Listing Thumbnail

    Securonix Unified Defense SIEM

     Info
    Deployed on AWS
    Securonix Unified Defense SIEM is a leader in the SIEM market, providing unparalleled cyber risk reduction by offering fast, efficient and precise, threat detection, investigation and response. It streamlines operations with advanced AI and analytics, supporting multi-cloud environments and seamlessly enhancing existing security solutions. Securonix Unified Defense SIEM improves operational efficiency with a frictionless experience for the security team, as well as providing organizations with an AI-Reinforced threat detection, investigation, and response (TDIR) solution built on a highly scalable data cloud. The innovative cloud-native solution adopts a Cybersecurity mesh architecture to agnostically integrate with multiple clouds, data lakes and security solutions.

    Overview

    Play video

    Securonix Unified Defense SIEM offers a cohesive TDIR experience for everyone from analysts to the CISO, with integrated detection, investigation, and response using a unified data set. Built on the scalable Snowflake data cloud, Securonix SIEM meets modern data demands, outperforming competitors in capacity and performance. The Snowflake backend supports hundreds of thousands of events per second, storing them as hot searchable data for extended periods. Our adaptable data storage model provides fast access to one year of hot data for investigations and threat hunting, with options to extend retention.

    Curated threat content is delivered continuously as a service, offering extensive coverage. Customers benefit from our Threat Labs team expertise, relieving their resource pressures. We enable proactive defense through collaboration with peers and partners.

    Securonix Unified Defense SIEM features Securonix EON, built on 3 design principles:

    AI-Reinforced Platform: Utilizes AI for rapid, precise security decisions, minimizing manual tasks. Cybersecurity Mesh: Integrates security tools, clouds, and data lakes seamlessly, maximizing investments. Frictionless Experience: Reduces noise with an intuitive interface, allowing analysts to focus on critical threats.

    Securonix customers receive the following key benefits.

    Enhanced Threat Detection, Investigation, and Response:

    • Industry-leading analytics reduce false positives and monitor threats enterprise-wide.

    10x improvement in detection and response speed, efficacy, and precision:

    • Automated responses reduce incident impact.
    • Fraud detection helps mitigate financial losses.
    • Enhanced incident response tools improve forensic investigations.
    • Protection against unauthorized data access.
    • Reduced alerts using threat models aligned with MITRE ATT&CK and US-CERT.
    • Rapid value with OOTB content powered by AI analytics.
    • Reduce Insider Threat Risks
    • Advanced algorithms and real-time monitoring identify subtle insider threats early.

    Swift detection and response prevent costly security incidents:

    • Compliance with industry regulations and privacy laws.
    • Improved forensic investigations and data protection.
    • Safeguard brand reputation, revenue, and reduce risks.
    • Streamline Compliance with Automation
    • Reduction of compliance risks and costs through automation

    Enhances security, reducing breaches and unauthorized access:

    • Increases productivity by automating compliance, saving on manual checks and fines.
    • Builds trust with partners and customers, enhancing reputation and competitive edge.
    • Boost Trust and Customer Confidence
    • Customers trust businesses that secure their data.

    Strong cybersecurity protects customer information:

    • Clear communication about security builds trust.
    • Adherence to GDPR, HIPAA, etc., shows commitment to privacy.
    • A solid incident response plan minimizes breach impacts.

    Highlights

    • Unified Defense SIEM incorporates Securonix EON, a set of advanced capabilities aligned to 3 design principles: > AI-Reinforced Platform: Utilizes AI for rapid, precise security decisions, minimizing manual tasks. > Cybersecurity Mesh: Integrates security tools, clouds, and data lakes seamlessly, maximizing investments. > Frictionless Experience: Reduces noise with an intuitive interface, allowing analysts to focus on critical threats.
    • Built with Snowflake Data Cloud: Many SIEMs cannot scale to handle the sheer volume of data generated by modern enterprises. Securonix delivers solutions built to accommodate massive data demands with an easily adaptable data storage model. This storage model delivers 365 days of HOT searchable data to get the visibility needed to thoroughly investigate potential threats.
    • Proactive, Unified Defense: Effective defense against cyber threats requires a team effort, and community collaboration and knowledge sharing are essential components in the fight against threat actors. Security teams that use disconnected and poorly integrated security solutions may complicate and delay threat detection and response. Securonix is streamlining the analyst experience to deliver detection, investigation, and response in a single interface.

