• Home
  • Securonix Next-Gen SIEM vs. Splunk Enterprise Security

Securonix Next-Gen SIEM vs Splunk Enterprise Security comparison

Cancel
You must select at least 2 products to compare!
Securonix Solutions Logo
Securonix Next-Gen SIEM
Read 27 Securonix Next-Gen SIEM reviews
5,358 views|2,504 comparisons
96% willing to recommend
Splunk Logo
Splunk Enterprise Security
Read 246 Splunk Enterprise Security reviews
24,689 views|20,244 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Securonix Next-Gen SIEM vs. Splunk Enterprise Security
May 2024
Executive Summary
Updated on Sep 21, 2023

We compared Securonix Next-Gen SIEM and Splunk Enterprise Security across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:

  • Features: Securonix Next-Gen SIEM offers extensive customization options and multiple advanced features, such as Spotter, which enables in-depth search and analysis. Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality. 

  • Room for Improvement: Securonix users highlighted the need for greater flexibility in modifying reports and templates and improved analytics and visualization. Users say Splunk needs improvements in AI capabilities, user-friendliness, and analytics.

  • Service and Support: Securonix has been praised for its effective support and timely problem resolution. While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise.

  • Ease of Deployment: Some users found the Securonix Next-Gen SIEM setup to be straightforward, but others found it complex. Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators.

  • Pricing: Securonix Next-Gen SIEM is competitively priced and more affordable than many SIEM solutions. Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data.

  • ROI: Users say Securonix Next-Gen SIEM offers a significant return on investment by streamlining infrastructure management and enhancing overall efficiency. Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations.

Comparison Results: Users appreciate Securonix's smooth onboarding process, flexibility in features and patches, and ability to manage infrastructure. However, Securonix should improve its visualization and reporting flexibility. Splunk is praised for its interoperability and powerful search features, but users say that Splunk should work on its performance issues and offer more advanced AI capabilities. 

To learn more, read our detailed Securonix Next-Gen SIEM vs. Splunk Enterprise Security Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Rafael-Barrios
Researched Splunk Enterprise Security but chose Securonix Next-Gen SIEM: Reduces our investigation and response time, and it is very easy to use and integrate
When we have an endpoint threat, we have to move very quickly. We detect it through another tool that is associated with Securonix, and... Read more →
Yu Kuan
Monitors the network and provides easy visibility into problems
When we see a problem, Splunk Enterprise Security provides many details you can use to diagnose and determine what needs fixing.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The big data security analytics platform, structured and unstructured data analytics, and user and entity behavior analytics provided by the product are probably the best in the industry.""The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features.""The second feature is that within the SNYPR product there is a functionality called Spotter. We use that for link analysis diagrams and to run the stats command. That's extremely useful because it replaces a tedious, manual process we used to use, using Microsoft Excel and a couple of other methods, to bring data together.""The most valuable feature is that it works on user behavior and event rarities.""The machine-learning algorithms are the most valuable feature because they're able to identify the 'needle in the haystack.'""The solution is stable and scalable.""SNYPR has a bundle of features. It has the UEBA feature that tells you about the behavior of a person or entity. In the tool itself, there is an incident management feature, which is definitely valuable.""The most valuable feature is what Securonix calls enrichment. Securonix is very powerful because of all the data it can process and automatically enrich. The actionable intelligence it provides is one of its benefits, due to the processing capacity it has."

More Securonix Next-Gen SIEM Pros →

"You can run reports against multiple devices at the same time. You are able to troubleshoot a single application on a thousand servers. You can do this with a single query, since it is very easy to do.""The ability to rapidly diagnose problems in production and non-production, across hundreds of log files, is the most valuable feature.""They are a good partner for Google Cloud. It provides great visibility, threat detection, and proactive mitigation of risks for our mutual consumers.""It allows us to digest the information, the data, the different data streams, so we can make decisions based upon information that we receive, and it is pretty robust.""It gives me notifications of notable events.""I have also been able to take advantage of some of the more complex statistical capabilities when analyzing logs.""From my experience, the visual aid that it provides is most valuable. There are charts and other means to provide information.""It provides logs in one place, so they are easy to find. It collects the logs from multiple places, then you have just one place where you see the whole flow from the front-end to the back-end."

