Try our new research platform with insights from 80,000+ expert users

NetWitness Platform vs Securonix Next-Gen SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024
 

Categories and Ranking

NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
24th
Average Rating
7.4
Number of Reviews
36
Ranking in other categories
Log Management (25th)
Securonix Next-Gen SIEM
Ranking in Security Information and Event Management (SIEM)
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
30
Ranking in other categories
Identity Threat Detection and Response (ITDR) (7th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of NetWitness Platform is 0.6%, down from 0.9% compared to the previous year. The mindshare of Securonix Next-Gen SIEM is 1.2%, down from 1.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

MdZaman - PeerSpot reviewer
Oct 22, 2021
Really scalable for enterprise customers
The solution should have more integration capabilities with different platforms. The API is nearly open and scalable, so the solution can integrate with many platforms. The solution has more than 200 log sources in the scalability to support, but this is its limit. Installation is pretty easy. However, there are a couple of modules involved, so it is not as easy as it could be. We are talking about a distributed module, not a single-module type. This is what makes things a bit complex, instead of easier. I rate it as a seven out of ten on its installation and configuration capabilities.
Mohammed Nadeem Rais - PeerSpot reviewer
Sep 23, 2024
The visibility and analytics from Securonix SIEM have become indispensable in identifying and stopping potential threats before they escalate.
We use Securonix Next-Gen SIEM primarily for managed SOC, focusing on threat detection, baselining, and ensuring the maturity of our SOC security operations.  It is integrated with threat intelligence and utilizes frameworks like MITRE ATT&CK and the Cyber Kill Chain.  The solution helps in threat…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"The solution is really scalable for the high-end power, enterprise customer."
"The most valuable features are the integration and ease of use."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"It's quite economical compared to other solutions in the market."
"The most valuable features are the packet inspection and the automated incident response."
"The newer 11.5 version that my team is using has found it to have good mapping."
"SNYPR has a bundle of features. It has the UEBA feature that tells you about the behavior of a person or entity. In the tool itself, there is an incident management feature, which is definitely valuable."
"The big data security analytics platform, structured and unstructured data analytics, and user and entity behavior analytics provided by the product are probably the best in the industry."
"When we were looking for products for our security monitoring needs, our biggest requirement was that we wanted something based on machine-learning and analytics. If you go with rules, it can raise a lot of noise. Securonix, with its UEBA capability, had the best analytics use-cases."
"The most valuable feature is that it works on user behavior and event rarities."
"I rate the technical support a nine out of ten. They're friendly. Whenever we have a P1 issue, we write an email and our issue is resolved in one or two hours."
"The solution's AI features reduce the need for manual analysis and help in decision-making. It displays the report in seconds. It saves my resources three to four hours of work."
"I was looking for software as a service rather than having issues with managing hardware, upgrades, updates. I was trying to step away from that. Those were the key factors when looking at Securonix as a full-feature SIEM with next-generation capabilities available."
"The machine-learning algorithms are the most valuable feature because they're able to identify the 'needle in the haystack.'"
 

Cons

"The implementation needs assistance."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"The initial setup is very complex and should be simplified."
"We thought they were going to be a great product, however, they're actually not great at all as an MSP."
"We have a lot of users who, because they're engineers and they're bringing down product data - where, at times, a top-level product could be 10,000 or 15,000 objects - it's difficult for us to determine what should be a concern and what shouldn't be a concern. We work with the Securonix folks to try to come up with better ways to identify that."
"Securonix Next-Gen SIEM's deployment is complex and you need a team to do it."
"One aspect that could be improved is the pricing of the product in Brazil."
"Sometimes, there is instability in the data in terms of the customization of the time. I have sometimes observed discrepancies in the data, which is something they should work on. They should bring more stability to time customization. If we are seeing a particular data, when we change the time zone, there should be the same data. There should not be any discrepancy."
"There is room for improvement in the product's integration with ServiceNow and in the reporting features."
"I face slowness issues sometimes."
"Regarding the analysis of security events on the SOC side, Securonix Next-Gen SIEM needs to improve its automation capabilities."
 

Pricing and Cost Advice

"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."
"It’s cheaper to run virtual machines in a VMware environment."
"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
"The licenses are good but the cost is very expensive."
"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."
"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
"It provides tools to assist in selecting the appropriate license and usage scenarios."
"I had heard that it was much cheaper than Splunk and some of the other tools, and they gave us a nice package with support. They accommodated the number of users and support very well."
"Its pricing is quite similar to others and is very competitive. The other solutions have different types of licensing, but when you do the math, it is competitive."
"We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service."
"We went in on a three-year agreement which has an annual licensing fee, based upon the number of people that we're monitoring. There have not been any additional costs to the standard licensing fees."
"The pricing is fine compared to the market but I think that at some point the competitors will catch up on price."
"A good thing about Securonix is that they don't charge by volume of data or number of devices... They charge by the number of employees, which is a much more predictable number for me, versus data. Our costs are in the $100,000 range over a three-year subscription."
"The solution's price is double the competitors."
"The pricing is good, but by adding more things, the licensing becomes more complex because an EPS license fluctuates a lot. This licensing concept is going to be problematic in the long run."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
17%
Computer Software Company
17%
Government
7%
Insurance Company
6%
Computer Software Company
19%
Financial Services Firm
12%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
What is your experience regarding pricing and costs for NetWitness Platform?
The product price was reasonable for my region and the market.
What needs improvement with NetWitness Platform?
From an improvement perspective, the NetWitness Platform needs to release new features and improve in areas like log correlation. The tool needs to have easier integrations with the cloud. Building...
Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What is your primary use case for Securonix Security Analytics?
We use Securonix Next-Gen SIEM primarily for managed SOC, focusing on threat detection, baselining, and ensuring the maturity of our SOC security operations. It is integrated with threat intelligen...
What do you like most about Securonix Next-Gen SIEM?
The two major features of this product we extensively use are the UEBA capability and the multi-tenant approach with the centralized data logs system. Customers are very happy with these features.
 

Also Known As

RSA Security Analytics
Securonix Security Analytics
 

Learn More

Video not available
 

Overview

 

Sample Customers

Los Angeles World Airports, Reply
Dtex Systems, Pfizer, Western Union, Harris, ITG
Find out what your peers are saying about NetWitness Platform vs. Securonix Next-Gen SIEM and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.