Securonix Next-Gen SIEM Reviews

Name: Securonix Next-Gen SIEM
Brand: Securonix Solutions
Rating: 4 (27 reviews)

4.3 out of 5

27 reviews
96% willing to recommend

1,858 followers

What is Securonix Next-Gen SIEM?

Securonix Next-Gen SIEM is a security information and event management solution designed to provide advanced threat detection, response, and compliance capabilities. It leverages machine learning and big data analytics to offer a comprehensive security platform for modern enterprises.

Get the Securonix Next-Gen SIEM Buyer's Guide and find out what your peers are saying about Securonix Next-Gen SIEM, Splunk Enterprise Security, Wazuh and more!

Securonix Next-Gen SIEM is the #5 ranked solution in top Identity Threat Detection and Response (ITDR) solutions and #6 ranked solution in top Security Information and Event Management (SIEM) solutions. PeerSpot users give Securonix Next-Gen SIEM an average rating of 8.6 out of 10. Securonix Next-Gen SIEM is most commonly compared to Splunk Enterprise Security: Securonix Next-Gen SIEM vs Splunk Enterprise Security. Securonix Next-Gen SIEM is popular among the large enterprise segment, accounting for 60% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 20% of all views.

Buyer's Guide

Securonix Next-Gen SIEM

June 2024

Get the report

Helped 793,295 peers since 2012

Featured reviews

Ibrahim Albalawi

SOC Leader at a tech consulting company with 51-200 employees

The incident response area should be improved. It is more difficult than other products, but overall, it is good. The platform has a lot of options and functionality. So, you need to check almost everything. For new engineers or people who don’t have much experience with this kind of platform, it is a bit difficult, but for experienced engineers, it is not that difficult. When you have been doing a lot of work for about one or two hours, and you have a lot of tabs open, it slows down or gets stuck. There is a delay of 10 to 15 seconds in opening tabs or dashboards. I don't know why this happens, but for me, it is not a big issue. I just wait, and that's all.

Read full review

RajivSingh

Sr.Vice President & Head - Global Cybersecurity Business at Tech Mahindra Limited

The initial setup is easy. I don't see that as a challenge. All the features are user-friendly, and anyone with basic training should be able to install and get it started. Generally, government clients or large enterprises prefer the product on-premises. Around 20 to 30% of our clients prefer to have it on the cloud. Most of our clients have installed it on-premises because they are very large companies. Fortune 500 companies would prefer to have it in their own environment and not on the cloud. However, Fortune 2000 or Fortune 5000 companies would be more interested in a cloud environment.

Read full review

Rafael-Barrios

Cybersecurity SE at HP

When we have an endpoint threat, we have to move very quickly. We detect it through another tool that is associated with Securonix, and automatically the endpoint is isolated from the network. We also get some information for investigation and forensics allowing us to understand the type of threat. We get to know whether it is related to the endpoint or user behavior. We can get information on web-application firewalls and other solutions connected to Securonix, which allows us to understand the depth of the threat for a specific use case. It provides actionable intelligence on threats related to our use case. After the alerts, we can isolate the endpoints and make some modifications. We can also do some searches about the related IP on the internet and intelligence platforms. That's very nice. This actionable intelligence is pretty important. When we integrate different platforms, Securonix provides a lot of visibility and allows us to see the whole environment, not just a part. I have been working mostly on the endpoint side, but other people who are working on wider use cases can see all the dashboards and improve the security posture with Securonix. Its analytics-driven approach to finding sophisticated threats and reducing false positives is very important. With other similar tools, we have to work a lot to reduce or manage false positives. We have to improve the rules and integrations because there are a lot of false positives. With Securonix, we have fewer false positives, and there is also automatic recognition for false positives allowing us to move very quickly. It adds contextual information related to the use cases. My use case is very specific, but my partners and other teams get a lot of contextual information related to the whole company. It provides a lot of analytics related to a threat in terms of user behavior, environment, and target applications, such as databases, which is very important. It has saved a lot of investigation time. As compared to other solutions, it has saved more than 50% time. It has improved the threat detection response and reduced noise from false positives as compared to our previous SIEM solutions. The improvement in the response time is dependent on the scenario, but generally, it is about 40% more effective. When it comes to false positives, it is about 60% more effective. It has been helpful in detecting advanced threats faster and lowering response times, but I don't have the metrics.

