behavior or access patterns that may pose a potential threat, while operating as a unified reporting system."
"That alerting and reporting service is great."
"The 24/7 support is the most valuable feature. They have been able to answer support questions pretty quickly."
"The analytics would have to be our most valuable feature."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"I think the number one area of improvement for Sentinel would be the cost."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"The troubleshooting has room for improvement."
"It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process."
"The pricing. I'm not sure how they are proceeding with the identity based pricing compared with DB pricing which most of the vendors are using today."
"Parsing needs to be improved. Every time we integrate a new, specific data source, we face a lot of problems in parsing, even for the old data source."
"There is slight room for improvement in terms of the initial deployment. What I see is that Securonix is more focused on their product. They are expanding, in a big way, the number of customers. So there has to be a number of dedicated teams to jump on and speed up the deployment process."
"We have a lot of users who, because they're engineers and they're bringing down product data - where, at times, a top-level product could be 10,000 or 15,000 objects - it's difficult for us to determine what should be a concern and what shouldn't be a concern. We work with the Securonix folks to try to come up with better ways to identify that."
"When they did upgrades or applied patches, sometimes, there was downtime, which required the backfill of data. There were times when we had to reach out and get a lot of things validated."
"Securonix could open up information regarding the indicators of compromise or cyber-threat intelligence database that they use. The idea is that they share what threats they are detecting."
"The technical support of the solution is an area with shortcomings and needs improvement."
"It is significantly complex."
"I would like it to have cloud integration."
"For unstructured data monitoring, it's one of the top ones, if not the top one, due to its usability."
"I'd like to see automatic updates for this solution. Currently, it's a manual process to update all the keywords"
"The GUI should be more functional. There should be a process for connecting through Chrome, Internet Explorer, etc."
"We have Microsoft Office 365. I just saw an article today which says that they're actually getting integrated with Microsoft Office 365, which would be a useful feature. For user-based reports, log on activity, and stuff like that, it doesn't seem to really be present like Log360. That could just be my inexperience with it. I've been dealing with it for only about two and a half months."
Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while Varonis Datalert is ranked 8th in User Entity Behavior Analytics (UEBA) with 6 reviews. Securonix Next-Gen SIEM is rated 8.6, while Varonis Datalert is rated 8.6. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of Varonis Datalert writes "Offers the ability to identify sensitive areas, allowing you to drill down into the sensitive data". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Exabeam Fusion SIEM and Gurucul UEBA, whereas Varonis Datalert is most compared with Splunk User Behavior Analytics, Microsoft Defender for Identity, Exabeam Fusion SIEM, Rapid7 InsightIDR and Rapid7 InsightVM.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.