    Details

    Delivery method

    Deployed on AWS

    Unlock automation with AI agent solutions

    Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
    AI Agents

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Securonix Unified Defense SIEM

     Info
    Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    12-month contract (5)

     Info
    Dimension
    Description
    Cost/12 months
    SNYPR-NxGEN SIEM 1K_ID
    1000 ID Nx-Gen SIEM 1 year of 7Hot, 60Warm, 365Cold storage days
    $91,378.00
    SNYPR-Basic SIEM_1K_ID
    1000 ID Basic SIEM 1 year of 60Warm, 365Cold storage days
    $67,331.00
    SNYPR -UEBA_1K_ID
    1000 ID UEBA + Insider,Cyber,CloudPackages 30 days of report
    $48,094.00
    UDS_Advanced_Bundle_P2
    United Defense SIEM with embedded datalake - 90 Days Hot 365 Days Cold - SW-R-FF-BNDL-UDSP2
    $100,000.00
    MSSP_Bundle_P2
    United Defense SIEM with embedded datalake - 90 Days Hot 365 days Cold - includes SOAR & ATS - SW-R-FF-BNDL-BNDL-MSSPP2
    $150,000.00

    Vendor refund policy

    No refunds

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Support

    Vendor support

    Securonix offers a range of Support Services and Professional Services to meet the needs of large enterprise customers. For more information please visit:

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly
    By SIEMonster Inc

    Accolades

     Info
    Top
    50
    In Security Observability
    Top
    10
    In Generative AI, Security Observability
    Top
    10
    In Log Analysis, Analytics

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    15 reviews
    Insufficient data
    0 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Threat Detection Analytics
    Advanced AI-powered analytics with precise security decision-making capabilities
    Cloud Integration Architecture
    Cybersecurity mesh architecture supporting multi-cloud environments and seamless integration with security tools and data lakes
    Data Storage and Processing
    Snowflake data cloud backend supporting hundreds of thousands of events per second with hot searchable data retention for extended periods
    Threat Content Management
    Continuous delivery of curated threat content with extensive coverage powered by Threat Labs expertise
    Incident Response Automation
    AI-reinforced platform with automated response capabilities aligned with MITRE ATT&CK and US-CERT threat models
    Artificial Intelligence Security
    Advanced AI-powered security platform with autonomous threat detection and response capabilities
    Cloud Native Application Protection
    Comprehensive CNAPP solution with agentless and agent-based protection, including an Offensive Security Engine
    Extended Detection and Response
    Cross-platform XDR capabilities providing unified threat detection and response across multiple security domains
    Endpoint Security
    Integrated Endpoint Prevention, Detection, Response and Remediation (EPP, EDR) with comprehensive protection mechanisms
    Identity Threat Management
    Advanced Identity Threat Detection and Response (ITDR) with real-time monitoring and protection capabilities
    Event Processing Capability
    Unlimited event-per-second (EPS) ingestion with scalable processing for businesses of all sizes
    Multi-Region Deployment
    Auto-deployable across multiple AWS regions and zones with built-in redundancy
    Data Ingestion Flexibility
    Comprehensive data collection capability supporting on-premises and cloud environments, including SCADA systems
    Security Orchestration
    Integrated SOAR (Security Orchestration, Automation and Response) with predefined SOC playbooks
    Threat Detection
    Real-time threat intelligence with XDR endpoint protection and advanced monitoring capabilities

    Security credentials

     Info
    Validated by AWS Marketplace
    FedRAMP
    GDPR
    HIPAA
    ISO/IEC 27001
    PCI DSS
    SOC 2 Type 2
    No security profile
    -
    -
    -
    -
    -
    No security profile

    Contract

     Info
    Standard contract
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    4.2
    3 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    33%
    33%
    33%
    0%
    0%
    3 AWS reviews
    |
    21 external reviews
    Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
    reviewer2396166

    User-friendly interface has improved threat detection through real-time analytics and AI advancements

    Reviewed on Jun 25, 2025
    Review provided by PeerSpot

    What is our primary use case?

