Try our new research platform with insights from 80,000+ expert users
Information Technology Consultant at a computer software company with 51-200 employees
Reseller
Very fast, easy to set up, and makes rule creation simple
Pros and Cons
  • "The solution is stable."
  • "It would be ideal with the processing was more manageable. Not many customers are willing to have a dedicated server with two CPUs and one TB of memory. The cost of this is huge for a smaller organization."

What is our primary use case?

The solution is primarily used in a business server on-premises.

At the workplace, this solution collects security events and security incidents, information, from around 300 critical customer nodes. It covers everything from firewalls, servers, key management stations, IoT gateways, and more. 

What is most valuable?

The capacity to identify the behavior of attacks and to generate rules in an actionable format is the solution's most valuable aspect. The solution generates rules that can go directly to the devices. YOu can set up a behavioral alarm and can generate rules to monitor specific ports, network segments, network servers, server isolation, and so on. It can actually write rules that can be used immediately by the security devices that are connected to it. It doesn't allow for the threats to touch the devices they are attacking.

The solution is very fast. 

It's easy to set up the solution. 

The solution is stable. 

What needs improvement?

In terms of missing features, it's too soon to say as I've only had two weeks with it. That said, one of the things that caught my attention is that a number of processes seem to take up CPUs. It's a huge amount of computational power. It's justified, of course, however, this puts the solution at a level that's too high for a small enterprise to handle.

It would be ideal with the processing was more manageable. Not many customers are willing to have a dedicated server with two CPUs and one TB of memory. The cost of this is huge for a smaller organization. 

For how long have I used the solution?

We've been using the solution for two weeks. 

Buyer's Guide
Seceon Open Threat Management Platform
October 2024
Learn what your peers think about Seceon Open Threat Management Platform. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.

What do I think about the stability of the solution?

The solution is stable. We have two monitors for the physical-based server, and one for the virtual servers. We have no issues at all transferring the application.

What do I think about the scalability of the solution?

We have only begun working with the solution for two weeks. We have not attempted to scale it. 

We're using about nine to ten percent of the capacity. The number of security events and information coming in, however, was very fast. We've had to expand the storage to double in less than a month. After the first hour or so of collecting security information, you can already have a dashboard. It's already collected that amount of information. 

How are customer service and support?

We haven't tested their level of response to issues yet as we have just started using the product. However, we have had direct contact with them to run a test case. It seems that the solution itself then doesn't have any potential issues. The issues are coming from our side. The solution needs to be compatible with standard systems and some systems that are not standard. However, there is also a development area in Seceon, and they can allow for connection via an API to support legacy or nonstandard systems. In any case, we haven't had issues directly related to problems with the solution just yet. 

How was the initial setup?

The product is very easy to set up. It's not overly complex or difficult. It's quite straightforward. 

There is no need for a very sophisticated professional to do this. I mean, a technician can do this. There's no mystery about it.

The deployment is quick. When deployed to virtual machines, we spend half a day. If it's just for an application, it takes two hours. 

What other advice do I have?

We're just a customer and an end-user. We're also distributing the product.

We're looking to move to a cloud solution within a couple of months. 

If we compare the solution with other SIEM solutions that are also turning to artificial intelligence, this will be the number one choice. It's very good.

I'd advise new users to be mindful of the calculations, planning, and sizing. You have to be careful about the selection of virtual machines and capacity. The sizing on the architectures is the most important issue to take a look at and to be careful of before beginning to use this solution.

I'd rate the solution at a ten out of ten. That said, this is not a very simple solution. We need to be mindful of the selection of the right customer, the right size, the right financial capacity. This is not a solution for everyone.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Co-Founder and CTO at a tech services company with 11-50 employees
Real User
A sophisticated, comprehensive, and affordable solution that has 100% stability and lots of integrations
Pros and Cons
  • "The main thing is the value proposition. It is one of the most sophisticated yet affordable solutions that I've come across. It is also one of the easiest-to-manage yet comprehensive solutions for a SOC analyst. Its customizations are really good, and it has a lot of integrations. It is multi-tenant and very fast to onboard. Its stability is 100%. We've never had an outage with it. It doesn't require extensive hardware resources. Its level of support is also very good. They have a very responsive technical team."
  • "It is a standalone solution now. They need to make it into a cloud-based subscription model. It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft."

What is our primary use case?

We're an MSSP, and we provide a security operations center as a service. We've been doing that for 20 years. We have recently embarked on, for the first time, co-managed SIEM solutions. We have customers who are interested in owning a SIEM but having us to manage it. We're always looking for products that are beneficial for different classifications of customers. We recommend these products to customers based on their requirements. We work with several SIEM developers, where when they sell a solution to another MSP or an end customer, they recommend us for 24/7 management.