Read full review

Securonix Next-Gen SIEM mindshare

Product category:

As of July 2024, the mindshare of Securonix Next-Gen SIEM in the Security Information and Event Management (SIEM) category stands at 1.5%, down from 1.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Key learnings from peers

Last updated Jun 4, 2024

Valuable Features

Securonix Next-Gen SIEM is highly valued by users on PeerSpot for its advanced features and capabilities in threat detection and response. Users appreciate the algorithms that help in detecting complex threats and minimizing false positives. The ability to analyze behavior patterns of users and entities to identify insider threats and anomalies is frequently noted as a significant advantage (referring to UEBA analytics). Built on Hadoop, the solution's scalability is a critical feature, allowing it to manage large datasets efficiently. Users also mention the automation capabilities,

autonomous threat sweeper, ease of searching with the Spotter tool, and integration of all types of data sources.

"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"The scalability is one of the remarkable qualities of this product, which makes it very effective, especially when we are dealing with substantial data volumes in the cloud."
"The solution has proven to be stable so far...The solution is easy to scale up."

Room for Improvement

Users have identified several areas for improvement and request better visualization of log sources and loss of logs, a more dynamic concept for threat detection reports with more context, faster generation of Spotter reports, and regular updates for parsing and geographical location accuracy. Additional significant issue is the complex deployment and configuration process, which can be time-consuming and requires a high level of expertise.

"Regarding the analysis of security events on the SOC side, Securonix Next-Gen SIEM needs to improve its automation capabilities."
"One aspect that could be improved is the pricing of the product in Brazil."
"The technical support of the solution is an area with shortcomings and needs improvement."

ROI

Users have experienced a positive return on investment (ROI) using Securonix Next-Gen SIEM. ROI is visible in terms of metrics obtained from Securonix and the ability to sell its services. The biggest ROI is in the time and manpower saved, with one engineer with expertise being enough to speed up investigations and free up other administrators.

It takes a month for the benefits of the solution to be realized. Users have been able to prevent multiple threats and improve analysts' efficiency by using the contextual information provided by Securonix, resulting in a time savings of about 30%.

Securonix Next-Gen SIEM has become the go-to tool for checking and verifying issues, saving around four to five hours a day. The cloud-native platform of Securonix has minimized the need for infrastructure management, reducing the manpower required. It has also added contextual information to security events, saving significant time compared to using a generic system.

Pricing

Securonix Next-Gen SIEM's pricing is considered good, affordable, and competitive compared to other brands in the market.

Some reviewers mentioned that the licensing can become more complex when adding more features while still maintaining that the pricing remains reasonable. There are no additional costs outside of the standard licensing fees, except for an initial installation service charge.

Securonix's pricing is pretty good compared to other products like IBM and Splunk, offering clients the opportunity to implement a solution at half the price of other companies. The pricing may vary depending on the model chosen, such as an MSP or a single tenant.

"I rate the pricing an eight on a scale of one to ten, where one is cheap, and ten is very expensive. It is a pretty expensive tool."
"Compared to other known brands in the industry, the overall cost of the licenses is a bit higher than what customers expect."
"The pricing is good, but by adding more things, the licensing becomes more complex because an EPS license fluctuates a lot. This licensing concept is going to be problematic in the long run."

Popular Use Cases

Securonix Next-Gen SIEM's primary use case is for event correlation in cyber SOC services. It is used for security event correlation, behavior-based analysis, and monitoring attempted malware attacks. It is also used for monitoring firewalls, operating systems, active directories, and solutions in the cloud. The deployment of Securonix is on the cloud, with integration with platforms such as Microsoft Azure, Amazon, and the Google Cloud Platform. Additionally, it is used for user-behavior analytics, data loss prevention, and data acceleration. Customization of the platform is done to benefit the organization's specific needs, such as failed access attempts, network issues, and allowed/blocked activities.

