We performed a comparison between Securonix Next-Gen SIEM and UserLock based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"It's pretty powerful and its performance is pretty good."
"The product can integrate with any device."
"Risk scoring was nice. We could exactly see which user had the highest risk score, and then we could pick it up and work on it."
"The feature that I have found most valuable is their analytics platform where they have the open security data-link, which they introduced. This is typically different from the other vendors."
"The solution is stable and scalable."
"The most valuable feature is that it works on user behavior and event rarities."
"The feature that is most valuable is the fact that it's an open platform, so it allows us to modify policies and tune policies as needed. There's also a feature called Data Insights which allows us to create different dashboards on specific things of interest for us."
"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"The second feature is that within the SNYPR product there is a functionality called Spotter. We use that for link analysis diagrams and to run the stats command. That's extremely useful because it replaces a tedious, manual process we used to use, using Microsoft Excel and a couple of other methods, to bring data together."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"We mainly implemented UserLock for multi-factor authentication, but the user login insights are also nice."
"The most valuable features are two-factor authentication and real-time logon monitoring."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"The playbook is a bit difficult and could be improved."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"The solution should allow for a streamlined CI/CD procedure."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"The pricing. I'm not sure how they are proceeding with the identity based pricing compared with DB pricing which most of the vendors are using today."
"Parsing needs to be improved. Every time we integrate a new, specific data source, we face a lot of problems in parsing, even for the old data source."
"There is room for improvement in the product's integration with ServiceNow and in the reporting features."
"The incident response area should be improved."
"Sometimes, there is instability in the data in terms of the customization of the time. I have sometimes observed discrepancies in the data, which is something they should work on. They should bring more stability to time customization. If we are seeing a particular data, when we change the time zone, there should be the same data. There should not be any discrepancy."
"It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process."
"Sometimes, the injectors lag and are not loading. It would be nice if that could be improved."
"Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized and they've been working with us to help improve things."
"The product and service are already great as it is but if I could add one feature, I guess it would be nice to have another factor of authentication (two additional factors) like your phone and a token for example, for when people forget their phone at home."
"I would like to see UserLock add the ability to automatically create a group policy in Active Directory. That might streamline the setup process."
Earn 20 points
Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while UserLock is ranked 11th in Authentication Systems. Securonix Next-Gen SIEM is rated 8.6, while UserLock is rated 10.0. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of UserLock writes "Affordable, easy to use, and integrates well with Active Directory". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Exabeam Fusion SIEM and USM Anywhere, whereas UserLock is most compared with Cisco Duo, Microsoft Entra ID, Fortinet FortiAuthenticator, Silverfort and Aruba ClearPass.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.