Securonix Security Analytics Overview

Securonix Security Analytics is the #1 ranked solution in our list of top User Behavior Analytics - UEBA tools. It is most often compared to Splunk: Securonix Security Analytics vs Splunk

What is Securonix Security Analytics?

SNYPR is a next-generation security analytics platform that transforms big data into actionable security intelligence. Built on a Hadoop big data security lake, SNYPR combines an open data model, log management, security incident and event management (SIEM), user and entity behavior analytics (UEBA) and fraud detection into a complete, end-to-end platform that can be deployed in its entirety or in flexible, modular components.

Securonix Security Analytics is also known as Securonix.

Securonix Security Analytics Buyer's Guide

Download the Securonix Security Analytics Buyer's Guide including reviews and more. Updated: April 2021

Securonix Security Analytics Customers

Dtex Systems

Pfizer

Western Union

Harris

ITG

Securonix Security Analytics Video

Pricing Advice

What users are saying about Securonix Security Analytics pricing:
  • "We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service."
  • "We went in on a three-year agreement which has an annual licensing fee, based upon the number of people that we're monitoring. There have not been any additional costs to the standard licensing fees."
  • "A good thing about Securonix is that they don't charge by volume of data or number of devices... They charge by the number of employees, which is a much more predictable number for me, versus data. Our costs are in the $100,000 range over a three-year subscription."
  • "We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
GS
Director of Intellectual Property Protection at a pharma/biotech company with 1,001-5,000 employees
Real User
Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams

What is our primary use case?

I run the intellectual property protection shop for the company and our primary use case is to monitor for DLP.

Pros and Cons

  • "What I like most is that the threat models and risk scoring are very accurate and very helpful to the analysts on my team. They help highlight the most important things for them to look at."
  • "The second feature is that within the SNYPR product there is a functionality called Spotter. We use that for link analysis diagrams and to run the stats command. That's extremely useful because it replaces a tedious, manual process we used to use, using Microsoft Excel and a couple of other methods, to bring data together."
  • "A helpful feature would be an event export. A way to create more substantial summary reports would be nice."

What other advice do I have?

The single thing I recommend most is understanding your environment and being able to articulate the risk and threat models. Securonix is very good now, better than when we first bought them, because we were early adopters. We're in the pharmaceutical space and they didn't have very many Pharmas. They were very good at financial institutions, the banks, the credit card companies and that sort of data, but when it came to risk and threat models for Pharma, we were so successful because we knew what we wanted. I had studied insider threat and behavior analysis for quite a while before we brought…
JM
IT Project Manager at a manufacturing company with 10,001+ employees
Real User
Behavioral profiles help us identify somebody who is engaging in anomalous behavior

What is our primary use case?

We use the solution for protection of engineering intellectual property. We currently look at engineering data in two systems, one a commercial system and one which is a homegrown system.

Pros and Cons

  • "The most valuable feature is being able to look at users' behavioral profiles to see what they typically access. One of the key events that we monitor is people's downloading of objects... It's very easy to see people's patterns, what they typically do."
  • "[The solution has] incident-management or case-management functionality. If someone were to download a high number and we decided we needed to investigate it, I could open a case right in the tool. It would be able to directly reference the data that they downloaded and we could open and shut the case directly in the tool, as well as report from it."
  • "We have a lot of users who, because they're engineers and they're bringing down product data - where, at times, a top-level product could be 10,000 or 15,000 objects - it's difficult for us to determine what should be a concern and what shouldn't be a concern. We work with the Securonix folks to try to come up with better ways to identify that."

What other advice do I have?