Deployment

The initial setup for Securonix Next-Gen SIEM was generally described as simple and straightforward. The implementation process involved following an interactive manual provided by Securonix and onboarding the necessary sources, which was not considered a complicated task.

The number of employees required for the implementation varied but generally ranged from three to five individuals. Securonix provided guided training and assistance to address any queries or issues during the implementation.

Scalability

Securonix Next-Gen SIEM is highly scalable and flexible. It offers unlimited scalability in a cloud environment, allowing for easy integration of larger data sources without any difficulties.

The solution can increase its capacity and processing level as needed, making it suitable for taking on new clients. It can seamlessly handle the integration of multiple log sources with the available connectors, and if a connector is not available, integration is not possible, which is a common limitation for all SIEM tools.

The solution also allows for easy scaling by increasing the EPS or allocating more resources to the RIN server, especially in cloud environments. It is considered an excellent option for scalability both for internal users and clients.

Stability

Securonix Next-Gen SIEM is praised for its ability to detect configuration mistakes and its value in providing analytics. While there have been occasional instances of instability or slowdown, they are not frequent or significant. The solution has undergone improvements over time, enhancing its stability and functionality.

There's general confidence in the reliability and dependability of Securonix, and the support provided by the vendor has been prompt and effective in resolving any issues.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Securonix Next-Gen SIEM Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

20%

Financial Services Firm

12%

Government

Manufacturing Company

Educational Organization

Energy/Utilities Company

University

Construction Company

Real Estate/Law Firm

Healthcare Company

Retailer

Insurance Company

Legal Firm

Hospitality Company

Media Company

Transportation Company

Comms Service Provider

Non Profit

Logistics Company

Wholesaler/Distributor

Performing Arts

Outsourcing Company

Pharma/Biotech Company

Recreational Facilities/Services Company

Consumer Goods Company

Renewables & Environment Company

Compare Securonix Next-Gen SIEM with alternative products

Learn more about Securonix Next-Gen SIEM

Securonix Next-Gen SIEM utilizes advanced analytics and machine learning to detect complex threats that traditional SIEM solutions might miss. Its architecture is built on Hadoop, enabling scalability and the processing of large volumes of data in real-time. This allows organizations to gain deep insights into security incidents, prioritize threats, and automate response actions. The solution also includes behavior analytics to detect insider threats and unknown attacks, integrating seamlessly with existing IT infrastructure.

What are the critical features of Securonix Next-Gen SIEM?

Advanced Threat Detection: Uses machine learning algorithms to identify sophisticated threats and reduce false positives.
Behavior Analytics: Analyzes user and entity behavior to detect insider threats and anomalies.
Scalable Architecture: Built on Hadoop, it scales to handle large data volumes, providing real-time analytics.
Automated Response: Automates incident response to mitigate threats quickly and efficiently.
Integration Capabilities: Easily integrates with various IT and security tools for comprehensive coverage.

What is the ROI expectations?

Improved Threat Detection: Enhanced ability to detect and respond to advanced threats, reducing risk.
Operational Efficiency: Automation of repetitive tasks allows security teams to focus on more critical activities.
Cost Savings: Scalability and efficient data processing reduce the need for additional hardware and resources.
Compliance Support: Helps in meeting regulatory compliance requirements through detailed reporting and monitoring.

Securonix Next-Gen SIEM is implemented across various industries, including finance, healthcare, and retail. Its flexibility and advanced analytics capabilities make it suitable for environments with complex security needs. In finance, it helps detect fraud, while in healthcare, it ensures patient data security. In retail, it protects against data breaches and payment fraud.

In summary, Securonix Next-Gen SIEM offers advanced threat detection, scalability, and integration capabilities, making it a robust solution for modern enterprises.

Securonix Next-Gen SIEM was previously known as Securonix Security Analytics.