We have actually used our company, which is a large one, and we are using multiple Securonix Next-Gen SIEM technologies. For the on-premises environment, we are using Securonix Next-Gen SIEM, and for cloud, we are using Sentinel.

We primarily use Securonix Next-Gen SIEM to detect policy violations, firewall detection, and other basic parts for the on-premises system, but we primarily focus on the cloud solution because cloud is the scope of our work and we are moving to cloud slowly.

We work with CrowdStrike, Securonix Next-Gen SIEM, and other cybersecurity products such as Gurucul. We are a service provider and partner of Securonix Next-Gen SIEM. We operate as a reseller of Securonix Next-Gen SIEM for their customers' cybersecurity as their primary defense mechanism.

We use Securonix for alert generation by feeding events from different data sources and creating policies. Based on policy violations, we manage alerts. It's essentially a SIEM system for what we do with Securonix.

We use Securonix Next-Gen SIEM as a SIEM, security incident and event management solution in our organization.

We use Securonix Next-Gen SIEM primarily for managed SOC, focusing on threat detection, baselining, and ensuring the maturity of our SOC security operations. 

It is integrated with threat intelligence and utilizes frameworks like MITRE ATT&CK and the Cyber Kill Chain. 

The solution helps in threat detection, especially with use cases like brute force attacks, port scans (both horizontal and vertical), other insider threat activities, Privileged access abuse, Ransomware detection and Data exfiltration prevention. We also customize and fine-tune these use cases based on our requirements.

I use this solution for security monitoring and user behavior analytics. Banks, governments, and the oil and gas sector utilize it.

We use it for user behavior analytics in a hospital. Consider patient health information. We use the product to understand where the information is, who's using it, who's accessing it, whether the access is authorized or unauthorized, and whether there is a possible risk of someone stealing that data. There are many such use cases.

Additionally, we can find who's accessing the data at a particular time in the hospital network. It is flagged as a potential risk if it is an unlikely behavior. When unauthorized access is made, an investigation is launched. There are similar use cases of Securonix that we built in hospitals in the US over the last six or seven years.

We use Securonix to monitor attempted malware attacks. It sends us alerts, so we can investigate suspicious entities. We'll refer it to the consent team, who will give their solution or comments. 

We have a server where all the data is stored. The Securonix people will take the data from that server, encrypt it, and send it back to the application. From there, we can work on the alert and monitor the data.

We are using it for monitoring firewalls, Windows operating systems, some Linux operating systems, active directories, and some of the solutions in the cloud such as Office.

In terms of deployment, everything is in the cloud. Our licenses are on the cloud. We don't deploy anything on premises except the RIN.

We use Securonix Next-Gen SIEM to provide managed security services. We have an MSSP delivery model using the Securonix asset platform tool that delivers the solution to multiple customers using their multi-tenant approach. It is a shared service delivery model, and we have close to five customers using the tool in our MSSP model.

Securonix or SNYPR is a UEBA tool. It has all the features. It can work as a traditional SIEM as well as do behavior-based analysis. 

In terms of deployment, it is on the cloud. It is hosted with Securonix. We are using it as a service, however i have worked on premise deployements as well.

We mostly use it for user-behavior analytics. It is used for all the behaviors related to users. In terms of the environment, there are multiple connections at different sites and locations, and there is also integration with other platforms. For some endpoint use cases, I have to do integrations with different customers who already have the platform.

Its deployment is hybrid. The cloud providers are Amazon and Google Cloud Platform.

We were using it for data loss prevention and data acceleration. We wanted a platform with a proper ticketing facility, and as and when we reviewed a user, we also needed a proper documentation setup. Securonix provided that. We were able to integrate playbooks and a lot of other modules so that we not only looked at a particular problem area but also at other factors. We didn't only want to look at exfiltration but also at any lateral movement inside the company by a user. We wanted to look at the outliers in a better way, not only in terms of a user's activity but also in relation to the peer activity to show that it is not a team; it is just a team member doing something wrong.

We most probably were using version 6.0.

From my experience, clients have been enjoying the product because it enables faster threat detection. We use it daily for hunting and developing strategies, which are much more extensive compared to the results from a traditional SIEM.

It is a good tool. My company uses it for all our SIEM projects. 

