Securonix Next-Gen SIEM Previous Solutions

GS
Director of Intellectual Property Protection at a pharma/biotech company with 1,001-5,000 employees

We used ArcSight. The IT department had ArcSight deployed as a SIEM, so that was the system I used to create lists like top-ten emails to competitor domains, top-ten events for USB, top-ten people going to job-search domains through the web proxy, etc.

ArcSight was not very sophisticated. It was just six PDF files a day that were representative of top-ten events in some predefined rule. There was no way to prioritize or score or, even better, correlate events. Securonix, in one example, as I mentioned, pulled together four events and chained them together, which would not have made any of the top-ten lists and that were significantly more important than anything on any of those top-ten lists that day.

View full review »
Ibrahim Albalawi - PeerSpot reviewer
SOC Leader at a tech consulting company with 51-200 employees

We were previously using Splunk, and we wanted to continue, but when we did the evaluation, we found Splunk to be more difficult to implement than others. It is fine to operate it, but its implementation is more difficult. It also had fewer features than Securonix. Securonix is dedicated to security information event management, but this is not the main functionality of Splunk. Even though Splunk is very strong in security, and we have been using it, when it comes to, for example, machine learning, Securonix has pre-configured policies. So, we don't have to spend that much time, whereas when it comes to Splunk, we have to configure everything. We have to install the applications and configure the dashboards. Considering the functionalities, features, and pricing, we felt that Securonix would be the best option.

It is better than previous solutions in terms of threat investigations and onboarding. That's because most of the other solutions are based on rules. Sometimes, there is no intelligence when it comes to detection, whereas Securonix has policies that are a collection of rules. Securonix doesn't only extract the log and tells us that it is a low-impact event or informative event. It also tries to correlate most of the events according to the policies and takes us to the main point. This is how Securonix has helped us to reduce a lot of false positives. Other solutions only worked with rules, and they only sent us events. We had to review most of those events, which is not the case with Securonix. It has a lot of policies for all types of detections. There are almost 1,000 policies, and Securonix can correlate various types of behaviors and pieces of evidence to detect advanced threats. It is good at this level.

View full review »
Rafael-Barrios - PeerSpot reviewer
Cybersecurity SE at a tech vendor with 10,001+ employees

I have worked with Splunk and LogRhythm. I am using Securonix because, in this company, most of our clients are using Securonix. So, I had to learn how it works and understand its architecture and capabilities. It is very easy to understand for anyone who has worked with similar solutions. It is 90% easier than Splunk, which has a lot of code. Securonix is very radical and intuitive.

View full review »
Buyer's Guide
Securonix Next-Gen SIEM
March 2024
Learn what your peers think about Securonix Next-Gen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
SM
Cyber Security Analyst at a retailer with 10,001+ employees

I have only worked with this solution.

View full review »
AC
CEO/Executive Director at Iconic Engines

We used ArcSight. We started off by using ArcSight and Securonix in parallel. Over the years, once Securonix came up with the cloud offering, that was our main pivot point to move to Securonix. 

There were a lot of other reasons for the move. There was a lot of fatigue from the teams in terms of having to build the content, maintain the platform, manage it - the rules and everything else. In addition, we were going for a cloud-first strategy and we had a lot of cloud infrastructure that we were not able to manage. We were using machine learning, we were on of the early adopters of it. One of the most beneficial things we saw was the combination having UBA, the SIEM, and data lake in a single platform. It used to be that our analyst would get an alert out on out of UBA and then go back into ArcSight, try to find the event for it, extract the event, investigate, and go to a different ticketing system to do the incident management. We wanted to combine all of it and have one product or one location for all.

View full review »
Balamurali Vellalath - PeerSpot reviewer
Practice Head-CyberSecurity at ALTEN calsoft Labs

We have worked with QRadar SIEM, Splunk, and Microsoft Sentinel. We use Securonix because we have a managed services model. 

View full review »
Pavan Lingam - PeerSpot reviewer
Cyber Security - Consultant at LTI - Larsen & Toubro Infotech

I previously used McAfee's SIEM solution. I switched because I shifted to another project using Securonix. Securonix is faster and more user-friendly. McAfee takes five minutes to load, whereas Securonix will load in the blink of an eye, and I never face any slowness in the application in Securonix. It takes an hour to generate a report on McAfee. It's no competition for Securonix.

