We performed a comparison between Securonix Next-Gen SIEM and Wazuh based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Securonix Next-Gen SIEM offers multiple advanced features, such as Spotter, for in-depth search and analysis and extensive customization options. Wazuh stands out for its effortless integration, excellent log monitoring capabilities, and ELK-based investigation. Securonix users highlighted the need for greater flexibility in modifying reports and templates and improved analytics and visualization. Wazuh needs improvements in event source coverage, threat intelligence integration, and real-time monitoring of Unix systems.
Service and Support: Securonix has been praised for its effective support and timely problem resolution. Wazuh's customer service is generally deemed satisfactory, and many customers noted that they could easily find answers from community forums.
Ease of Deployment: Some users found the Securonix Next-Gen SIEM setup to be straightforward, but others found it complex. Some users said that Wazuh’s setup is easy and fast, while others perceived it as complicated and said it required a significant amount of time.
Pricing: Securonix Next-Gen SIEM is competitively priced and more affordable than many SIEM solutions. Wazuh is a cost-effective option as it is open-source and completely free to acquire.
ROI: Users say Securonix Next-Gen SIEM offers a significant return on investment by streamlining infrastructure management and enhancing overall efficiency. Wazuh's MSP program and partnerships offer opportunities to generate revenue from the platform.
"Its console is very easy to use and configure. It is very intuitive for our use cases. App integrations are also pretty nice."
"[The solution has] incident-management or case-management functionality. If someone were to download a high number and we decided we needed to investigate it, I could open a case right in the tool. It would be able to directly reference the data that they downloaded and we could open and shut the case directly in the tool, as well as report from it."
"Risk scoring was nice. We could exactly see which user had the highest risk score, and then we could pick it up and work on it."
"One of the most valuable features it has is the thread chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before."
"The feature that is most valuable is the fact that it's an open platform, so it allows us to modify policies and tune policies as needed. There's also a feature called Data Insights which allows us to create different dashboards on specific things of interest for us."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"SNYPR has a bundle of features. It has the UEBA feature that tells you about the behavior of a person or entity. In the tool itself, there is an incident management feature, which is definitely valuable."
"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"Wazuh is simple to use for PCI compliance."
"If they support a solution, it is easy to do an integration."
"The main thing I like about it is that it has an EDR."
"The deployment is easy and they provide very good documentation."
"I like that the solution is on top of the Kubernetes stack."
"Its cost-effectiveness is the most valuable aspect."
"Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized and they've been working with us to help improve things."
"One aspect that could be improved is the pricing of the product in Brazil."
"A helpful feature would be an event export. A way to create more substantial summary reports would be nice."
"We would like a little more face-to-face training. Securonix has several tutorials on its website, but we want there to be a person in Colombia who does training or workshops to give us a better understanding of the platform."
"We would like to see better integration with other products."
"Securonix could open up information regarding the indicators of compromise or cyber-threat intelligence database that they use. The idea is that they share what threats they are detecting."
"There is room for improvement in the product's integration with ServiceNow and in the reporting features."
"The technical support of the solution is an area with shortcomings and needs improvement."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"The tool does not provide CTI to monitor darknet."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for custom integrations would be beneficial."
"While it is scalable, it can suffer from reduced latencies."
"Since it's an open-source tool, scalability is the main issue."
"A lack of certain features creates limitations."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. Securonix Next-Gen SIEM is rated 8.6, while Wazuh is rated 7.4. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, LogRhythm SIEM and Exabeam Fusion SIEM, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Graylog. See our Securonix Next-Gen SIEM vs. Wazuh report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.