We performed a comparison between Securonix Next-Gen SIEM and Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is that it works on user behavior and event rarities."
"The detection of threats and reduction of false positive alarms as compared to other solutions are valuable features. It has improved threat detection response and reduced a lot of noise from false positives as compared to our previous SIEM solutions."
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"The feature that I have found most valuable is their analytics platform where they have the open security data-link, which they introduced. This is typically different from the other vendors."
"The user interface is easy to learn and navigate."
"[The solution has] incident-management or case-management functionality. If someone were to download a high number and we decided we needed to investigate it, I could open a case right in the tool. It would be able to directly reference the data that they downloaded and we could open and shut the case directly in the tool, as well as report from it."
"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"The most valuable feature is being able to look at users' behavioral profiles to see what they typically access. One of the key events that we monitor is people's downloading of objects... It's very easy to see people's patterns, what they typically do."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"It makes everything easier by automating some tasks and growing with our needs."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"One of the most valuable features is the business intelligence engine. It's very important because it keeps track of everything that's happening and alerts us if something is different than expected. The first time I used it, I was shocked at how well it performed. Another valuable feature that I think makes this product worth the price you pay for it is that it connects to basically every system that provides some form of logging, and it's very easy to set up what triggers this."
"The tool is simple to use."
"Sometimes, the injectors lag and are not loading. It would be nice if that could be improved."
"It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process."
"There is room for improvement in the product's integration with ServiceNow and in the reporting features."
"The pricing. I'm not sure how they are proceeding with the identity based pricing compared with DB pricing which most of the vendors are using today."
"One of the things they can improve on a little bit is the usability side, to make some things simpler... The tool does have a lot of knobs, you can turn a lot of things on and off and you can change things. Sometimes, it can become a little overwhelming. They should remove some confirmation options and make it simpler for the less mature customers and people who are still trying to grasp it."
"It could be improved a little bit more for admin users. There should be more administrative options related to security for admin users. For example, for forensic purposes, the admin should be able to stop a specific user from erasing some information. I would be helpful in certain situations, such as during an internal fraud."
"A helpful feature would be an event export. A way to create more substantial summary reports would be nice."
"The incident response area should be improved."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"It is an ancient product."
"The solution does not allow outsourced authorizations."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
"I would like to see a better reporting work structure on the dashboard."
"There is no integration in the web-side of the tool."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"The dashboard and customer view should be improved"
Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while Sentinel is ranked 16th in Security Information and Event Management (SIEM) with 15 reviews. Securonix Next-Gen SIEM is rated 8.6, while Sentinel is rated 7.6. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of Sentinel writes "An automated solution that helped me detect threats in less than half the time it used to take". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, LogRhythm SIEM and Sumo Logic Security, whereas Sentinel is most compared with IBM Security QRadar, Splunk Enterprise Security, Google Chronicle Suite, Wazuh and Microsoft Sentinel. See our Securonix Next-Gen SIEM vs. Sentinel report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.