I work as the Head of Security Administration for a financial services firm with 10,000+ employees.
We are currently researching Exabeam, IBM Radar, and Securonix UEBA. What are the biggest differences between the three? Which would you recommend?
Thanks! I appreciate the help.
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information ingested) but with a firm on 10k+ I wouldn't be so sure that this means a better price. The total cost of ownership would be more linear though. On the other hand QRadar is by far a better SIEM solution and if your use-cases lean towards that, then I would suggest looking towards Qradar. Qradar does have a steeper learning curve but that's purely because of the richer feature set, it just takes more time to take it all in.
All three security solutions are defined and different smartness they hold it all depends on how is your requirement.
Securonix UEBA is a Hadoop bases UEBA technology tool the tools understand the infrastructure and users and then work accordingly. (Wide Customer industry support) (Average cost)
IBM QRadar is a SIEM with all in the composite tool can bring in UEBA and other security solution. (Wide Customer industry support) (Average cost)
Exabeam is a mathematical bases security solutioning tool, it learns infra and then provides a solution, it's a bit noisy in some instances. (Medium Customer industry support) (Costly)
If you tell us what exactly you require or how id your infra set up, then it would good to suggest a tool.