We work with CrowdStrike, Securonix Next-Gen SIEM, and other cybersecurity products such as Gurucul. We are a service provider and partner of Securonix Next-Gen SIEM. We operate as a reseller of Securonix Next-Gen SIEM for their customers' cybersecurity as their primary defense mechanism.

They are very updated. Their customer responses are great, and they keep using the new AI tools to keep themselves at the edge of the game.

This is very helpful because there are many false positives which keep cropping up, and one of the things that Securonix Next-Gen SIEM does very well is ensuring they don't give attention to false positives. They don't take attention away from the real problems and reduce a lot of noise.

We look forward to more developments from Securonix Next-Gen SIEM in terms of their service turnaround times and staying connected with customers.

Given that they have already started improving on the service levels, there isn't much we can recommend at this point. We will wait and see how things unfold.

We have been using the solution for about four years.

We have experienced no latency issues with the system.

It's fairly scalable. We have not had any customers come back to say they cannot scale at the speed of their business growth. Typically, Securonix Next-Gen SIEM is chosen by customers who are already fairly large. They don't have very small customers implementing Securonix Next-Gen SIEM.

It's certainly meant for large entities and to some extent medium entities who are on a growth trajectory, but certainly not for small ones.

They excel in response times and quick reactions when there's an actual threat. We work with a particular team which is regionally based out of the Middle East, and they have been very responsive, so we don't want to make any changes.

Positive

The solution is easily integrable and fairly easy to implement.

The solution is definitely not expensive. It's benchmarked against others in this space, and we haven't received any negative feedback about pricing from customers or prospects.

The choice depends on the posture that the particular company would take. If they are more mobile intensive with more endpoints, they would go for solutions from companies such as CrowdStrike. It also depends on which tool the CISO and the rest of their team is more comfortable dealing with.

Automated threat hunting is an evolving space because you can only hunt so many threats, but there are always some that go completely unnoticed. You only know what you know.

The system is pretty robust because it covers all applications and the entire spectrum. There are cycles that you keep going through and review periodically.

Whatever feedback we provide to the Securonix Next-Gen SIEM team, they have been very forthcoming.

I rate Securonix Next-Gen SIEM a 9 out of 10.

We have actually used our company, which is a large one, and we are using multiple Securonix Next-Gen SIEM technologies. For the on-premises environment, we are using Securonix Next-Gen SIEM, and for cloud, we are using Sentinel.

We primarily use Securonix Next-Gen SIEM to detect policy violations, firewall detection, and other basic parts for the on-premises system, but we primarily focus on the cloud solution because cloud is the scope of our work and we are moving to cloud slowly.

The other SIEM solutions lack an option for big data analysis, whereas in the Securonix Next-Gen SIEM, we have this option, so considering the scope of the project we planned, we chose Securonix Next-Gen SIEM over other vendors.

We utilize user and entity behavior analytics in the Securonix Next-Gen SIEM.

The reporting in the Securonix Next-Gen SIEM is very good, and the dashboard is great.

We have a separate dashboard for MTTD and MTTR. Compared to the previous solution we used, Securonix Next-Gen SIEM has many advantages on the MTTR part, as the containment and alerts automations are feasible from the response point of view.

The customization in Securonix Next-Gen SIEM is more difficult compared to other solutions. At the operation level, we are not facing many challenges with automating things using Securonix Next-Gen SIEM, but at the admin level, we have many challenges where log parsing is causing issues and compatibility is not present.

The primary technology challenge we have is not at the security tools level. For example, firewall Cisco and others are capable. However, specific to product, for SAP, we are using certain products, and developing custom connectors for each product, especially the internal applications, is difficult, and Securonix Next-Gen SIEM is not up to the mark.

I have been working with Securonix Next-Gen SIEM for almost one and a half years, and we have undergone a major migration. Earlier, we were an individual company, but we have now merged with MBD, so the bank scope has been widely spread, and we have migrated to Securonix Next-Gen SIEM.

