Anonymous UserRegional Director, Customer Success (GTM Solutions & Services) at a tech services company
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"This solution has advanced a lot over the last few years."
"One of the most valuable features it has is the thread chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before."
"The most valuable feature is being able to look at users' behavioral profiles to see what they typically access. One of the key events that we monitor is people's downloading of objects... It's very easy to see people's patterns, what they typically do."
"[The solution has] incident-management or case-management functionality. If someone were to download a high number and we decided we needed to investigate it, I could open a case right in the tool. It would be able to directly reference the data that they downloaded and we could open and shut the case directly in the tool, as well as report from it."
"The feature that I have found most valuable is their analytics platform where they have the open security data-link, which they introduced. This is typically different from the other vendors."
"I was looking for software as a service rather than having issues with managing hardware, upgrades, updates. I was trying to step away from that. Those were the key factors when looking at Securonix as a full-feature SIEM with next-generation capabilities available."
"Customer support and making sure that we're successful has been one of the best features, one that we weren't even looking for during evaluation, but that's what we have found."
"There aren't any positive aspects of the solution. It was a complete failure. There are no redeeming features."
"The solution is stable and scalable."
"When the data leaves the cloud, there are security issues."
"One of the things they can improve on a little bit is the usability side, to make some things simpler... The tool does have a lot of knobs, you can turn a lot of things on and off and you can change things. Sometimes, it can become a little overwhelming. They should remove some confirmation options and make it simpler for the less mature customers and people who are still trying to grasp it."
"We have a lot of users who, because they're engineers and they're bringing down product data - where, at times, a top-level product could be 10,000 or 15,000 objects - it's difficult for us to determine what should be a concern and what shouldn't be a concern. We work with the Securonix folks to try to come up with better ways to identify that."
"The pricing. I'm not sure how they are proceeding with the identity based pricing compared with DB pricing which most of the vendors are using today."
"There is slight room for improvement in terms of the initial deployment. What I see is that Securonix is more focused on their product. They are expanding, in a big way, the number of customers. So there has to be a number of dedicated teams to jump on and speed up the deployment process."
"Some of the user experience when doing threat-hunting, such as being able to see multiple types of analytics from different log sources in one view, would be beneficial. Right now, there are some limitations around that."
"We thought they were going to be a great product, however, they're actually not great at all as an MSP."
"We would like to see better integration with other products."
"We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000."
"We went in on a three-year agreement which has an annual licensing fee, based upon the number of people that we're monitoring. There have not been any additional costs to the standard licensing fees."
Microsoft Defender for Identity is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. With Microsoft Defender for Identity, you can:
- Monitor users, entity behavior, and activities with learning-based analytics
- Protect user identities and credentials stored in Active Directory
- Identify and investigate suspicious user activities and advanced attacks throughout the kill chain
- Provide clear incident information on a simple timeline for fast triage
To learn more about our solution, ask questions, and share feedback, join our Microsoft Defender for Identity Community.
SNYPR is a next-generation security analytics platform that transforms big data into actionable security intelligence. Built on a Hadoop big data security lake, SNYPR combines an open data model, log management, security incident and event management (SIEM), user and entity behavior analytics (UEBA) and fraud detection into a complete, end-to-end platform that can be deployed in its entirety or in flexible, modular components.
Microsoft Defender for Identity is ranked 13th in User Behavior Analytics - UEBA with 1 review while Securonix Security Analytics is ranked 3rd in User Behavior Analytics - UEBA with 7 reviews. Microsoft Defender for Identity is rated 9.0, while Securonix Security Analytics is rated 8.2. The top reviewer of Microsoft Defender for Identity writes "Identifies, detects, and investigates advanced threats". On the other hand, the top reviewer of Securonix Security Analytics writes "Behavioral profiles help us identify somebody who is engaging in anomalous behavior". Microsoft Defender for Identity is most compared with Microsoft Defender for Office 365, Palo Alto Networks WildFire and Palo Alto Networks VM-Series, whereas Securonix Security Analytics is most compared with Splunk, Exabeam Fusion SIEM, IBM QRadar, LogRhythm NextGen SIEM and Azure Sentinel.
See our list of best User Behavior Analytics - UEBA vendors.
We monitor all User Behavior Analytics - UEBA reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.