We performed a comparison between Securonix Next-Gen SIEM and Splunk User Behavior Analytics based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"SNYPR has a bundle of features. It has the UEBA feature that tells you about the behavior of a person or entity. In the tool itself, there is an incident management feature, which is definitely valuable."
"The feature that is most valuable is the fact that it's an open platform, so it allows us to modify policies and tune policies as needed. There's also a feature called Data Insights which allows us to create different dashboards on specific things of interest for us."
"The customizability of the tool is valuable. We are able to customize the use cases and create them easily without a large amount of Securonix assistance. It's very flexible. We do not have to rely on Professional Services to modify or create a new use case."
"One of the most valuable features it has is the thread chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before."
"The solution has proven to be stable so far...The solution is easy to scale up."
"[The solution has] incident-management or case-management functionality. If someone were to download a high number and we decided we needed to investigate it, I could open a case right in the tool. It would be able to directly reference the data that they downloaded and we could open and shut the case directly in the tool, as well as report from it."
"The solution is definitely scalable."
"It is a solution that helps test and measure customer satisfaction."
"The most valuable feature is the ability to search through a large amount of data."
"This intelligent user behavior analytics package is easy to configure and use while remaining feature filled."
"Because of some of the visualizations that we utilize, we are able to understand strange, unusual traffic on our networks."
"The most valuable features are its data aggregation and the ability to automatically identify a number of threats, then suggest recommended actions upon them."
"The most valuable features are the indexing and powerful search features."
"We are really pleased with Splunk and its features. It would be practically impossible to function without it. To provide a general overview of the system, it's important to note that the standard log files are currently around 250 gigabytes per day. It would be impossible to manually walk through these logs by hand, which is why automation is essential."
"We would like a little more face-to-face training. Securonix has several tutorials on its website, but we want there to be a person in Colombia who does training or workshops to give us a better understanding of the platform."
"Securonix could open up information regarding the indicators of compromise or cyber-threat intelligence database that they use. The idea is that they share what threats they are detecting."
"The analytics-driven approach for finding sophisticated threats and reducing false positives is positive and good, but the platform requires a more dynamic concept. Everything is a bit static."
"When they did upgrades or applied patches, sometimes, there was downtime, which required the backfill of data. There were times when we had to reach out and get a lot of things validated."
"We have a lot of users who, because they're engineers and they're bringing down product data - where, at times, a top-level product could be 10,000 or 15,000 objects - it's difficult for us to determine what should be a concern and what shouldn't be a concern. We work with the Securonix folks to try to come up with better ways to identify that."
"It seems to me that within Securonix there is no option for completely visualizing the types of sources or if there is any loss of logs. I've heard that they have an additional module to validate those types of cases, but in terms of the platform itself only, I can only see how often it sends data but not any specific detail."
"Parsing needs to be improved. Every time we integrate a new, specific data source, we face a lot of problems in parsing, even for the old data source."
"There is room for improvement in the product's integration with ServiceNow and in the reporting features."
"It would be good if the solution had an analytics tool that allowed us to analyze the data without writing specific queries."
"We want to have an automated system for bot hunting that enables us to detect anomalies predictively based on historical data. It would be helpful if Splunk included process mining as an alternative option. We have a threat workflow, but it would be useful if we could supplement that with some process mining capabilities over time."
"The correlation engine should have persistent and definable rules."
"We'd like the ability to do custom searches."
"I would like improved downward integration with other tools such as McAfee and other GCP solutions."
"The initial setup was complex because some of the configurations that we required needed customization."
"Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes."
"The price of Splunk UBA is too high."
More Splunk User Behavior Analytics Pricing and Cost Advice →
Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while Splunk User Behavior Analytics is ranked 2nd in User Entity Behavior Analytics (UEBA) with 18 reviews. Securonix Next-Gen SIEM is rated 8.6, while Splunk User Behavior Analytics is rated 8.2. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Easy to configure and easy to use solution that integrates with many applications and scripts ". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, LogRhythm SIEM and Sumo Logic Security, whereas Splunk User Behavior Analytics is most compared with Darktrace, Microsoft Defender for Identity, IBM Security QRadar, Cynet and Exabeam Fusion SIEM. See our Securonix Next-Gen SIEM vs. Splunk User Behavior Analytics report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.