We had an individual product before we purchased Securonix Next-Gen SIEM, having separate SOAR and SIEM solutions, along with separate tools for each activity. Securonix Next-Gen SIEM has built a centralized environment where we can perform all these tasks without any dependency on a separate SOAR solution for containing alerts' action items, and the big data plays a major role, allowing a large setup of datasets to be parsed into Securonix Next-Gen SIEM without issues.

The stability of Securonix Next-Gen SIEM is based on the events we are processing. For certain solutions where not much log is generated or stored, it handles tasks efficiently, but where a large number of logs are generated in a short time, it keeps them as a cache and releases them as an event, which takes some time. It is stable, but only at a certain level.

I do not face any challenges regarding scalability. I can rate it around eight to nine, and it is very scalable and capable of handling tasks, especially for the on-premises product.

For technical support, I can rate it as seven. They also have the same issues other vendors are facing. They are good at resolving issues but not all of them. When we reach out to someone, we often wait for the right person with the right skills to come and fix the solution, which is the major challenge.

Neutral

We validated ArcSight, Securonix Next-Gen SIEM, and Splunk while considering suitable SIEM solutions. Before using Securonix Next-Gen SIEM, we used ArcSight, where the integration created many issues, particularly data integration, because most end-of-life service systems are not supported in ArcSight, and regular content updates are not up to the mark. Securonix Next-Gen SIEM provides both options, which made us switch from ArcSight.

We also considered Splunk, and we noticed the customization in our organization is not at the level we need. We tried providing some applications to develop a custom parser, but we do not think Splunk is capable of handling such complexities.

As I mentioned, it has been hardly a year. We have a premium subscription with the vendor for Securonix Next-Gen SIEM implementation and related activities, and so far, we have never faced any issues since the vendor support is available. It may become a challenge in the fourth year if we do not renew as a premium license and go with an operational license.

It does take some time to get there.

I would rate Securonix Next-Gen SIEM as six to seven out of ten.

From my perspective, it changes based on the organization using it. If your scope focuses on big data, I recommend going with Securonix Next-Gen SIEM. If you plan to maintain the same level of scope in the on-premises environment without any advanced technology, then I would suggest going with better SIEM solutions.

We use Securonix for alert generation by feeding events from different data sources and creating policies. Based on policy violations, we manage alerts. It's essentially a SIEM system for what we do with Securonix.

One of the valuable features of Securonix is the auto-incident creation, which was not available two or three years ago. Previously, we had to create incidents manually when a violation was triggered. Now, the process is automatic, reducing our workload. Additionally, behavioral analytics is a useful function, even though it sometimes triggers due to legitimate actions. It requires fine-tuning but correctly detects abnormal behavior.

When dealing with a large amount of data, such as when firewall logs increase, queries sometimes crash or get stuck. This issue became noticeable after transitioning from a NetApp to a Snowflake environment. Improving this would be helpful.

I have been using Securonix for the last three years.

I would rate stability as an eight out of ten.

I rate scalability as seven out of ten.

The technical support from Securonix is good. If I raise a ticket, it initially goes to the L1 team, but the next level of escalation is really effective. Response times are satisfactory and meet deadlines.

Neutral

I have used other SIEM and SOAR solutions that automatically assign incidents to engineers, which would be a beneficial feature to add in Securonix.

Our tech team handles the setup outside of my working hours, and the process is simple.

I'm not sure about subscriptions and pricing as it's handled by others.

The main competitors to Securonix are Splunk and QRadar.

If you could improve query stability with large data sources, it would be beneficial. 

Overall, I rate Securonix as an eight out of ten.

I use this solution for security monitoring and user behavior analytics. Banks, governments, and the oil and gas sector utilize it.

The software includes user behavior interactions, dashboards, and training capabilities. These features are interactive, allowing for comprehensive engagement.

In terms of improvements, SIEM could have better integration with other technologies. 

Additionally, it might benefit from integration with other sources, such as firewalls. It all depends on specific use cases.

I have been using the solution for three years.

I have found the solution to be stable.

The system is very scalable, and I would rate it around eight out of ten.

I find customer service to be very good.

