We performed a comparison between NetWitness Platform and Securonix Next-Gen SIEM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."NetWitness can be highly beneficial for incident detection and response."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"The most valuable features are the integration and ease of use."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"Their technical support responds quickly and are knowledgable."
"Incident management is its most valuable feature."
"The newer 11.5 version that my team is using has found it to have good mapping."
"Risk scoring was nice. We could exactly see which user had the highest risk score, and then we could pick it up and work on it."
"The second feature is that within the SNYPR product there is a functionality called Spotter. We use that for link analysis diagrams and to run the stats command. That's extremely useful because it replaces a tedious, manual process we used to use, using Microsoft Excel and a couple of other methods, to bring data together."
"Its console is very easy to use and configure. It is very intuitive for our use cases. App integrations are also pretty nice."
"[The solution has] incident-management or case-management functionality. If someone were to download a high number and we decided we needed to investigate it, I could open a case right in the tool. It would be able to directly reference the data that they downloaded and we could open and shut the case directly in the tool, as well as report from it."
"I was looking for software as a service rather than having issues with managing hardware, upgrades, updates. I was trying to step away from that. Those were the key factors when looking at Securonix as a full-feature SIEM with next-generation capabilities available."
"The most valuable feature is that it works on user behavior and event rarities."
"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"Health monitoring of the event sources and devices."
"The solution should have more integration capabilities with different platforms."
"More customizability is required, which is something that they need to improve on."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"We have encountered issues with unresolved crashes."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"Sometimes, there is instability in the data in terms of the customization of the time. I have sometimes observed discrepancies in the data, which is something they should work on. They should bring more stability to time customization. If we are seeing a particular data, when we change the time zone, there should be the same data. There should not be any discrepancy."
"It could be improved a little bit more for admin users. There should be more administrative options related to security for admin users. For example, for forensic purposes, the admin should be able to stop a specific user from erasing some information. I would be helpful in certain situations, such as during an internal fraud."
"The technical support of the solution is an area with shortcomings and needs improvement."
"There is room for improvement in the product's integration with ServiceNow and in the reporting features."
"There is slight room for improvement in terms of the initial deployment. What I see is that Securonix is more focused on their product. They are expanding, in a big way, the number of customers. So there has to be a number of dedicated teams to jump on and speed up the deployment process."
"It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process."
"Regarding the analysis of security events on the SOC side, Securonix Next-Gen SIEM needs to improve its automation capabilities."
"It seems to me that within Securonix there is no option for completely visualizing the types of sources or if there is any loss of logs. I've heard that they have an additional module to validate those types of cases, but in terms of the platform itself only, I can only see how often it sends data but not any specific detail."
NetWitness Platform is ranked 15th in Security Information and Event Management (SIEM) with 36 reviews while Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews. NetWitness Platform is rated 7.4, while Securonix Next-Gen SIEM is rated 8.6. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel, whereas Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, LogRhythm SIEM and Sumo Logic Security. See our NetWitness Platform vs. Securonix Next-Gen SIEM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.