We performed a comparison between Securonix Next-Gen SIEM and Varonis Datalert based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"It has basic out-of-the-box integrations with multiple log sources."
"The main benefit is the ease of integration."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"Log aggregation and data connectors are the most valuable features."
"The customizability of the tool is valuable. We are able to customize the use cases and create them easily without a large amount of Securonix assistance. It's very flexible. We do not have to rely on Professional Services to modify or create a new use case."
"The user interface is easy to learn and navigate."
"The scalability is one of the remarkable qualities of this product, which makes it very effective, especially when we are dealing with substantial data volumes in the cloud."
"Its console is very easy to use and configure. It is very intuitive for our use cases. App integrations are also pretty nice."
"The feature that I have found most valuable is their analytics platform where they have the open security data-link, which they introduced. This is typically different from the other vendors."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"SNYPR has a bundle of features. It has the UEBA feature that tells you about the behavior of a person or entity. In the tool itself, there is an incident management feature, which is definitely valuable."
"One of the most valuable features it has is the thread chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before."
"It can easily identify unusual behavior or access patterns that may pose a potential threat, while operating as a unified reporting system."
"The telemetry to capture everything and the reports are very easy to configure without having a developer degree."
"The 24/7 support is the most valuable feature. They have been able to answer support questions pretty quickly."
"The analytics would have to be our most valuable feature."
"That alerting and reporting service is great."
"On the Varonis side, technical support is phenomenal. Their ability to explain is very good, and they seem to be very knowledgeable. When I get an alert that doesn't quite make sense, they dive in there and kind of take me through it. That's very useful and very good. There are some false alerts, but it is better to have a false alert than no alert at all."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"The on-prem log sources still require a lot of development."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"We are invoiced according to the amount of data generated within each log."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"I would like to be able to monitor applications outside of the Azure Cloud."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"The pricing. I'm not sure how they are proceeding with the identity based pricing compared with DB pricing which most of the vendors are using today."
"We thought they were going to be a great product, however, they're actually not great at all as an MSP."
"We have a lot of users who, because they're engineers and they're bringing down product data - where, at times, a top-level product could be 10,000 or 15,000 objects - it's difficult for us to determine what should be a concern and what shouldn't be a concern. We work with the Securonix folks to try to come up with better ways to identify that."
"Sometimes, there is instability in the data in terms of the customization of the time. I have sometimes observed discrepancies in the data, which is something they should work on. They should bring more stability to time customization. If we are seeing a particular data, when we change the time zone, there should be the same data. There should not be any discrepancy."
"It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process."
"Parsing needs to be improved. Every time we integrate a new, specific data source, we face a lot of problems in parsing, even for the old data source."
"We would like a little more face-to-face training. Securonix has several tutorials on its website, but we want there to be a person in Colombia who does training or workshops to give us a better understanding of the platform."
"We have compliance needs. We have investigation needs. And we have situations where an analyst needs to look at threats. These three things require a different view of how they look at the threats. What would be good is to have Securonix create three different views of their Security Command Center so that, depending on the persona of the person logging in, they'd get the relevant data they need and not see everything."
"I'd like to see automatic updates for this solution. Currently, it's a manual process to update all the keywords"
"The GUI should be more functional. There should be a process for connecting through Chrome, Internet Explorer, etc."
"I would like it to have cloud integration."
"For unstructured data monitoring, it's one of the top ones, if not the top one, due to its usability."
"We have Microsoft Office 365. I just saw an article today which says that they're actually getting integrated with Microsoft Office 365, which would be a useful feature. For user-based reports, log on activity, and stuff like that, it doesn't seem to really be present like Log360. That could just be my inexperience with it. I've been dealing with it for only about two and a half months."
"It is significantly complex."
Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while Varonis Datalert is ranked 8th in User Entity Behavior Analytics (UEBA) with 6 reviews. Securonix Next-Gen SIEM is rated 8.6, while Varonis Datalert is rated 8.6. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of Varonis Datalert writes "Offers the ability to identify sensitive areas, allowing you to drill down into the sensitive data". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Exabeam Fusion SIEM and USM Anywhere, whereas Varonis Datalert is most compared with Splunk User Behavior Analytics, Microsoft Defender for Identity, Exabeam Fusion SIEM, Rapid7 InsightIDR and Rapid7 InsightVM.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.