Neutral

The initial setup is not very complex, however, it does have its intricacies, and I would rate it around seven out of ten.

The return on investment depends on the customer. It typically takes at least a year to realize the value.

Comparatively, it is reasonable when compared to solutions like Splunk and Exabeam. Licensing is based on events per second (EPS), costing between $50 to $60 per EPS.

My rating for the solution would be around eight out of ten. 

If organizations are on a journey to move to cloud, I recommend transitioning to Securonix over an on-premise solution due to its ease of deployment in cloud.

We use Securonix Next-Gen SIEM as a SIEM, security incident and event management solution in our organization.

Securonix Next-Gen SIEM has effective features for threat detection, such as models and custom trap models which are useful. Its integration capabilities are good and comprehensive, allowing us to connect with various necessary components. 

Additionally, the AI capabilities enhance threat detection, although they were relatively new at the time. Finally, the solution has shown to be time-saving in the long run.

The passing and setup are quite complex at the beginning, making onboarding not smooth, which is an area that needs improvement.

We have been using the solution for around two years.

I rate the stability of the solution as eight on a scale of one to ten.

The solution is scalable as it is cloud-based and cloud-native.

Customer support is rated around seven to eight out of ten. The support system requires creating support requests, and there is no UK-based support, which leads to delays in waiting for US support.

Positive

Previously, we used Splunk. We switched to Securonix Next-Gen SIEM since Splunk required a lot of hand-holding in terms of creating rules and models. We needed a solution out of the box as we have a small team.

The initial setup involved complex passing and setup, which made the onboarding process not smooth.

Deployment was handled by the vendor, Securonix themselves.

The solution is time-saving, particularly in the long run after it is deployed, enabling us to get value promptly.

The pricing has similar ingestion charges compared to other solutions, such as Splunk.

We compared Securonix with Exabeam before deployment.

I would recommend Securonix Next-Gen SIEM depending on the use case. For a small team that wants to get things done without much additional work, it is suitable. 

Overall, I would rate the solution at eight point five.

We have created correlation rules. When the condition matches, we get the alerts. We start analyzing the alerts and then create tickets for it in ServiceNow. We have also created dashboards in Securonix. If any breaches of data or unpredictable work is detected, it will show in the dashboard.

Securonix is a money-sharing tool. Its price range is very low compared to other tools.

The most beneficial feature is the option for a resource group name. We don't have to type the query specifically. We can select the resource group name or functionality directly of which type of security tool logs we want. We don't need to write the query for that; we just have to select.

I face slowness issues sometimes, especially when we write a query to search specific logs from the resource group. Apart from that, there should be GUI changes.

I have been working with the Securonix solution for eight to ten months.

Securonix is stable, yet sometimes there is slowness.

The solution is scalable.

We are not raising any questions with customer service or support.

Positive

I was using Splunk for six months.

The initial setup was straightforward, and I did not face any challenges.

For new users, it is good to use. For experienced users, they need fast query resolution; otherwise, it will be difficult for them to use. It does not require much maintenance.

I'd rate the solution eight out of ten.

We use Securonix Next-Gen SIEM primarily for managed SOC, focusing on threat detection, baselining, and ensuring the maturity of our SOC security operations. 

It is integrated with threat intelligence and utilizes frameworks like MITRE ATT&CK and the Cyber Kill Chain. 

The solution helps in threat detection, especially with use cases like brute force attacks, port scans (both horizontal and vertical), other insider threat activities, Privileged access abuse, Ransomware detection and Data exfiltration prevention. We also customize and fine-tune these use cases based on our requirements.

Securonix Next-Gen SIEM has significantly improved the visibility of tools and technologies within the environment. 

It enhances our security posture by providing comprehensive oversight of users and devices, aiding in threat detection and prevention. 

Additionally, its scalability and ease of onboarding new devices and technologies have streamlined our security operations.

The most valuable feature of Securonix Next-Gen SIEM is its advance analytics, flexibility and scalability. We ingest billions of logs without worrying about resource allocation. This makes it a robust and cost-effective solution for our needs. Its user entity and behavior analytics (UEBA) are also integral for detecting insider threats and lateral movements within the organization. These features help organizations strengthen their security posture, protect sensitive data, and maintain compliance with strict regulatory requirements.

