We performed a comparison between NetWitness Platform and Securonix Next-Gen SIEM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the correlation. It can report in real-time and monitor the management."
"The product's initial setup phase was not at all difficult."
"The most valuable features are the threat prediction and network forensics."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"The most valuable features are the packet inspection and the automated incident response."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"SNYPR has a bundle of features. It has the UEBA feature that tells you about the behavior of a person or entity. In the tool itself, there is an incident management feature, which is definitely valuable."
"I rate the technical support a nine out of ten. They're friendly. Whenever we have a P1 issue, we write an email and our issue is resolved in one or two hours."
"The detection of threats and reduction of false positive alarms as compared to other solutions are valuable features. It has improved threat detection response and reduced a lot of noise from false positives as compared to our previous SIEM solutions."
"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"I was looking for software as a service rather than having issues with managing hardware, upgrades, updates. I was trying to step away from that. Those were the key factors when looking at Securonix as a full-feature SIEM with next-generation capabilities available."
"The most valuable feature is being able to look at users' behavioral profiles to see what they typically access. One of the key events that we monitor is people's downloading of objects... It's very easy to see people's patterns, what they typically do."
"The solution has proven to be stable so far...The solution is easy to scale up."
"The user interface is a little bit difficult for new users and it needs to be improved."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"Health monitoring of the event sources and devices."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The product's licensing models are complex to understand. This particular area needs improvement."
"There is room for improvement in the product's integration with ServiceNow and in the reporting features."
"Securonix could open up information regarding the indicators of compromise or cyber-threat intelligence database that they use. The idea is that they share what threats they are detecting."
"A helpful feature would be an event export. A way to create more substantial summary reports would be nice."
"Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized and they've been working with us to help improve things."
"There is slight room for improvement in terms of the initial deployment. What I see is that Securonix is more focused on their product. They are expanding, in a big way, the number of customers. So there has to be a number of dedicated teams to jump on and speed up the deployment process."
"We would like to see better integration with other products."
"The solution could provide more automation."
"The pricing. I'm not sure how they are proceeding with the identity based pricing compared with DB pricing which most of the vendors are using today."
NetWitness Platform is ranked 15th in Security Information and Event Management (SIEM) with 36 reviews while Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews. NetWitness Platform is rated 7.4, while Securonix Next-Gen SIEM is rated 8.6. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel, whereas Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, LogRhythm SIEM and Exabeam Fusion SIEM. See our NetWitness Platform vs. Securonix Next-Gen SIEM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.