We use Securonix for alert generation by feeding events from different data sources and creating policies. Based on policy violations, we manage alerts. It's essentially a SIEM system for what we do with Securonix.

One of the valuable features of Securonix is the auto-incident creation, which was not available two or three years ago. Previously, we had to create incidents manually when a violation was triggered. Now, the process is automatic, reducing our workload. Additionally, behavioral analytics is a useful function, even though it sometimes triggers due to legitimate actions. It requires fine-tuning but correctly detects abnormal behavior.

When dealing with a large amount of data, such as when firewall logs increase, queries sometimes crash or get stuck. This issue became noticeable after transitioning from a NetApp to a Snowflake environment. Improving this would be helpful.

I have been using Securonix for the last three years.

I would rate stability as an eight out of ten.

I rate scalability as seven out of ten.

The technical support from Securonix is good. If I raise a ticket, it initially goes to the L1 team, but the next level of escalation is really effective. Response times are satisfactory and meet deadlines.

Neutral

I have used other SIEM and SOAR solutions that automatically assign incidents to engineers, which would be a beneficial feature to add in Securonix.

Our tech team handles the setup outside of my working hours, and the process is simple.

I'm not sure about subscriptions and pricing as it's handled by others.

The main competitors to Securonix are Splunk and QRadar.

If you could improve query stability with large data sources, it would be beneficial. 

Overall, I rate Securonix as an eight out of ten.

I use this solution for security monitoring and user behavior analytics. Banks, governments, and the oil and gas sector utilize it.

The software includes user behavior interactions, dashboards, and training capabilities. These features are interactive, allowing for comprehensive engagement.

In terms of improvements, SIEM could have better integration with other technologies. 

Additionally, it might benefit from integration with other sources, such as firewalls. It all depends on specific use cases.

I have been using the solution for three years.

I have found the solution to be stable.

The system is very scalable, and I would rate it around eight out of ten.

I find customer service to be very good.

Neutral

The initial setup is not very complex, however, it does have its intricacies, and I would rate it around seven out of ten.

The return on investment depends on the customer. It typically takes at least a year to realize the value.

Comparatively, it is reasonable when compared to solutions like Splunk and Exabeam. Licensing is based on events per second (EPS), costing between $50 to $60 per EPS.

My rating for the solution would be around eight out of ten. 

If organizations are on a journey to move to cloud, I recommend transitioning to Securonix over an on-premise solution due to its ease of deployment in cloud.

We use Securonix Next-Gen SIEM as a SIEM, security incident and event management solution in our organization.

Securonix Next-Gen SIEM has effective features for threat detection, such as models and custom trap models which are useful. Its integration capabilities are good and comprehensive, allowing us to connect with various necessary components. 

Additionally, the AI capabilities enhance threat detection, although they were relatively new at the time. Finally, the solution has shown to be time-saving in the long run.

The passing and setup are quite complex at the beginning, making onboarding not smooth, which is an area that needs improvement.

We have been using the solution for around two years.

I rate the stability of the solution as eight on a scale of one to ten.

The solution is scalable as it is cloud-based and cloud-native.

Customer support is rated around seven to eight out of ten. The support system requires creating support requests, and there is no UK-based support, which leads to delays in waiting for US support.

Positive

Previously, we used Splunk. We switched to Securonix Next-Gen SIEM since Splunk required a lot of hand-holding in terms of creating rules and models. We needed a solution out of the box as we have a small team.

The initial setup involved complex passing and setup, which made the onboarding process not smooth.

Deployment was handled by the vendor, Securonix themselves.

The solution is time-saving, particularly in the long run after it is deployed, enabling us to get value promptly.

The pricing has similar ingestion charges compared to other solutions, such as Splunk.

We compared Securonix with Exabeam before deployment.

I would recommend Securonix Next-Gen SIEM depending on the use case. For a small team that wants to get things done without much additional work, it is suitable. 

Overall, I would rate the solution at eight point five.

We have created correlation rules. When the condition matches, we get the alerts. We start analyzing the alerts and then create tickets for it in ServiceNow. We have also created dashboards in Securonix. If any breaches of data or unpredictable work is detected, it will show in the dashboard.

Securonix is a money-sharing tool. Its price range is very low compared to other tools.

