Securonix Security Analytics SNYPR is a next-generation security analytics platform that transforms big data into actionable security intelligence, enabling you to take care of so much more than simply your SIEM (security information and event management) needs. In addition, it contains all of the tools that you may need to enable your organization to successfully handle both log management as well as UEBA (user and entity behavior analytics)-related tasks. The SNYPR management platform gives users the ability to combine security orchestration, automation, and response, security information and event management, network traffic analysis, and user and entity behavior analytics. This single technical environment does away with your need for multiple security, management, and analytics solutions.
The most valuable features of Securonix Next-Gen SIEM are its:
- reporting capacity graphics
- UEBA analytics
- autonomous threat sweeper
- ease of searching with the Spotter tool
- integration of all types of data sources
- enrichment capability
- user interface
- policy violation feature
- user behavior and event rarity detection
- and threat-detection reduction.
Reviews also highlight the value of the solution's UEBA functionality, actionable intelligence, flexibility in customization, and analytics-driven approach. Also notable is the tool's ease of use, console configuration, app integrations, risk scoring, and customer-centric approach to accommodating requests and adding features.
Improvements needed include:
- better visualization of log sources and loss of logs
- a more dynamic concept for threat detection reports with more context
- additional face-to-face training options
- improved stability in data customization
- increased transparency regarding indicators of compromise and cyber-threat intelligence databases used
- resolving glitches with injectors
- faster generation of Spotter reports
- regular updates for parsing and geographical location accuracy
- enhancements to the incident response area for easier use by new engineers
- faster performance when multiple tabs are open
- more administrative options for security purposes
- minimizing downtime during upgrades or patches
- allowing customization of graphical reports
- automated changes to reports and visual views
- streamlining the onboarding process
- optimizing data ingestion functionality
Users have experienced a positive return on investment (ROI) using Securonix Next-Gen SIEM. ROI is visible in terms of metrics obtained from Securonix and the ability to sell its services. The biggest ROI is in the time and manpower saved, with one engineer with expertise being enough to speed up investigations and free up other administrators.
It takes a month for the benefits of the solution to be realized. Users have been able to prevent multiple threats and improve analysts' efficiency by using the contextual information provided by Securonix, resulting in a time savings of about 30%.
Securonix Next-Gen SIEM has become the go-to tool for checking and verifying issues, saving around four to five hours a day. The cloud-native platform of Securonix has minimized the need for infrastructure management, reducing the manpower required. It has also added contextual information to security events, saving significant time compared to using a generic system.
Securonix Next-Gen SIEM's pricing is considered good, affordable, and competitive compared to other brands in the market.
Some reviewers mentioned that the licensing can become more complex when adding more features while still maintaining that the pricing remains reasonable. There are no additional costs outside of the standard licensing fees, except for an initial installation service charge.
Securonix's pricing is pretty good compared to other products like IBM and Splunk, offering clients the opportunity to implement a solution at half the price of other companies. The pricing may vary depending on the model chosen, such as an MSP or a single tenant.
Securonix Next-Gen SIEM's primary use case is for event correlation in cyber SOC services. It is used for security event correlation, behavior-based analysis, and monitoring attempted malware attacks. It is also used for monitoring firewalls, operating systems, active directories, and solutions in the cloud. The deployment of Securonix is on the cloud, with integration with platforms such as Microsoft Azure, Amazon, and the Google Cloud Platform. Additionally, it is used for user-behavior analytics, data loss prevention, and data acceleration. Customization of the platform is done to benefit the organization's specific needs, such as failed access attempts, network issues, and allowed/blocked activities.
The initial setup for Securonix Next-Gen SIEM was generally described as simple and straightforward. The implementation process involved following an interactive manual provided by Securonix and onboarding the necessary sources, which was not considered a complicated task.
The number of employees required for the implementation varied but generally ranged from three to five individuals. Securonix provided guided training and assistance to address any queries or issues during the implementation. Maintenance responsibilities were primarily managed by Securonix, with minimal involvement required from the users.
The cloud-native platform of Securonix was highlighted as a valuable feature, as it helped minimize infrastructure management and allowed for easy platform management from anywhere. The involvement of Securonix's team during the implementation process was appreciated, with their continuous support and updates being mentioned. The duration of the implementation varied, ranging from three weeks to four months, depending on the specific circumstances.
Securonix Next-Gen SIEM is highly scalable and flexible. It offers unlimited scalability in a cloud environment, allowing for easy integration of larger data sources without any difficulties.
The solution can increase its capacity and processing level as needed, making it suitable for taking on new clients. It can seamlessly handle the integration of multiple log sources with the available connectors, and if a connector is not available, integration is not possible, which is a common limitation for all SIEM tools.
The solution also allows for easy scaling by increasing the EPS or allocating more resources to the RIN server, especially in cloud environments. It is considered an excellent option for scalability both for internal users and clients.
That said, in certain situations with heavy investigation and multiple tabs open, the solution may become slow or get stuck, impacting performance.
Securonix Next-Gen SIEM is highly stable and reliable. There are minimal problems and no major issues with the platform. It has consistently performed well in terms of ingesting log sources and has not caused any access or performance problems.
The tool is praised for its ability to detect configuration mistakes and its value in providing analytics. While there have been occasional instances of instability or slowdown, they are not frequent or significant. The solution has undergone improvements over time, enhancing its stability and functionality.
There's general confidence in the reliability and dependability of Securonix, and the support provided by the vendor has been prompt and effective in resolving any issues.
Securonix Security Analytics SNYPR’s unified platform can be scaled up to handle up to one million security events every second. While this load may seem heavy, SNYPR handles it with ease. It is able to reduce incidents of false security positives by 60%. The access certification workload that IT administrators and managers need to deal with can be reduced by as much as 90%.
The model that this platform uses is based on a machine learning algorithm. This model gives Securonix Security Analytics’s SNYPR platform a number of extremely valuable capabilities. The platform gathers many different types of data and applies what it learns to threats as they arise. The system assigns threats risk values to determine where the areas of highest need are. Machine learning also allows you to respond to slow acting threats by using historical data to inform your response.
All of the data that the system gathers is stitched together and used to create a complete picture of the risks that the system faces. Any blind spots that may exist are exposed by the collaborative UI that compiles the system data in a single location. This also increases your ability to monitor advanced application threats.
Key Features
Some of Securonix Security Analytics’s SNYPR platform’s key features include:
Reviews from Real Users
Securonix Security Analytics SNYPR platform stands out among its competitors for a number of reasons. Two major ones are its ability to significantly reduce the number of false positives that administrators have to deal with and the way that it incorporates contextual information into security events to reduce the time spent finding solutions to problems that arise.
Peerspot users note the effectiveness of these features. One user wrote, “Securonix’s analytics-driven approach for helping to find sophisticated threats and reduce false positives is pretty good. We are allowed to fine-tune according to our requirements and our clients' requirements, which does reduce false positives. In the last 24 hours, the total number of policies with triggers was 233. When I started with this product, the false positives were 561. Therefore, the solution has helped by tuning or reducing false positives.”
Another user noted, “The way that a Securonix is able to put a lot of the contextual information into the events is very helpful. That has reduced the amount of time required for investigating, ‘Hey, this might be something I need to look at,’ and then doing further research. It puts all of those violations in one event or case, so that you can look at different types of violations that all correlate. That has reduced the amount of time for researching some of those cases. It's dependent upon the scenario, but in some cases it could save an hour of going out and doing a bunch of individual searches.”
Securonix Next-Gen SIEM was previously known as Securonix Security Analytics.
Dtex Systems
Pfizer
Western Union
Harris
ITG