Securonix Solutions Reviews

Edward Ruprecht
Real User
Lead Cyber Security Engineer at a insurance company with 1,001-5,000 employees
Aug 15 2019

What is most valuable?

* The feature that is most valuable is the fact that it's an open platform, so it allows us to modify policies and tune policies as needed. * There's also a feature called Data Insights which allows… more»

How has it helped my organization?

The areas where behavior analytics helps in terms of advanced threats are around some of the rarity-based policies. An example would be if someone is logging in to a machine for the first time… more»

What needs improvement?

Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized… more»

Which solution did I use previously and why did I switch?

We piloted Exabeam but we didn't go forward with them.

What other advice do I have?

From a positive standpoint, with Securonix, or with any UEBA vendor, but specifically Securonix as that's the one that we're using, it definitely overcomes a lot of the challenges with trying to… more»

Which other solutions did I evaluate?

We piloted Exabeam but we didn't go forward with them. We looked a little bit at LogRhythm's UEBA capability as well. At the time they were in the beta stages, so we didn't feel comfortable going with… more»
Real User
SVP Insider Threat at a financial services firm with 10,001+ employees
Aug 22 2019

What is most valuable?

The machine-learning algorithms are the most valuable feature because they're able to identify the "needle in the haystack." Also, the solution's behavior analytics in terms of detecting cyber and… more»

How has it helped my organization?

It's helped identify risky and/or malicious behavior that otherwise would probably have been overlooked. An example would be flight-risk behavior, meaning employees who are planning to leave the firm… more»

What needs improvement?

There is room for improvement in the product's integration with ServiceNow and in the reporting features.

Which solution did I use previously and why did I switch?

We did not have a previous solution.

What other advice do I have?

I'm not an engineer, I'm a consumer of the tool. It's doing what it's been asked to do. It's really all about use cases and having the data. You have to have your use cases well-defined and make sure… more»

Which other solutions did I evaluate?

The only other solution that I believe we looked at was Splunk's UBA. It wasn't Splunk at the time and it wasn't mature enough at the time.
Greg Stewart
Real User
Director of Intellectual Property Protection at a pharma/biotech company with 1,001-5,000 employees
May 28 2019

What is most valuable?

There are a number of things that are very useful. What I like most is that the threat models and risk scoring are very accurate and very helpful to the analysts on my… more»

How has it helped my organization?

In terms of detecting cyber and insider threats, my primary focus is insider threats. It's excellent at that. The ability for the system to detect events is incumbent upon… more»

What needs improvement?

A helpful feature would be an event export. A way to create more substantial summary reports would be nice.

What's my experience with pricing, setup cost, and licensing?

We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service. In terms of any additional costs, it depends on… more»

Which solution did I use previously and why did I switch?

We used ArcSight. The IT department had ArcSight deployed as a SIEM, so that was the system I used to create lists like top-ten emails to competitor domains, top-ten… more»

What other advice do I have?

The single thing I recommend most is understanding your environment and being able to articulate the risk and threat models. Securonix is very good now, better than when… more»

Which other solutions did I evaluate?

We looked at a product from Lockheed Martin which was very analyst-centered. It produced a lot of CSV files as output and required having an analyst who could really pull… more»