"The best thing about Purview is that it's easy to integrate with our day-to-day environment. We have Active Directory, and Word and Excel. Using a third-party vendor and trying to integrate with our existing environment would be much more challenging."
"The most valuable feature is being able to look at users' behavioral profiles to see what they typically access. One of the key events that we monitor is people's downloading of objects... It's very easy to see people's patterns, what they typically do."
"The big data security analytics platform, structured and unstructured data analytics, and user and entity behavior analytics provided by the product are probably the best in the industry."
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"When we were looking for products for our security monitoring needs, our biggest requirement was that we wanted something based on machine-learning and analytics. If you go with rules, it can raise a lot of noise. Securonix, with its UEBA capability, had the best analytics use-cases."
"I was looking for software as a service rather than having issues with managing hardware, upgrades, updates. I was trying to step away from that. Those were the key factors when looking at Securonix as a full-feature SIEM with next-generation capabilities available."
"What I like most is that the threat models and risk scoring are very accurate and very helpful to the analysts on my team. They help highlight the most important things for them to look at."
"One of the most valuable features it has is the thread chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before."
"The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features."
"For certain things, you need to install an agent. I understand it's for integrity, but if there could be a clientless solution for certain aspects, it would make life easier."
"Securonix could open up information regarding the indicators of compromise or cyber-threat intelligence database that they use. The idea is that they share what threats they are detecting."
"It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process."
"A helpful feature would be an event export. A way to create more substantial summary reports would be nice."
"Regarding the analysis of security events on the SOC side, Securonix Next-Gen SIEM needs to improve its automation capabilities."
"Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized and they've been working with us to help improve things."
"The technical support of the solution is an area with shortcomings and needs improvement."
"Sometimes, there is instability in the data in terms of the customization of the time. I have sometimes observed discrepancies in the data, which is something they should work on. They should bring more stability to time customization. If we are seeing a particular data, when we change the time zone, there should be the same data. There should not be any discrepancy."
"There is slight room for improvement in terms of the initial deployment. What I see is that Securonix is more focused on their product. They are expanding, in a big way, the number of customers. So there has to be a number of dedicated teams to jump on and speed up the deployment process."
Microsoft Purview Insider Risk Management is ranked 3rd in Insider Risk Management with 1 review while Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews. Microsoft Purview Insider Risk Management is rated 8.0, while Securonix Next-Gen SIEM is rated 8.6. The top reviewer of Microsoft Purview Insider Risk Management writes "Eliminates manual work in searching for document leaks and makes it easy to present reports to auditors". On the other hand, the top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". Microsoft Purview Insider Risk Management is most compared with Splunk User Behavior Analytics, Dtex Systems, Microsoft Defender for Identity and LogRhythm UEBA, whereas Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, LogRhythm SIEM and Sumo Logic Security.
We monitor all Insider Risk Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.