We performed a comparison between Securonix Next-Gen SIEM and WSO2 Identity Server based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Sentinel pricing is good"
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"The most valuable feature is that it works on user behavior and event rarities."
"One of the most valuable features is the integration of all types of data sources to extract relevant information regarding events. It is a good solution when it comes to the correlations that it makes within all the data handled in our company."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"The user interface is easy to learn and navigate."
"SNYPR has a bundle of features. It has the UEBA feature that tells you about the behavior of a person or entity. In the tool itself, there is an incident management feature, which is definitely valuable."
"I was looking for software as a service rather than having issues with managing hardware, upgrades, updates. I was trying to step away from that. Those were the key factors when looking at Securonix as a full-feature SIEM with next-generation capabilities available."
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"The product provides easy integration between API manager and IT server components."
"Comprehensive ecosystem."
"The single sign-on procedure itself, as well as the ability to connect to external user sources such as Microsoft Active Directory and LDAP servers, are the solution's most valuable features."
"I would rate the solution's stability eight or nine out of ten."
"Some of the valuable features of the solution are the easy integration with processes, such as Single Sign-On. Overall WSO2 is straightforward and does not need customization."
"It's very easy to implement everything."
"The keystore feature has been most valuable for us."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"We'd like to see more connectors."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"There is room for improvement in entity behavior and the integration site."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"We would like a little more face-to-face training. Securonix has several tutorials on its website, but we want there to be a person in Colombia who does training or workshops to give us a better understanding of the platform."
"We would like to see better integration with other products."
"A helpful feature would be an event export. A way to create more substantial summary reports would be nice."
"Parsing needs to be improved. Every time we integrate a new, specific data source, we face a lot of problems in parsing, even for the old data source."
"Securonix could open up information regarding the indicators of compromise or cyber-threat intelligence database that they use. The idea is that they share what threats they are detecting."
"One of the things they can improve on a little bit is the usability side, to make some things simpler... The tool does have a lot of knobs, you can turn a lot of things on and off and you can change things. Sometimes, it can become a little overwhelming. They should remove some confirmation options and make it simpler for the less mature customers and people who are still trying to grasp it."
"Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized and they've been working with us to help improve things."
"The technical support of the solution is an area with shortcomings and needs improvement."
"Sometimes working with the code is difficult because I search for documentation about the code and how to work with the code, which is where I believe they should improve, by providing some documentation on how to work with the code."
"The solution could improve its development from a user perspective."
"This solution does not have BPM workflows already integrated, we had to integrate the BPM module externally. They do not provide full-featured auditing and certification modules out of the box."
"This solution requires extensive knowledge to be used effectively as certain areas of its use are not user friendly."
"I found the initial setup to be very complex."
"There needs to be a good support model and easy-to-understand documentation."
"The high availability architecture has to be improved."
Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while WSO2 Identity Server is ranked 6th in Customer Identity and Access Management (CIAM) with 7 reviews. Securonix Next-Gen SIEM is rated 8.6, while WSO2 Identity Server is rated 8.0. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of WSO2 Identity Server writes "Provides valuable API management features, but its technical documentation needs improvement". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Exabeam Fusion SIEM and Gurucul UEBA, whereas WSO2 Identity Server is most compared with Auth0, Amazon Cognito, SAP Identity Management, CyberArk Privileged Access Manager and F5 BIG-IP Access Policy Manager (APM).
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.