    We work with CrowdStrike, Securonix Next-Gen SIEM, and other cybersecurity products such as Gurucul. We are a service provider and partner of Securonix Next-Gen SIEM. We operate as a reseller of Securonix Next-Gen SIEM for their customers' cybersecurity as their primary defense mechanism.

    What is most valuable?

    They are very updated. Their customer responses are great, and they keep using the new AI tools to keep themselves at the edge of the game.

    This is very helpful because there are many false positives which keep cropping up, and one of the things that Securonix Next-Gen SIEM does very well is ensuring they don't give attention to false positives. They don't take attention away from the real problems and reduce a lot of noise.

    We look forward to more developments from Securonix Next-Gen SIEM in terms of their service turnaround times and staying connected with customers.

    What needs improvement?

    Given that they have already started improving on the service levels, there isn't much we can recommend at this point. We will wait and see how things unfold.

    For how long have I used the solution?

    We have been using the solution for about four years.

    What do I think about the stability of the solution?

    We have experienced no latency issues with the system.

    What do I think about the scalability of the solution?

    It's fairly scalable. We have not had any customers come back to say they cannot scale at the speed of their business growth. Typically, Securonix Next-Gen SIEM is chosen by customers who are already fairly large. They don't have very small customers implementing Securonix Next-Gen SIEM.

    It's certainly meant for large entities and to some extent medium entities who are on a growth trajectory, but certainly not for small ones.

    How are customer service and support?

    They excel in response times and quick reactions when there's an actual threat. We work with a particular team which is regionally based out of the Middle East, and they have been very responsive, so we don't want to make any changes.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    The solution is easily integrable and fairly easy to implement.

    What's my experience with pricing, setup cost, and licensing?

    The solution is definitely not expensive. It's benchmarked against others in this space, and we haven't received any negative feedback about pricing from customers or prospects.

    Which other solutions did I evaluate?

    The choice depends on the posture that the particular company would take. If they are more mobile intensive with more endpoints, they would go for solutions from companies such as CrowdStrike. It also depends on which tool the CISO and the rest of their team is more comfortable dealing with.

    What other advice do I have?

    Automated threat hunting is an evolving space because you can only hunt so many threats, but there are always some that go completely unnoticed. You only know what you know.

    The system is pretty robust because it covers all applications and the entire spectrum. There are cycles that you keep going through and review periodically.

    Whatever feedback we provide to the Securonix Next-Gen SIEM team, they have been very forthcoming.

    I rate Securonix Next-Gen SIEM a 9 out of 10.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    reviewer1375044

    Centralized environment supports big data while facing integration challenges

    Reviewed on May 29, 2025
    Review from a verified AWS customer

    What is our primary use case?

    We have actually used our company, which is a large one, and we are using multiple Securonix Next-Gen SIEM  technologies. For the on-premises environment, we are using Securonix Next-Gen SIEM , and for cloud, we are using Sentinel .

    We primarily use Securonix Next-Gen SIEM  to detect policy violations, firewall detection, and other basic parts for the on-premises system, but we primarily focus on the cloud solution because cloud is the scope of our work and we are moving to cloud slowly.

    What is most valuable?

    The other SIEM  solutions lack an option for big data analysis, whereas in the Securonix Next-Gen SIEM, we have this option, so considering the scope of the project we planned, we chose Securonix Next-Gen SIEM over other vendors.

    We utilize user and entity behavior analytics in the Securonix Next-Gen SIEM.

    The reporting in the Securonix Next-Gen SIEM is very good, and the dashboard is great.

    We have a separate dashboard for MTTD and MTTR. Compared to the previous solution we used, Securonix Next-Gen SIEM has many advantages on the MTTR part, as the containment and alerts automations are feasible from the response point of view.

    What needs improvement?

    The customization in Securonix Next-Gen SIEM is more difficult compared to other solutions. At the operation level, we are not facing many challenges with automating things using Securonix Next-Gen SIEM, but at the admin level, we have many challenges where log parsing is causing issues and compatibility is not present.

    The primary technology challenge we have is not at the security tools level. For example, firewall Cisco and others are capable. However, specific to product, for SAP, we are using certain products, and developing custom connectors for each product, especially the internal applications, is difficult, and Securonix Next-Gen SIEM is not up to the mark.

    For how long have I used the solution?