The most beneficial feature is the option for a resource group name. We don't have to type the query specifically. We can select the resource group name or functionality directly of which type of security tool logs we want. We don't need to write the query for that; we just have to select.

I face slowness issues sometimes, especially when we write a query to search specific logs from the resource group. Apart from that, there should be GUI changes.

I have been working with the Securonix solution for eight to ten months.

Securonix is stable, yet sometimes there is slowness.

The solution is scalable.

We are not raising any questions with customer service or support.

Positive

I was using Splunk for six months.

The initial setup was straightforward, and I did not face any challenges.

For new users, it is good to use. For experienced users, they need fast query resolution; otherwise, it will be difficult for them to use. It does not require much maintenance.

I'd rate the solution eight out of ten.

We use Securonix Next-Gen SIEM primarily for managed SOC, focusing on threat detection, baselining, and ensuring the maturity of our SOC security operations. 

It is integrated with threat intelligence and utilizes frameworks like MITRE ATT&CK and the Cyber Kill Chain. 

The solution helps in threat detection, especially with use cases like brute force attacks, port scans (both horizontal and vertical), other insider threat activities, Privileged access abuse, Ransomware detection and Data exfiltration prevention. We also customize and fine-tune these use cases based on our requirements.

Securonix Next-Gen SIEM has significantly improved the visibility of tools and technologies within the environment. 

It enhances our security posture by providing comprehensive oversight of users and devices, aiding in threat detection and prevention. 

Additionally, its scalability and ease of onboarding new devices and technologies have streamlined our security operations.

The most valuable feature of Securonix Next-Gen SIEM is its advance analytics, flexibility and scalability. We ingest billions of logs without worrying about resource allocation. This makes it a robust and cost-effective solution for our needs. Its user entity and behavior analytics (UEBA) are also integral for detecting insider threats and lateral movements within the organization. These features help organizations strengthen their security posture, protect sensitive data, and maintain compliance with strict regulatory requirements.

The dashboards in Securonix Next-Gen SIEM need more customization and informational capabilities. 

The reporting features also require improvements. 

Additionally, the multi-tenancy functionality should be enhanced to allow individual consoles for different customers, which is currently a limitation. This feedback has been given to Securonix for future improvements.

I have previous experience with Securonix Next-Gen SIEM for almost three years in deployment management and baselining in my past experience.

Securonix Next-Gen SIEM is very stable and reliable, but like any sophisticated security platform, its stability depends on several factors, including deployment architecture, environment, and proper maintenance. It handles billions of logs efficiently, along with the managed service, ensure its reliable performance especially when deployed in the cloud. However, to maintain long-term stability, it's important to ensure the platform is well-resourced, updated regularly, and properly configured. When implemented correctly, Securonix SIEM delivers reliable performance and security monitoring without significant interruptions.

The scalability of Securonix Next-Gen SIEM is seamless. We don't have to worry about resource allocation as long as we have the required EPS licenses. The solution is designed to scale according to our needs without any hassle.

Securonix is generally regarded for its strong customer service and support, which is a critical factor in ensuring the success of complex security solutions like SIEM. Overall, Securonix offers solid and responsive support with a team that is technically proficient and helpful, especially in complex deployments. The proactive guidance, customization support, and strong documentation make it easier for organizations to implement and maintain their SIEM effectively. However, for critical issues, it's advisable to escalate promptly and ensure you're engaging the appropriate level of support for your organization's needs. 

Positive

Prior to Securonix, we evaluated LogRhythm and IBM QRadar. Based on our company’s requirements, reduced operational overhead, lower TCO and improved threat detection Securonix Next-Gen SIEM was the best fit.

The initial setup includes evaluating technology that fits our organizational needs, signing NDAs, scoping, providing inventory, and EPS calculation. Once we procure the licenses, there is an expectation setting for onboarding, followed by workflows for exchanging guides, documents, and prerequisites. After the environment is ready, we proceed with onboarding.

I was closely working with the internal team and the vendor, leading the project. Including me, there were four people involved in the onboarding and baselining part.

From a business point of view, it can be assessed in both quantitative and qualitative terms. The ROI may vary depending on the organization’s size, security needs, and how well the platform is utilized and is highly positive in environments with high compliance requirements, frequent security incidents, or large amounts of data to process. By reducing incidents, improving operational efficiency, and simplifying compliance, the cost savings and protection against expensive breaches can quickly outweigh the initial investment.