More Splunk Enterprise Security Pros →

Cons
"It could be improved a little bit more for admin users. There should be more administrative options related to security for admin users. For example, for forensic purposes, the admin should be able to stop a specific user from erasing some information. I would be helpful in certain situations, such as during an internal fraud.""The incident response area should be improved.""It seems to me that within Securonix there is no option for completely visualizing the types of sources or if there is any loss of logs. I've heard that they have an additional module to validate those types of cases, but in terms of the platform itself only, I can only see how often it sends data but not any specific detail.""Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized and they've been working with us to help improve things.""Securonix could open up information regarding the indicators of compromise or cyber-threat intelligence database that they use. The idea is that they share what threats they are detecting.""It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process.""When they did upgrades or applied patches, sometimes, there was downtime, which required the backfill of data. There were times when we had to reach out and get a lot of things validated.""One of the things they can improve on a little bit is the usability side, to make some things simpler... The tool does have a lot of knobs, you can turn a lot of things on and off and you can change things. Sometimes, it can become a little overwhelming. They should remove some confirmation options and make it simpler for the less mature customers and people who are still trying to grasp it."

More Securonix Next-Gen SIEM Cons →

"I would like to see an updated dashboard. The dashboard is a little out-of-date. It could be made prettier.""Delays in responses from the technical team can pose challenges for both vendors and clients, especially considering that Splunk applications and machine solutions are critical assets.""It needs more formatting control without having to be an admin.""The complexity could be worked on so that it's even easier and faster.""It needs integration with a configuration management solution.""Splunk does not provide any default threat intelligence like Microsoft Sentinel, but you can integrate any third-party threat intelligence with Splunk. By default, no threat intelligence suite is there, whereas, with IBM QRadar or Microsoft Sentinel, the default feature of threat intelligence is there. It is free. If Splunk can provide a default threat intelligence suite, it would be better.""Make it easy to use and the cost cheaper. This will help all organisations to implement Splunk.""Some of the terminology can be confusing, even for seasoned vets. Renaming components at this point would be a serious undertaking. However, it might be beneficial in the long run."

More Splunk Enterprise Security Cons →

Pricing and Cost Advice
  • "We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service."
  • "A good thing about Securonix is that they don't charge by volume of data or number of devices... They charge by the number of employees, which is a much more predictable number for me, versus data. Our costs are in the $100,000 range over a three-year subscription."
  • "We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000."
  • "We went in on a three-year agreement which has an annual licensing fee, based upon the number of people that we're monitoring. There have not been any additional costs to the standard licensing fees."
  • "I had heard that it was much cheaper than Splunk and some of the other tools, and they gave us a nice package with support. They accommodated the number of users and support very well."
  • "Its pricing is quite similar to others and is very competitive. The other solutions have different types of licensing, but when you do the math, it is competitive."
  • "Its price is fine. We found it to be cheaper than LogRhythm, Exabeam, Splunk, as well as Elastic Security. A few months ago, when we were comparing Securonix with Elastic Security, we found Securonix to be cheaper than Elasticsearch. We were pretty surprised that Elastic Security is more expensive than Securonix because Elasticsearch is just starting, and it cannot compete with Securonix at this time. So, the pricing of Securonix is pretty good for now."
  • "The pricing is fine compared to the market but I think that at some point the competitors will catch up on price."

    • More Securonix Next-Gen SIEM Pricing and Cost Advice →

  • "Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
  • "Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
  • "It is not cheap."
  • "Splunk Enterprise becomes extremely expensive after the 20GB/month license."
  • "You will eat up whatever you purchase quickly. The level of insights that Splunk empowers is addictive."
  • "Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price."
  • "Pricing is pretty fair."
  • "While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."

    • More Splunk Enterprise Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    Which is the best SIEM tool for a mid-sized financial services firm: Arcs...
    Top Answer:In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to… more »
    Read all 11 answers   →
    What do you like most about Securonix Security Analytics?
    Top Answer:We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible.
    Read all 17 answers   →
    What is your experience regarding pricing and costs for Securonix Securit...
    Top Answer:The pricing is fine compared to the market but I think that at some point the competitors will catch up on price. It would be good if, for example, there were an option to offer customers who have… more »
    Read all 10 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we… more »
    Read all 2 answers   →
    Ranking
    7th
    out of 80 in Security Information and Event Management (SIEM)
    Views
    5,358
    Comparisons
    2,504
    Reviews
    14
    Average Words per Review
    1,113
    Rating
    9.0
    1st
    out of 80 in Security Information and Event Management (SIEM)
    Views
    24,689
    Comparisons
    20,244
    Reviews
    69
    Average Words per Review
    930
    Rating
    8.4
    Comparisons
    Also Known As
    Securonix Security Analytics
    Learn More
    Securonix Solutions
    Splunk
    Overview

