We performed a comparison between Securonix Next-Gen SIEM and Splunk User Behavior Analytics based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The feature that I have found most valuable is their analytics platform where they have the open security data-link, which they introduced. This is typically different from the other vendors."
"One of the most valuable features it has is the thread chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before."
"There aren't any positive aspects of the solution. It was a complete failure. There are no redeeming features."
"[The solution has] incident-management or case-management functionality. If someone were to download a high number and we decided we needed to investigate it, I could open a case right in the tool. It would be able to directly reference the data that they downloaded and we could open and shut the case directly in the tool, as well as report from it."
"I was looking for software as a service rather than having issues with managing hardware, upgrades, updates. I was trying to step away from that. Those were the key factors when looking at Securonix as a full-feature SIEM with next-generation capabilities available."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"The most valuable feature is that it works on user behavior and event rarities."
"The most valuable feature is the ability to search through a large amount of data."
"The solution is fast, flexible, and easy to use."
"The solution is extremely scalable. Our customers are regularly scaling up after installing Splunk."
"The most valuable feature is being able to take data and put it into other systems so that we could see the output, and to see where we need to apply our focus."
"The solution appears to be stable, although we haven't used it heavily."
"Because of some of the visualizations that we utilize, we are able to understand strange, unusual traffic on our networks."
"This intelligent user behavior analytics package is easy to configure and use while remaining feature filled."
"It's easily scalable."
"The solution could provide more automation."
"We thought they were going to be a great product, however, they're actually not great at all as an MSP."
"One aspect that could be improved is the pricing of the product in Brazil."
"Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized and they've been working with us to help improve things."
"We would like to see better integration with other products."
"It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process."
"It seems to me that within Securonix there is no option for completely visualizing the types of sources or if there is any loss of logs. I've heard that they have an additional module to validate those types of cases, but in terms of the platform itself only, I can only see how often it sends data but not any specific detail."
"We have a lot of users who, because they're engineers and they're bringing down product data - where, at times, a top-level product could be 10,000 or 15,000 objects - it's difficult for us to determine what should be a concern and what shouldn't be a concern. We work with the Securonix folks to try to come up with better ways to identify that."
"I would like improved downward integration with other tools such as McAfee and other GCP solutions."
"If the price was lowered and the setup process was less complex, I would consider rating it higher."
"It could be easier to scale the solution if you are using it on-premise, not in the cloud."
"The solution is much more expensive than relative competitors like ArcSight or LogRhythm. It makes it hard to sell to customers sometimes."
"There are occasional bugs."
"The ability to do more complicated data investigation would be a welcome addition for pros, though the functionality now gives most people what they need."
"The correlation engine should have persistent and definable rules."
"It would be good if the solution had an analytics tool that allowed us to analyze the data without writing specific queries."
More Splunk User Behavior Analytics Pricing and Cost Advice →
Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while Splunk User Behavior Analytics is ranked 2nd in User Entity Behavior Analytics (UEBA) with 18 reviews. Securonix Next-Gen SIEM is rated 8.6, while Splunk User Behavior Analytics is rated 8.2. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Easy to configure and easy to use solution that integrates with many applications and scripts ". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, LogRhythm SIEM and Exabeam Fusion SIEM, whereas Splunk User Behavior Analytics is most compared with Darktrace, Microsoft Defender for Identity, IBM Security QRadar, Cynet and Exabeam Fusion SIEM. See our Securonix Next-Gen SIEM vs. Splunk User Behavior Analytics report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.