    I have been working with Securonix Next-Gen SIEM for almost one and a half years, and we have undergone a major migration. Earlier, we were an individual company, but we have now merged with MBD, so the bank scope has been widely spread, and we have migrated to Securonix Next-Gen SIEM.

    What was my experience with deployment of the solution?

    We had an individual product before we purchased Securonix Next-Gen SIEM, having separate SOAR  and SIEM solutions, along with separate tools for each activity. Securonix Next-Gen SIEM has built a centralized environment where we can perform all these tasks without any dependency on a separate SOAR  solution for containing alerts' action items, and the big data plays a major role, allowing a large setup of datasets to be parsed into Securonix Next-Gen SIEM without issues.

    What do I think about the stability of the solution?

    The stability of Securonix Next-Gen SIEM is based on the events we are processing. For certain solutions where not much log is generated or stored, it handles tasks efficiently, but where a large number of logs are generated in a short time, it keeps them as a cache and releases them as an event, which takes some time. It is stable, but only at a certain level.

    What do I think about the scalability of the solution?

    I do not face any challenges regarding scalability. I can rate it around eight to nine, and it is very scalable and capable of handling tasks, especially for the on-premises product.

    How are customer service and support?

    For technical support, I can rate it as seven. They also have the same issues other vendors are facing. They are good at resolving issues but not all of them. When we reach out to someone, we often wait for the right person with the right skills to come and fix the solution, which is the major challenge.

    How would you rate customer service and support?

    Neutral

    Which solution did I use previously and why did I switch?

    We validated ArcSight, Securonix Next-Gen SIEM, and Splunk while considering suitable SIEM solutions. Before using Securonix Next-Gen SIEM, we used ArcSight, where the integration created many issues, particularly data integration, because most end-of-life service systems are not supported in ArcSight, and regular content updates are not up to the mark. Securonix Next-Gen SIEM provides both options, which made us switch from ArcSight.

    We also considered Splunk, and we noticed the customization in our organization is not at the level we need. We tried providing some applications to develop a custom parser, but we do not think Splunk is capable of handling such complexities.

    What about the implementation team?

    As I mentioned, it has been hardly a year. We have a premium subscription with the vendor for Securonix Next-Gen SIEM implementation and related activities, and so far, we have never faced any issues since the vendor support is available. It may become a challenge in the fourth year if we do not renew as a premium license and go with an operational license.

    Which other solutions did I evaluate?

    It does take some time to get there.

    What other advice do I have?

    I would rate Securonix Next-Gen SIEM as six to seven out of ten.

    From my perspective, it changes based on the organization using it. If your scope focuses on big data, I recommend going with Securonix Next-Gen SIEM. If you plan to maintain the same level of scope in the on-premises environment without any advanced technology, then I would suggest going with better SIEM solutions.

    Which deployment model are you using for this solution?

    On-premises

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    reviewer2649528

    Alerts are effectively managed with auto-incident creation and useful behavioral analytics

    Reviewed on Feb 13, 2025
    Review provided by PeerSpot

    What is our primary use case?

    We use Securonix for alert generation by feeding events from different data sources and creating policies. Based on policy violations, we manage alerts. It's essentially a SIEM  system for what we do with Securonix.

    What is most valuable?

    One of the valuable features of Securonix is the auto-incident creation, which was not available two or three years ago. Previously, we had to create incidents manually when a violation was triggered. Now, the process is automatic, reducing our workload. Additionally, behavioral analytics is a useful function, even though it sometimes triggers due to legitimate actions. It requires fine-tuning but correctly detects abnormal behavior.

    What needs improvement?

    When dealing with a large amount of data, such as when firewall logs increase, queries sometimes crash or get stuck. This issue became noticeable after transitioning from a NetApp  to a Snowflake  environment. Improving this would be helpful.

    For how long have I used the solution?

    I have been using Securonix for the last three years.

    What do I think about the stability of the solution?

    I would rate stability as an eight out of ten.

    What do I think about the scalability of the solution?

    I rate scalability as seven out of ten.

    How are customer service and support?

    The technical support from Securonix is good. If I raise a ticket, it initially goes to the L1 team, but the next level of escalation is really effective. Response times are satisfactory and meet deadlines.

    How would you rate customer service and support?

    Neutral

    Which solution did I use previously and why did I switch?