View full review »
IG
Senior Security Consultant at LTI - Larsen & Toubro Infotech

I started with Securonix itself. I have read about other solutions such as QRadar and Splunk, but I did not get a chance to work on these tools.

It was not at all difficult for me to use Securonix's interface. This is the first tool that I used. It was not difficult for me to learn. Its interface is very user-friendly, and I don't think anyone will face difficulty operating the tool. Everything is displayed nicely.

View full review »
MA
Services Sales Consultant at Alpha

I work with Splunk. The pros and cons of a solution depend on its features, customers, and the scale of the customer.

View full review »
JM
IT Project Manager at a manufacturing company with 10,001+ employees

We didn't have a previous solution. On our homegrown system, we made a little bit of a homegrown solution, but the only thing it did was that if somebody had a high number of downloads, it would send us a note. On the commercial system, we were trapping things in the log, but the logs are typically about 1.5 million rows a day, and that's really tough to analyze by hand. That is why I said, "I can't do this. I need an analytics tool to do this." This was really the first analytics tool that we deployed for this particular purpose.

View full review »
Sudhakaran Krishnan - PeerSpot reviewer
Consultant at LTI - Larsen & Toubro Infotech

We haven't used another solution apart from this one.

View full review »
JS
Head of Cybersecurity at a tech services company with 11-50 employees

We used a traditional SIEM where everything was very manual. It did not have threat intelligence or threat hunting of compromises, while Securonix has those features.

We changed because we wanted a good tool to automate certain manual processes so that everything is more flexible. With Securonix, you have the option of integrating with other indicator-of-compromise services, and that helps create a more powerful platform and eliminate false positives.

View full review »
Andres Fuentes - PeerSpot reviewer
SOC Analyst at ComWare S.A

We used McAfee before. The person who was in charge left the company just when Securonix came in and that is when I started working here.

One of the main differences is having service through the cloud. Before Securonix, we had the service locally. Now, the service is processed in the cloud and when a case is generated on the platform, they have always been willing to help us.

View full review »
FA
Security Developer at a tech consulting company with 201-500 employees

We use platforms such as RSA enVision, QRadar, and McAfee. We have not eliminated these platforms but we are more inclined toward Securonix because it provides us with UEBA analytics, which is something that we have not been able to exploit as much on other platforms. The solution's UEBA data analysis is what caught our attention.

View full review »
HK
Lead Security Engineer at a tech services company with 1-10 employees

We had a generic system previously, which has none of the things which have helped us by using Security Analytics. This solution automatically detects threats. There is a response bar that we can deploy. There is an email notification. So, if I am not available, then I will get an email that I can respond to pretty quickly. As far as threat detection, we get policy updates every three minutes. Therefore, if anything is detected, it will be right there on my screen.

I have previously trained on FortiGate and Splunk. Securonix and Splunk are not that different. Splunk has a lot of things on one screen. Whereas, Securonix tries to clean it up.

View full review »
ER
Lead Cyber Security Engineer at a insurance company with 1,001-5,000 employees

We piloted Exabeam but we didn't go forward with them.

View full review »
AH
Leader - Investigations, Insider Threat at a tech services company with 5,001-10,000 employees

We did not have a previous solution.

View full review »
HB
SVP Insider Threat at a financial services firm with 1,001-5,000 employees

We did not have a previous solution.

View full review »
RP
Regional Director, Customer Success (GTM Solutions & Services) at a tech services company with 51-200 employees

We ended up moving out clients over to QRadar as this solution did not end up working for either of them.

View full review »
AV
Chief Technology Officer at a tech vendor with 51-200 employees

We used QRadar. We switched to Securonix because we wanted something in the cloud. There was just too much work to maintain the previous system. Second, we wanted something that was analytics-based so that it would give us actionable threats, versus noise. Number three was that we wanted something that could integrate with our cloud applications faster.

View full review »
SK
Manager Security Operation Center at a tech services company with 51-200 employees

We work with different SIEM solutions, including IBM QRadar and LogRythm. Although I prefer IBM QRadar to Securonix Security Analytics, there are no features of this product that I wish to see included in it, as these two platforms are disparate. 

The reason I prefer IBM QRadar is because we already utilize this solution with our customers, whereas with Securonix Security Analytics we are talking about a process which we have yet to complete. 

View full review »
Buyer's Guide
Securonix Next-Gen SIEM
March 2024
Learn what your peers think about Securonix Next-Gen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.