Securonix Security Analytics Valuable Features

Greg Stewart
Director of Intellectual Property Protection at a pharma/biotech company with 1,001-5,000 employees
There are a number of things that are very useful. What I like most is that the threat models and risk scoring are very accurate and very helpful to the analysts on my team. They help highlight the most important things for them to look at. The second feature is that within the SNYPR product there is a functionality called Spotter. We use that for link analysis diagrams and to run the stats command. That's extremely useful because it replaces a tedious, manual process we used to go through, using Microsoft Excel and a couple of other methods, to bring data together. The third feature is the ability to create watch lists that highlight specific predefined events in a separate window - or widget, as they call it. If I want to highlight something of interest without changing the risk score, or affecting any of the threat or risk models that we have in place, I can create a watch list. It moves those events to an area where an analyst will see them, first thing, without changing any scores or any other manipulation of data. I can highlight events that way. View full review »
ITProjec55d8
IT Project Manager at a manufacturing company with 10,001+ employees
The most valuable feature is being able to look at users' behavioral profiles to see what they typically access. One of the key events that we monitor is people's downloading of objects, files from either the engineering or the homegrown application. It's very easy to see people's patterns, what they typically do. The system might identify somebody who is engaging in anomalous behavior. Especially with the product's rev 6, there are a lot of tools to go in and do investigations, even without talking to the person, to try to determine what were they doing. Is it a case that they normally don't do something but this looks like a legitimate action, or is it something we need to investigate? That is pretty neat. View full review »
Amit Chopra
CEO/Executive Director at Iconic Engines
One of the most valuable features it has is the threat chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before. It also has the ability to detect low and slow stuff. Whenever we've had any dormant issues or dormant malware - dormant processes which get executed much later - it has tremendously helped us with that. View full review »
Find out what your peers are saying about Securonix Solutions, Splunk, Exabeam and others in Security Information and Event Management (SIEM). Updated: July 2019.
353,345 professionals have used our research since 2012.
LeaderIn0c93
Leader - Investigations, Insider Threat at a tech services company with 1,001-5,000 employees
The customizability of the tool is valuable. We are able to customize the use cases and create them easily without a large amount of Securonix assistance. It's very flexible. We do not have to rely on Professional Services to modify or create a new use case. The solution's behavior analytics, in detecting cyber and insider threats, are good. The tool does what it's supposed to, as long as the data coming in is accurate. View full review »
Find out what your peers are saying about Securonix Solutions, Splunk, Exabeam and others in Security Information and Event Management (SIEM). Updated: July 2019.
353,345 professionals have used our research since 2012.
Sign Up with Email