What is our primary use case?
We're an MSSP, and we provide a security operations center as a service. We've been doing that for 20 years. We have recently embarked on, for the first time, co-managed SIEM solutions. We have customers who are interested in owning a SIEM but having us to manage it. We're always looking for products that are beneficial for different classifications of customers. We recommend these products to customers based on their requirements. We work with several SIEM developers, where when they sell a solution to another MSP or an end customer, they recommend us for 24/7 management.
We implemented this solution into our data centers and onboarded customers on behalf of the MSP partners. We operated a 24/7 security operation center that managed it and responded to alerts, etc. That's actually one of the best values on the market when it comes to a SIEM.
What is most valuable?
The main thing is the value proposition. It is one of the most sophisticated yet affordable solutions that I've come across. It is also one of the easiest-to-manage yet comprehensive solutions for a SOC analyst.
Its customizations are really good, and it has a lot of integrations. It is multi-tenant and very fast to onboard. Its stability is 100%. We've never had an outage with it. It doesn't require extensive hardware resources.
Its level of support is also very good. They have a very responsive technical team.
What needs improvement?
It is a standalone solution now. They need to make it into a cloud-based subscription model.
It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft.
For how long have I used the solution?
I have been using this solution for about two years. I have worked for them as a consultant for some time, and I have also worked for a company where I purchased it or made the purchasing decision and implemented it.
I have used its multiple versions. I have used their first iteration all the way up to the version about three months ago.
What do I think about the stability of the solution?
Its stability is 100%. We've never had an outage with it. Some of the customers had outages sometimes, but these outages weren't because of this solution. They were fast to build integrations.
Its stability has been really good. It didn't require extensive hardware resources. It was more efficient in terms of resource usage than some of the other SIEMs that I've implemented.
How are customer service and technical support?
Their technical support was excellent. We didn't have to engage them very often. They had their own development team, and they were very fast at the turnaround for things like integration. If we ran into a problem, they were fast.
They also provided the most extensive training than any of the other SIEMs that I've implemented.
How was the initial setup?
The initial setup was very straightforward. It uses industry-standard tools.
What's my experience with pricing, setup cost, and licensing?
It has a per-asset model instead of an ingestion-based model, which gives predictable pricing. In terms of price, it is in the middle to lower range of SIEMs that it competes against.
It is the most affordable solution that we have implemented so far. It was much more affordable than anything else I've implemented.
What other advice do I have?
I would rate Seceon Open Threat Management Platform a nine of ten.