Securonix Next-Gen SIEM and Microsoft Defender for Identity compete in the security information and event management (SIEM) category. Securonix appears to have the upper hand due to its advanced analytics and flexibility, whereas Microsoft Defender for Identity excels in identity protection within the Microsoft ecosystem.
Features: Securonix Next-Gen SIEM provides behavior analytics for user monitoring, advanced threat chaining to decrease false positives, and extensive customization options for specific use cases. Its cloud integration is strong, allowing for effective monitoring of various cloud services. Microsoft Defender for Identity offers seamless integration with the Microsoft ecosystem, focusing on user identity and access management. It includes privilege escalation detection and provides thorough coverage of both cloud and on-premise environments.
Room for Improvement: Securonix could improve its user interface and simplify integration with third-party platforms like ServiceNow. Enhanced customization for reporting and visualization would also be beneficial. Deployment and onboarding could be quicker. Microsoft Defender for Identity should work on reducing false positives and improving threat intelligence depth. Enhancements in resolving issues directly from the console and managing complex scenarios are needed.
Ease of Deployment and Customer Service: Securonix provides flexibility for cloud and on-premises deployment, but the process can be complex, requiring strong support. Customer service is proactive but can vary in response times. Microsoft Defender for Identity supports cloud deployment with robust integration into Microsoft services. While technical support is responsive, consistency in customer service experience could improve. Securonix stands out for its cooperative support in complex integrations, while Microsoft capitalizes on its unified security platform approach.
Pricing and ROI: Securonix pricing is competitive based on user count, offering predictable costs and fast ROI due to operational efficiencies and reduced incident investigations. Microsoft's Defender for Identity is included in various Microsoft licensing models, appearing cost-effective within a broader Microsoft suite but potentially costly as a standalone solution. Both solutions yield positive ROI, with Securonix offering scalability and predictability, and Microsoft providing significant value to existing ecosystem users.
The solution is time-saving, particularly in the long run after it is deployed, enabling us to get value promptly.
The quality of support is very good, but troubleshooting can take time due to complex setups and the need to provide many logs.
Generally, the support is more effective than other providers like Oracle.
If I raise a ticket, it initially goes to the L1 team, but the next level of escalation is really effective.
There is no UK-based support, which leads to delays in waiting for US support.
In a Microsoft-centric organization, especially with Azure infrastructure and Office 365, Microsoft Defender for Identity is scalable.
The solution is scalable as it is cloud-based and cloud-native.
Microsoft Defender for Identity is quite robust and built on Azure hyperscale infrastructure, with a 99% availability.
Reducing false positives is something we've been working on with Microsoft.
One improvement I would recommend is the integration of an admin application within Teams, allowing easy access to attack information on a mobile platform.
The areas of Microsoft Defender for Identity that can be improved include its cost, which is quite expensive when integrated into Sentinel.
The passing and setup are quite complex at the beginning, making onboarding not smooth.
When dealing with a large amount of data, such as when firewall logs increase, queries sometimes crash or get stuck.
SIEM could have better integration with other technologies.
Ensuring a fair price according to market standards.
the Microsoft Defender Suite is quite expensive, especially when integrated into Sentinel.
From an organization perspective, using E5 licenses is value for money, especially if Azure and Office 365 are already in use.
Licensing is based on events per second (EPS), costing between $50 to $60 per EPS.
The pricing has similar ingestion charges compared to other solutions, such as Splunk.
The most valuable features of Microsoft Defender for Identity include its automatic remedies, possibilities for avoiding incidents, the privilege manager, and the generation of logs that facilitate a safer environment.
The integration into the Microsoft Defender ecosystem is the most valuable feature of Microsoft Defender for Identity.
The advanced threat protection is one of the strengths of Microsoft Defender for Identity, as it utilizes user and entity analytics and can detect indicative attacks.
The software includes user behavior interactions, dashboards, and training capabilities.
Now, the process is automatic, reducing our workload.
Microsoft Defender for Identity integrates with Microsoft tools to monitor user activity, providing advanced threat detection and analysis using AI. It enhances proactive threat response and security visibility, making it essential for securing on-premises and cloud environments like Active Directory.
Microsoft Defender for Identity offers comprehensive monitoring and AI-driven user behavior analysis. It detects threats through real-time alerts and identifies lateral movements and entity tagging, ensuring robust security management. With excellent visibility via its dashboard, it supports customized detection rules and seamlessly integrates with SIEM platforms. While SecureScore and SecureScan provide robust environment security, there is room for improvement in cloud security, on-premises application integration, and remediation capabilities. Azure integration is limited, and the administrative interface could be more user-friendly. Users experience frequent false positives, affecting threat detection efficiency.
What key features stand out in Microsoft Defender for Identity?In specific industries such as education and finance, Microsoft Defender for Identity is crucial for securing on-premises Active Directory and Azure Active Directory environments. It effectively detects suspicious activities and manages conditional access policies, offering user and entity behavior analytics, endpoint detection and response capabilities. This helps prevent unauthorized access and strengthens overall security, making it an invaluable asset for organizations aiming to safeguard their digital infrastructure.
Securonix Next-Gen SIEM is a security information and event management solution designed to provide advanced threat detection, response, and compliance capabilities. It leverages machine learning and big data analytics to offer a comprehensive security platform for modern enterprises.
Securonix Next-Gen SIEM utilizes advanced analytics and machine learning to detect complex threats that traditional SIEM solutions might miss. Its architecture is built on Hadoop, enabling scalability and the processing of large volumes of data in real-time. This allows organizations to gain deep insights into security incidents, prioritize threats, and automate response actions. The solution also includes behavior analytics to detect insider threats and unknown attacks, integrating seamlessly with existing IT infrastructure.
What are the critical features of Securonix Next-Gen SIEM?
What is the ROI expectations?
Securonix Next-Gen SIEM is implemented across various industries, including finance, healthcare, and retail. Its flexibility and advanced analytics capabilities make it suitable for environments with complex security needs. In finance, it helps detect fraud, while in healthcare, it ensures patient data security. In retail, it protects against data breaches and payment fraud.
In summary, Securonix Next-Gen SIEM offers advanced threat detection, scalability, and integration capabilities, making it a robust solution for modern enterprises.
We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.