The best advice is to make sure that you understand your use cases. For example, we said we want it to trap a high number of downloads, we want to see if people downloaded and then emailed out any of the objects. We came up with the use cases of what we wanted to check for even before we started our implementation. Then the Securonix people were able to better set up the individual threats that we were watching for. The other thing that we do is we categorize our data. We say a given type of intellectual property is high, medium, or low. That way we know what we really want to protect…
Learn what your peers think about Securonix Security Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: April 2021.
502,335 professionals have used our research since 2012.
AV
Chief Technology Officer at a tech vendor with 51-200 employees
Real User
Gives us actionable results - every finding is worth investigation

What is our primary use case?

Our primary use case is monitoring attacks on our cloud environment.

Pros and Cons

  • "When we were looking for products for our security monitoring needs, our biggest requirement was that we wanted something based on machine-learning and analytics. If you go with rules, it can raise a lot of noise. Securonix, with its UEBA capability, had the best analytics use-cases."
  • "We have compliance needs. We have investigation needs. And we have situations where an analyst needs to look at threats. These three things require a different view of how they look at the threats. What would be good is to have Securonix create three different views of their Security Command Center so that, depending on the persona of the person logging in, they'd get the relevant data they need and not see everything."

What other advice do I have?

If you're looking for an analytics-based system, which is what everybody should look at, and if you are thinking of something that provides a quick return on investment, then you should definitely look at Securonix, in addition to doing your due diligence with other products. Definitely have Securonix in the mix if you're looking for actionable threats, flat pricing, and a cloud-based solution. The biggest eye-opener is how wonderful the cloud environment is. There is a whole new universe of threats that get exposed by moving to the cloud. It has all these benefits, but it also reveals a lot…
Lead Cyber Security Engineer at a insurance company with 1,001-5,000 employees
Real User
Open platform allows us to modify policies and tune policies as needed

What is our primary use case?

Our primary use case is privileged-account monitoring. We wanted the ability to monitor what privileged accounts do, what time of day they typically log in, what machines they log in from, what type of configuration changes they make, etc. We're using the SNYPR Cloud UEBA.

Pros and Cons

  • "The feature that is most valuable is the fact that it's an open platform, so it allows us to modify policies and tune policies as needed. There's also a feature called Data Insights which allows us to create different dashboards on specific things of interest for us."
  • "Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized and they've been working with us to help improve things."

What other advice do I have?

From a positive standpoint, with Securonix, or with any UEBA vendor, but specifically Securonix as that's the one that we're using, it definitely overcomes a lot of the challenges with trying to understand what's normal and what's not normal in an environment. With the traditional SIEM rules, it's very difficult to tune some of the policies to understand what is normal for your environment. That's really helped us quite a bit. Another thing that might be helpful regarding understanding the platform is that it takes a little bit of time to come up with the behavior profiles. It might take 30…
CEO/Executive Director at Iconic Engines
Real User
Employee exit report helps us take preventive measures while cloud monitoring gives us SharePoint and Azure visibility

What is our primary use case?

Our primary goal is insider trespass. We have also been using the product for account privilege misuse as well as intellectual property and data theft. Going into the cloud, we have expanded our scope to cloud applications. We never supported the cloud but now that we are using SaaS we've been able to cover cloud applications and cloud infrastructure. That use case is picking up a lot of speed. But, traditionally, it's been used for insider threat and account misuse.

Pros and Cons

  • "One of the most valuable features it has is the thread chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before."
  • "One of the things they can improve on a little bit is the usability side, to make some things simpler... The tool does have a lot of knobs, you can turn a lot of things on and off and you can change things. Sometimes, it can become a little overwhelming. They should remove some confirmation options and make it simpler for the less mature customers and people who are still trying to grasp it."

What other advice do I have?

My advice is that you should want the new, best product. I don't want to say there is no other way, but it scales and it works. If you don't have the manpower, if you don't have the technical skills to have it deployed on-premise and manage - like us, we did not - I would definitely recommend going SaaS. The cloud-offering is a game-changer. It would have been tough for us to deploy Hadoop on-premise and manage it and maintain it. We're not mature enough to handle Hadoop. So I would definitely recommend SaaS to anybody who's looking that Securonix. The other thing I would recommend is…
VP Engineering at a financial services firm with 501-1,000 employees
Video Review
Real User
Puts a lot of contextual information into the events, eliminating individual searches and reducing case research time

What is our primary use case?