The pricing of Securonix Next-Gen SIEM is reasonable, especially considering the package they provide. If we went with the same package with another vendor, it would be significantly more expensive. It’s value for money.

Before choosing Securonix, we evaluated LogRhythm and IBM QRadar. Based on our requirements need for more advanced analytics, scalability, better cloud integration, and automated threat detection., Securonix Next-Gen SIEM was found to be the best fit.

My recommendation would be to evaluate the solution precisely based on the company's requirements to avoid scalability issues in the future. Careful calculation of the EPS during initial sizing is crucial as it can become costly to procure additional EPS licenses later.

I'd rate the solution eight out of ten.

We use Securonix Next-Gen SIEM to provide managed security services. We have an MSSP delivery model using the Securonix asset platform tool that delivers the solution to multiple customers using their multi-tenant approach. It is a shared service delivery model, and we have close to five customers using the tool in our MSSP model.

We get very positive responses from the customer regarding their lock management and storage.

The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features.

Regarding the analysis of security events on the SOC side, Securonix Next-Gen SIEM needs to improve its automation capabilities. Other products have machine learning and AI algorithms that can trigger alerts automatically. This is a key feature that Securonix Next-Gen SIEM needs to be improved.

I have been using Securonix Next-Gen SIEM for three years now. We use the solution's latest version.

There are many integration issues. I rate the solution’s stability a seven out of ten.

I rate the solution’s scalability a seven out of ten.

We have worked with QRadar SIEM, Splunk, and Microsoft Sentinel. We use Securonix because we have a managed services model. 

We rely entirely on Securonix's production services for maintenance. They handle this, so we do not need to be involved in maintenance. In that area, I recommend this product. Overall, I rate the solution an eight out of ten.

From my experience, clients have been enjoying the product because it enables faster threat detection. We use it daily for hunting and developing strategies, which are much more extensive compared to the results from a traditional SIEM.

With Next-Gen SIEM, we are achieving more with less effort. We can gather more information from the logs and organize it in a different product view, which reduces the need for a large workforce. So we can achieve more with fewer people, and this is particularly advantageous in my line of work, where we need to hire additional staff as we sell more products. However, with this kind of solution bringing in more information about threats and improvements for the organization, we can handle the workload with fewer personnel.

The most valuable aspect is the ability to automate tasks, particularly user behavior analytics. It streamlines processes and makes it very efficient to work with, both for me and the users in my company.

I work in Brazil, and the solution is not very well known here. The market for technology in Brazil, not related to the quality of the product, is not very favorable yet. I see this as a challenge. We need to invest more effort in raising awareness and educating people about the product's capabilities. 

Additionally, one aspect that could be improved is the pricing of the product in Brazil. It is reasonable, but when compared to similar tools or products that are more common in Brazil, it tends to be a bit higher.

I started to use this solution about two years ago; my company started to work with Next-Gen SIEM.

To say the truth, neither I nor my colleagues who work with me have encountered any complaints about stability. As the leading company in Brazil for Securonix or the biggest seller of Securonix in Brazil, we have had no issues with stability up to this point. It has been very reliable, and there have been no instances of lagging, crashing, or any significant downtime reported.

The solution is highly scalable since it operates in a public cloud environment. This allows us to store and process a large amount of information as needed. The scalability is one of the remarkable qualities of this product, which makes it very effective, especially when we are dealing with substantial data volumes in the cloud.

Since I work in the sales team, I didn't need technical support. My role is mainly focused on discussing and selling the product to customers, highlighting its advantages.

So, if any technical assistance is required, it would be handled by the partner or someone else in the client-facing team. I have mostly been involved in the sales process, and I haven't had the need to engage with the technical support team.

I work with two options for Securonix. I use the Legacy and the Advantage versions. The Advantage option is beneficial because it includes the features of the Legacy version at the price of the Legacy package. However, it gets complicated when dealing with User and Entity Behavior Analytics (UBA) and other additional features. The EPS (Events Per Second) quantity grows significantly, leading to the need for more resources to handle the workload when using UBA and other advanced features. 

If Securonix aims to grow more and improve its position in the Brazilian market, it might need to consider adjusting its pricing to be more competitive. Currently, as we work with AI solutions, the price might need to go down to better grow its presence in the Brazilian market.