    I have used other SIEM  and SOAR  solutions that automatically assign incidents to engineers, which would be a beneficial feature to add in Securonix.

    How was the initial setup?

    Our tech team handles the setup outside of my working hours, and the process is simple.

    What's my experience with pricing, setup cost, and licensing?

    I'm not sure about subscriptions and pricing as it's handled by others.

    Which other solutions did I evaluate?

    The main competitors to Securonix are Splunk and QRadar .

    What other advice do I have?

    If you could improve query stability with large data sources, it would be beneficial. 

    Overall, I rate Securonix as an eight out of ten.

    Yoganantham Theerthagiri

    Interactive dashboards and behavior analytics transform security monitoring

    Reviewed on Jan 27, 2025
    Review provided by PeerSpot

    What is our primary use case?

    I use this solution for security monitoring and user behavior analytics. Banks, governments, and the oil and gas sector utilize it.

    What is most valuable?

    The software includes user behavior interactions, dashboards, and training capabilities. These features are interactive, allowing for comprehensive engagement.

    What needs improvement?

    In terms of improvements, SIEM  could have better integration with other technologies. 

    Additionally, it might benefit from integration with other sources, such as firewalls. It all depends on specific use cases.

    For how long have I used the solution?

    I have been using the solution for three years.

    What do I think about the stability of the solution?

    I have found the solution to be stable.

    What do I think about the scalability of the solution?

    The system is very scalable, and I would rate it around eight out of ten.

    How are customer service and support?

    I find customer service to be very good.

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    The initial setup is not very complex, however, it does have its intricacies, and I would rate it around seven out of ten.

    What was our ROI?

    The return on investment depends on the customer. It typically takes at least a year to realize the value.

    What's my experience with pricing, setup cost, and licensing?

    Comparatively, it is reasonable when compared to solutions like Splunk and Exabeam . Licensing is based on events per second (EPS), costing between $50 to $60 per EPS.

    What other advice do I have?

    My rating for the solution would be around eight out of ten. 

    If organizations are on a journey to move to cloud, I recommend transitioning to Securonix over an on-premise solution due to its ease of deployment in cloud.

    Bavan Balakrishnan

    The AI capabilities enhance threat detection

    Reviewed on Nov 22, 2024
    Review provided by PeerSpot

    What is our primary use case?

    We use Securonix Next-Gen SIEM  as a SIEM , security incident and event management solution in our organization.

    What is most valuable?

    Securonix Next-Gen SIEM  has effective features for threat detection, such as models and custom trap models which are useful. Its integration capabilities are good and comprehensive, allowing us to connect with various necessary components. 

    Additionally, the AI capabilities enhance threat detection, although they were relatively new at the time. Finally, the solution has shown to be time-saving in the long run.

    What needs improvement?

    The passing and setup are quite complex at the beginning, making onboarding not smooth, which is an area that needs improvement.

    For how long have I used the solution?

    We have been using the solution for around two years.

    What do I think about the stability of the solution?

    I rate the stability of the solution as eight on a scale of one to ten.

    What do I think about the scalability of the solution?

    The solution is scalable as it is cloud-based and cloud-native.

    How are customer service and support?

    Customer support is rated around seven to eight out of ten. The support system requires creating support requests, and there is no UK-based support, which leads to delays in waiting for US support.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    Previously, we used Splunk. We switched to Securonix Next-Gen SIEM  since Splunk required a lot of hand-holding in terms of creating rules and models. We needed a solution out of the box as we have a small team.

    How was the initial setup?

    The initial setup involved complex passing and setup, which made the onboarding process not smooth.

    What about the implementation team?

    Deployment was handled by the vendor, Securonix themselves.

    What was our ROI?

    The solution is time-saving, particularly in the long run after it is deployed, enabling us to get value promptly.

    What's my experience with pricing, setup cost, and licensing?

    The pricing has similar ingestion charges compared to other solutions, such as Splunk.

    Which other solutions did I evaluate?

    We compared Securonix with Exabeam  before deployment.

    What other advice do I have?

    I would recommend Securonix Next-Gen SIEM depending on the use case. For a small team that wants to get things done without much additional work, it is suitable. 

    Overall, I would rate the solution at eight point five.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    View all reviews