Securonix is a SIEM solution for us. In our deployment, it's a software as a service model, so it's a hosted solution. We are feeding several log sources to it and correlating logs, searching, building alerts. It's our primary tool for analyzing logs and alerts for our entire environment.

Pros and Cons

  • "Customer support and making sure that we're successful has been one of the best features, one that we weren't even looking for during evaluation, but that's what we have found."
  • "Some of the user experience when doing threat-hunting, such as being able to see multiple types of analytics from different log sources in one view, would be beneficial. Right now, there are some limitations around that."

What other advice do I have?

I would say Securonix is a nine out of 10. The core functionality is the best that I've seen in the market. Being able to execute on ingesting logs, building alerts, looking at anomalies, providing fast search, and being able to provide an extensive history available to search is a huge win for us. We're often investigating stuff that happened a long time ago. The only thing that we could work on is the user experience when doing threat-hunting, and they've been open to looking at that and exploring options. So I think that will improve also.
AH
Leader - Investigations, Insider Threat at a tech services company with 5,001-10,000 employees
Real User
With a lot of data in one console, the time we require to investigate alerts and threats has decreased

What is our primary use case?

Data loss protection and account misuse are our primary use cases. We're utilizing it to help identify and correlate user behavior to identify potential data loss as well as to detect certain types of fraud.

Pros and Cons

  • "The customizability of the tool is valuable. We are able to customize the use cases and create them easily without a large amount of Securonix assistance. It's very flexible. We do not have to rely on Professional Services to modify or create a new use case."
  • "Other than issues with the training, there have been issues with the encryption. There have also been issues with some of the reporting, minor glitches that they have fixed as they've gone along."

What other advice do I have?

The biggest lesson we have learned from using Securonix is to start small. Don't throw everything at it. Start with one single use case and build out. Don't throw all the use cases into it at once. Otherwise, it's too much work, you get flooded with too much data, you can't focus on what's important, and you can't clean it as quickly. You can clean it, but it will take a lot of time. My advice is to go with the cloud solution and, as I said, start small. Don't try to ingest everything at once. And don't create use cases for everything under the sun. Because we're on-prem, we've had to both…
Cyber Security Team Lead at Avalara
Video Review
Real User
Top 20
SaaS solution enables us to move away from tool management and still have a full-featured SIEM

What is our primary use case?

I work for Avalara. It's a tax technology company based in Seattle with offices all across the world: North Durham, California, Sao Paulo Brazil, Brighton UK, Pune India, and we are expanding right now. We have a list of use cases, like brute force attacks. Our top executive team wanted to see — whenever we are under a serious attack — on their dashboard that the attack is happening, so that the corrective measures can be taken. That is the primary use case: to have that transparency for a number of security use cases like brute force, phishing, and others, and for our executives and our team… more »

Pros and Cons

  • "I was looking for software as a service rather than having issues with managing hardware, upgrades, updates. I was trying to step away from that. Those were the key factors when looking at Securonix as a full-feature SIEM with next-generation capabilities available."
  • "There is slight room for improvement in terms of the initial deployment. What I see is that Securonix is more focused on their product. They are expanding, in a big way, the number of customers. So there has to be a number of dedicated teams to jump on and speed up the deployment process."

What other advice do I have?

I would rate the product at eight out of 10 right now, because there are scopes for improvement, operationally as well as technically. But they have definitely come a long way in a very short time, so I really give them eight-plus. There's definitely some scope for improvement operationally, and there are some technical features which need to be added.
See 3 more Securonix Security Analytics Reviews
Buyer's Guide
Download our free Securonix Security Analytics Report and get advice and tips from experienced pros sharing their opinions.