We mainly use Securonix for SIEM software architecture and for logs. We generate all the logs from different APIs and firewalls. We also have created other policies. Securonix is the primary tool we use to get everything done for our projects and architecture. We even use it for other solutions like AD.

Primarily, I work on violations and policies, not the backend. As an analyst, I work on SIEM.

The solution is deployed on a private cloud. It is deployed with Microsoft Azure.

Everyone has access to SIEM, but they don't have admin access. We mainly have three people and a team lead on the Azure Securonix team. I am the backup and work on the operational side of that team. Everyone has read-only access except the three team members. 

We are using it for Azure logins outside of US and Azure brute force use cases. We have use cases for our firewalls, like Palo Alto. These are use cases that we created ourselves. These are not the use cases out-of-the-box that Securonix provided us.

We have created correlation rules. When the condition matches, we get the alerts. We start analyzing the alerts and then create tickets for it in ServiceNow. We have also created dashboards in Securonix. If any breaches of data or unpredictable work is detected, it will show in the dashboard.

Our company does manage a stock of solutions for our customers. We use some tools like Splunk SIEM and some other technologies as well.

We use the solution for protection of engineering intellectual property. We currently look at engineering data in two systems, one a commercial system and one which is a homegrown system.

Our primary goal is insider trespass. We have also been using the product for account privilege misuse as well as intellectual property and data theft. Going into the cloud, we have expanded our scope to cloud applications. We never supported the cloud but now that we are using SaaS we've been able to cover cloud applications and cloud infrastructure. That use case is picking up a lot of speed. But, traditionally, it's been used for insider threat and account misuse.

I run the intellectual property protection shop for the company and our primary use case is to monitor for DLP.

My use cases relate to SIEM. 

We are a services company, so we provide services for our clients' companies.

It was supposed to be good for security to provide as a SOC-as-a-Service, however, it failed.

I work for Avalara. It's a tax technology company based in Seattle with offices all across the world: North Durham, California, Sao Paulo Brazil, Brighton UK, Pune India, and we are expanding right now.

We have a list of use cases, like brute force attacks. Our top executive team wanted to see — whenever we are under a serious attack — on their dashboard that the attack is happening, so that the corrective measures can be taken. That is the primary use case: to have that transparency for a number of security use cases like brute force, phishing, and others, and for our executives and our team to see that attack is happening so that we can counter-measure it and save our company from any data exposure or any security incident.

In our organization, we handle cybersecurity. As an IT services company, we are limited to setting up the security operations center in different forms for our customers' requirements.

We are in the business of setting up the security operation center for the customers and we also provide other stock services for many of the customers. We do have a lot of service offerings on our stock management platform.

We do MDR via cloud security and its monitoring services, so we are very familiar with the leading platforms in the market today like QRadar and Splunk. We use them in our environment today. I have been searching out the next-gen SIEM. Then I brought Securonix to my board. I came to learn that Securonix is leading in the innovative ideas and innovations on the SIEM platform side. Particularly because my role is a security practice in Veeam SM. If you evaluate the market trends you understand the products released into the market and how best to leverage that integration and make sure that there is no bounce back to the customer in these situations. That's why I started evaluating the Securonix in a typical lead evaluation.

We are not partnered, we have just done a couple of initial discussions with some of the folks here in India. We are still in the stage of evaluating these products, including Securonix.

I noticed that this is more on the open data platform when it comes to managing the locks from a different angle and for different assets. That's one area which is more interesting for us.

Compared to other competitors in the market, what I have seen is that their module is the UEBA, User and Entity Behavior Analytics, module. That is something different which they are offering today.

These are some of the differences I see. Additionally, is the pricing issue. They are moving from DB pricing to the identity-based pricing. But I'm still confused about that identity pricing. I still have to get more clarification from the products.

Our primary use case is monitoring attacks on our cloud environment.

We use it for information security.

Our primary use case is privileged-account monitoring. We wanted the ability to monitor what privileged accounts do, what time of day they typically log in, what machines they log in from, what type of configuration changes they make, etc.

We're using the SNYPR Cloud UEBA.

Data loss protection and account misuse are our primary use cases. We're utilizing it to help identify and correlate user behavior to identify potential data loss as well as to detect certain types of fraud.