The dashboards in Securonix Next-Gen SIEM need more customization and informational capabilities. 

The reporting features also require improvements. 

Additionally, the multi-tenancy functionality should be enhanced to allow individual consoles for different customers, which is currently a limitation. This feedback has been given to Securonix for future improvements.

I have previous experience with Securonix Next-Gen SIEM for almost three years in deployment management and baselining in my past experience.

Securonix Next-Gen SIEM is very stable and reliable, but like any sophisticated security platform, its stability depends on several factors, including deployment architecture, environment, and proper maintenance. It handles billions of logs efficiently, along with the managed service, ensure its reliable performance especially when deployed in the cloud. However, to maintain long-term stability, it's important to ensure the platform is well-resourced, updated regularly, and properly configured. When implemented correctly, Securonix SIEM delivers reliable performance and security monitoring without significant interruptions.

The scalability of Securonix Next-Gen SIEM is seamless. We don't have to worry about resource allocation as long as we have the required EPS licenses. The solution is designed to scale according to our needs without any hassle.

Securonix is generally regarded for its strong customer service and support, which is a critical factor in ensuring the success of complex security solutions like SIEM. Overall, Securonix offers solid and responsive support with a team that is technically proficient and helpful, especially in complex deployments. The proactive guidance, customization support, and strong documentation make it easier for organizations to implement and maintain their SIEM effectively. However, for critical issues, it's advisable to escalate promptly and ensure you're engaging the appropriate level of support for your organization's needs. 

Positive

Prior to Securonix, we evaluated LogRhythm and IBM QRadar. Based on our company’s requirements, reduced operational overhead, lower TCO and improved threat detection Securonix Next-Gen SIEM was the best fit.

The initial setup includes evaluating technology that fits our organizational needs, signing NDAs, scoping, providing inventory, and EPS calculation. Once we procure the licenses, there is an expectation setting for onboarding, followed by workflows for exchanging guides, documents, and prerequisites. After the environment is ready, we proceed with onboarding.

I was closely working with the internal team and the vendor, leading the project. Including me, there were four people involved in the onboarding and baselining part.

From a business point of view, it can be assessed in both quantitative and qualitative terms. The ROI may vary depending on the organization’s size, security needs, and how well the platform is utilized and is highly positive in environments with high compliance requirements, frequent security incidents, or large amounts of data to process. By reducing incidents, improving operational efficiency, and simplifying compliance, the cost savings and protection against expensive breaches can quickly outweigh the initial investment.

The pricing of Securonix Next-Gen SIEM is reasonable, especially considering the package they provide. If we went with the same package with another vendor, it would be significantly more expensive. It’s value for money.

Before choosing Securonix, we evaluated LogRhythm and IBM QRadar. Based on our requirements need for more advanced analytics, scalability, better cloud integration, and automated threat detection., Securonix Next-Gen SIEM was found to be the best fit.

My recommendation would be to evaluate the solution precisely based on the company's requirements to avoid scalability issues in the future. Careful calculation of the EPS during initial sizing is crucial as it can become costly to procure additional EPS licenses later.

I'd rate the solution eight out of ten.

My use cases relate to SIEM. 

I like Securonix Next-Gen SIEM's integration with in-house AI. I use its behavior analytics feature and am happy with it. It helps to enhance security. 

The solution's AI features reduce the need for manual analysis and help in decision-making. It displays the report in seconds.  It saves my resources three to four hours of work. 

Securonix Next-Gen SIEM's deployment is complex and you need a team to do it. 

I have been using the product for two years. 

I rate the solution's stability a ten out of ten. 

The tool is scalable since it's on the cloud. There are no limitations. 

I haven't contacted the technical support since we have a strong in-house team. 

We did the deployment in-house. 

The solution's price is double the competitors. 

I would recommend Securonix Next-Gen SIEM to SMBs if they have the money. I rate it a ten out of ten.