I believe in the quality of the product, so I would rate the pricing as a seven out of ten, where one is low pricing, and ten is high pricing.

When we talk about SIEM, it's important to understand how it brings the necessary information to the company and how we can apply the right intelligence to extract insights about threats and other relevant aspects. I suggest investing time to clearly define what you want to achieve with the SIEM solution. If you don't have a clear understanding of your objectives, the results may not meet your expectations. Take the time to thoroughly understand your requirements to make the most out of the system.

In my market and environment, I compete with Splunk, QRadar, and IBM. I've also heard about Hexabeam, but it's not a major competitor here in Brazil. Another one we're considering, which has posed some challenges, is Google Chronicle. However, the two biggest competitors for me are Splunk and QRadar.

When comparing Securonix to Splunk, one issue is the pricing; I believe even Securonix is on the higher side. However, in terms of working with cloud environments, Securonix has an advantage as it performs exceptionally well in the cloud. Unlike Splunk, which struggles in cloud setups, Securonix handles it perfectly. Additionally, in terms of crunching work in the database (DB), Securonix performs better and more efficiently than Splunk, making it a better choice for such tasks.

Other products seem to have a more established market presence, and people are familiar with them, but they might not be as acquainted with Securonix. However, I am confident about the quality of Securonix, and when I get the chance to demonstrate how it works, people tend to like it.

Furthermore, in comparison to IBM, I don't encounter any technical problems with Securonix. The quality of Securonix is solid, and I have no issues discussing its capabilities. When it comes to pricing, Securonix offers a more competitive solution. Even if it's only ten percent better than Splunk in some aspects, the overall value makes it a better option in the end. If the price difference is not as significant, it's more likely that customers will choose Securonix over other options.

Overall, I would rate the solution an eight out of ten. 

Our company does manage a stock of solutions for our customers. We use some tools like Splunk SIEM and some other technologies as well.

The reason why a customer chooses the solution for its features depends on the customer. Customers may choose it based on budget or the features they're looking for, and it varies, honestly.

I am from the sales team and the technical team, because of which I can't speak much about its features.

Customers may plan their next year's budget. If customers find that they haven't derived value from the solution, they might think about the prices, and then they would reevaluate the solution, after which they choose another solution.

The technical support of the solution is an area with shortcomings and needs improvement. My customers didn't face any issues regarding support from the solution's vendor, but it could be from the partner or from those providing support for the solution. Support could be more flexible, and they can delegate the support part of their operations to partners.

I have been using Securonix Next-Gen SIEM for three or four years. My company acts as a system integrator and reseller while also having a partnership with Securonix.

The solution has proven to be stable so far.

The solution is easy to scale up.

My customers who use the solution are enterprise-sized businesses.

Technical support for Securonix is good. I rate the technical support an eight out of ten. I don't give a ten out of ten rating because all the solutions need a marginal score to improve. None of the solutions would have a hundred percent satisfaction from customers.

Positive

I work with Splunk. The pros and cons of a solution depend on its features, customers, and the scale of the customer.

As per our technical team, the initial setup was fine. It wasn't really difficult.

I am from the sales department, so I don't get involved in the implementation.

The solution is deployed on-premises.

Pricing of the solution is an aspect that depends on a customer's budget. Sometimes the price fits a customer's budget. At times, the solution's price becomes a huge burden on the customer.

A yearly payment has to be made toward the solution's licensing costs.

Additional costs other than the solution's licensing costs are for the installation and support.

I rate the pricing an eight on a scale of one to ten, where one is cheap, and ten is very expensive. It is a pretty expensive tool.

The solution requires maintenance, and the people required for maintenance depend on the applied or rolled-out solution's size. If the solution is applied at a larger scale, more team members are needed for maintenance. It is not difficult to maintain the solution.

I recommend the solution to those planning to use it since it is a good solution in the SIEM and SOC space. Some different providers or vendors also work in the SIEM and SOC space. The customers or potential users should evaluate a product before buying it, and everything would be fine.

The solution can fit all sizes. It's not only for enterprises since you'll find some SMBs looking for solutions like Securonix Next-Gen SIEM, but it will be a bit expensive out of their budget. Usually, SMBs don't place a budget for SOC since they can go for a managed SOC. Securonix Next-Gen SIEM could fit the requirements of SMBs as well.

It is a good product that needs to improve.

Overall, I rate the solution an eight out of ten.