    Securonix Security Analytics SNYPR is a next-generation security analytics platform that transforms big data into actionable security intelligence, enabling you to take care of so much more than simply your SIEM (security information and event management) needs. In addition, it contains all of the tools that you may need to enable your organization to successfully handle both log management as well as UEBA (user and entity behavior analytics)-related tasks. The SNYPR management platform gives users the ability to combine security orchestration, automation, and response, security information and event management, network traffic analysis, and user and entity behavior analytics. This single technical environment does away with your need for multiple security, management, and analytics solutions.

    Securonix Security Analytics SNYPR’s unified platform can be scaled up to handle up to one million security events every second. While this load may seem heavy, SNYPR handles it with ease. It is able to reduce incidents of false security positives by 60%. The access certification workload that IT administrators and managers need to deal with can be reduced by as much as 90%.

    The model that this platform uses is based on a machine learning algorithm. This model gives Securonix Security Analytics’s SNYPR platform a number of extremely valuable capabilities. The platform gathers many different types of data and applies what it learns to threats as they arise. The system assigns threats risk values to determine where the areas of highest need are. Machine learning also allows you to respond to slow acting threats by using historical data to inform your response.

    All of the data that the system gathers is stitched together and used to create a complete picture of the risks that the system faces. Any blind spots that may exist are exposed by the collaborative UI that compiles the system data in a single location. This also increases your ability to monitor advanced application threats. 

    Key Features

    Some of Securonix Security Analytics’s SNYPR platform’s key features include:

    • The ability to enrich all data that the SNYPR platform collects. When SNYPR gathers information, it applies relevant data which can be used in the future to gauge whether or not a particular event is a threat.
    • The ability for data redundancy to automatically take place. All of the data that is gathered, analyzed, and processed by SNYPR is automatically copied and distributed across the system. If there is a failure in any particular part of the system, the information will still be preserved.
    • The ability to track historical issues and use that information to help deal with current threats. The SPOTTER feature allows analysts to look back at both old data and the contextual information that is attached to it. They can then use that data to inform their responses to similar threats that they are currently dealing with.

    Reviews from Real Users

    Securonix Security Analytics SNYPR platform stands out among its competitors for a number of reasons. Two major ones are its ability to significantly reduce the number of false positives that administrators have to deal with and the way that it incorporates contextual information into security events to reduce the time spent finding solutions to problems that arise.

    Peerspot users note the effectiveness of these features. One user wrote, “Securonix’s analytics-driven approach for helping to find sophisticated threats and reduce false positives is pretty good. We are allowed to fine-tune according to our requirements and our clients' requirements, which does reduce false positives. In the last 24 hours, the total number of policies with triggers was 233. When I started with this product, the false positives were 561. Therefore, the solution has helped by tuning or reducing false positives.”

    Another user noted, “The way that a Securonix is able to put a lot of the contextual information into the events is very helpful. That has reduced the amount of time required for investigating, ‘Hey, this might be something I need to look at,’ and then doing further research. It puts all of those violations in one event or case, so that you can look at different types of violations that all correlate. That has reduced the amount of time for researching some of those cases. It's dependent upon the scenario, but in some cases it could save an hour of going out and doing a bunch of individual searches.”

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Sample Customers
    Dtex Systems Pfizer Western Union Harris ITG
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company22%
    Pharma/Biotech Company11%
    Insurance Company11%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm12%
    Government8%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company19%
    Financial Services Firm14%
    Government9%
    Energy/Utilities Company8%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government9%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business22%
    Midsize Enterprise19%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise15%
    Large Enterprise61%
    REVIEWERS
    Small Business31%
    Midsize Enterprise12%
    Large Enterprise58%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Buyer's Guide
    Securonix Next-Gen SIEM vs. Splunk Enterprise Security
    May 2024
    Free Report: Securonix Next-Gen SIEM vs. Splunk Enterprise Security
    Find out what your peers are saying about Securonix Next-Gen SIEM vs. Splunk Enterprise Security and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 246 reviews. Securonix Next-Gen SIEM is rated 8.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Microsoft Sentinel, LogRhythm SIEM, Sumo Logic Security and Exabeam Fusion SIEM, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel. See our Securonix Next-Gen SIEM vs. Splunk Enterprise Security report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.