We performed a comparison between Securonix Next-Gen SIEM and WSO2 Identity Server based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."It has basic out-of-the-box integrations with multiple log sources."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"It has a lot of great features."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"There aren't any positive aspects of the solution. It was a complete failure. There are no redeeming features."
"The most valuable feature is that it works on user behavior and event rarities."
"The second feature is that within the SNYPR product there is a functionality called Spotter. We use that for link analysis diagrams and to run the stats command. That's extremely useful because it replaces a tedious, manual process we used to use, using Microsoft Excel and a couple of other methods, to bring data together."
"The customizability of the tool is valuable. We are able to customize the use cases and create them easily without a large amount of Securonix assistance. It's very flexible. We do not have to rely on Professional Services to modify or create a new use case."
"The scalability is one of the remarkable qualities of this product, which makes it very effective, especially when we are dealing with substantial data volumes in the cloud."
"What I like most is that the threat models and risk scoring are very accurate and very helpful to the analysts on my team. They help highlight the most important things for them to look at."
"The big data security analytics platform, structured and unstructured data analytics, and user and entity behavior analytics provided by the product are probably the best in the industry."
"Comprehensive ecosystem."
"I would rate the solution's stability eight or nine out of ten."
"It's very easy to implement everything."
"The keystore feature has been most valuable for us."
"The single sign-on procedure itself, as well as the ability to connect to external user sources such as Microsoft Active Directory and LDAP servers, are the solution's most valuable features."
"Some of the valuable features of the solution are the easy integration with processes, such as Single Sign-On. Overall WSO2 is straightforward and does not need customization."
"The product provides easy integration between API manager and IT server components."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"We'd like to see more connectors."
"There is room for improvement in entity behavior and the integration site."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"The technical support of the solution is an area with shortcomings and needs improvement."
"The analytics-driven approach for finding sophisticated threats and reducing false positives is positive and good, but the platform requires a more dynamic concept. Everything is a bit static."
"It could be improved a little bit more for admin users. There should be more administrative options related to security for admin users. For example, for forensic purposes, the admin should be able to stop a specific user from erasing some information. I would be helpful in certain situations, such as during an internal fraud."
"We would like to see better integration with other products."
"Regarding the analysis of security events on the SOC side, Securonix Next-Gen SIEM needs to improve its automation capabilities."
"Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized and they've been working with us to help improve things."
"There is room for improvement in the product's integration with ServiceNow and in the reporting features."
"One of the things they can improve on a little bit is the usability side, to make some things simpler... The tool does have a lot of knobs, you can turn a lot of things on and off and you can change things. Sometimes, it can become a little overwhelming. They should remove some confirmation options and make it simpler for the less mature customers and people who are still trying to grasp it."
"The high availability architecture has to be improved."
"Sometimes working with the code is difficult because I search for documentation about the code and how to work with the code, which is where I believe they should improve, by providing some documentation on how to work with the code."
"The solution could improve its development from a user perspective."
"I found the initial setup to be very complex."
"This solution requires extensive knowledge to be used effectively as certain areas of its use are not user friendly."
"This solution does not have BPM workflows already integrated, we had to integrate the BPM module externally. They do not provide full-featured auditing and certification modules out of the box."
"There needs to be a good support model and easy-to-understand documentation."
Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while WSO2 Identity Server is ranked 6th in Customer Identity and Access Management (CIAM) with 7 reviews. Securonix Next-Gen SIEM is rated 8.6, while WSO2 Identity Server is rated 8.0. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of WSO2 Identity Server writes "Provides valuable API management features, but its technical documentation needs improvement". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Exabeam Fusion SIEM and USM Anywhere, whereas WSO2 Identity Server is most compared with Auth0, Amazon Cognito, CyberArk Privileged Access Manager, SAP Identity Management and SailPoint IdentityIQ.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.