We implemented this solution into our data centers and onboarded customers on behalf of the MSP partners. We operated a 24/7 security operation center that managed it and responded to alerts, etc. That's actually one of the best values on the market when it comes to a SIEM.

What is most valuable?

The main thing is the value proposition. It is one of the most sophisticated yet affordable solutions that I've come across. It is also one of the easiest-to-manage yet comprehensive solutions for a SOC analyst.

Its customizations are really good, and it has a lot of integrations. It is multi-tenant and very fast to onboard. Its stability is 100%. We've never had an outage with it. It doesn't require extensive hardware resources. 

Its level of support is also very good. They have a very responsive technical team.

What needs improvement?

It is a standalone solution now. They need to make it into a cloud-based subscription model.

It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft.

For how long have I used the solution?

I have been using this solution for about two years. I have worked for them as a consultant for some time, and I have also worked for a company where I purchased it or made the purchasing decision and implemented it. 

I have used its multiple versions. I have used their first iteration all the way up to the version about three months ago.

What do I think about the stability of the solution?

Its stability is 100%. We've never had an outage with it. Some of the customers had outages sometimes, but these outages weren't because of this solution. They were fast to build integrations. 

Its stability has been really good. It didn't require extensive hardware resources. It was more efficient in terms of resource usage than some of the other SIEMs that I've implemented.

How are customer service and technical support?

Their technical support was excellent. We didn't have to engage them very often. They had their own development team, and they were very fast at the turnaround for things like integration. If we ran into a problem, they were fast. 

They also provided the most extensive training than any of the other SIEMs that I've implemented.

How was the initial setup?

The initial setup was very straightforward. It uses industry-standard tools.

What's my experience with pricing, setup cost, and licensing?

It has a per-asset model instead of an ingestion-based model, which gives predictable pricing. In terms of price, it is in the middle to lower range of SIEMs that it competes against.

It is the most affordable solution that we have implemented so far. It was much more affordable than anything else I've implemented. 

What other advice do I have?

I would rate Seceon Open Threat Management Platform a nine of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Seceon Open Threat Management Platform
October 2024
Learn what your peers think about Seceon Open Threat Management Platform. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Tamim Khan - PeerSpot reviewer
Solution Architect at Tiger IT Bangladesh
Real User
Great solution for event and threat management with a straightforward setup
Pros and Cons
  • "The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features."
  • "The product could be improved by including sandboxing capabilities in the next release."

What is our primary use case?

We use this solution primarily for event management, cyber threat hunting and threat management. Additionally, we deploy this solution on-premises.

What is most valuable?

The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features.

What needs improvement?

The product could be improved by including sandboxing capabilities in the next release.

For how long have I used the solution?

We have been using this solution for two years.

What do I think about the stability of the solution?

The solution is fairly stable.

What do I think about the scalability of the solution?

The solution is scalable. There are currently four people working with this solution on my team.

How are customer service and support?

We provide technical support as employees to our customers.

How was the initial setup?

The initial setup was straightforward and took approximately two weeks to implement.

What's my experience with pricing, setup cost, and licensing?

The pricing for this solution is reasonable. However, I am unsure of the approximate costs.

Which other solutions did I evaluate?

We evaluated the Splunk SIEM solution. Splunk as a SIEM solution is good, but Seceon Open Threat Management Platform provides a more straightforward implementation that is better than Splunk. In addition, Splunk offers more flexibility and search capabilities, but Seceon Open Threat Management Platform provides an AI-based platform with machine learning and deep learning capabilities. So, in my opinion, Seceon Open Threat Management Platform is a better solution than Splunk.

What other advice do I have?

I rate this solution an eight out of ten. I advise new users looking to implement this solution to choose Seceon Open Threat Management Platform if they are searching for government compliance and regulatory parts, as it will assist in meeting their requirements or securing the organization's IT assets very quickly for deployment. The solution is good, but more sandboxing capabilities could be introduced into the product.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Systems Engineer at a tech services company with 11-50 employees
Reseller
Top 5Leaderboard
Integration of AI in Seceon OTM enhances its capabilities and makes it a valuable asset for SOCs
Pros and Cons
  • "The most valuable feature of this solution is its artificial intelligence."
  • "The management console could use some enhancements."

What is our primary use case?

Seceon OTM is primarily used as a security operations center (SOC) solution.

Seceon OTM gives a bundle of solutions with a single license, eliminating the need to purchase different tools. For example, you can get source solutions and endpoint protection from the platform. So, you can get multiple solutions from one platform. 

On top of that, they are using AI. So it's very good to be a possession of the Seceon OTM in SOC. It's very valuable.

How has it helped my organization?


What is most valuable?

The most valuable feature of this solution is its artificial intelligence. It greatly enhances their technology.

What needs improvement?

There might be room for improvement in the Seceon Open Threat Management platform. For example, the management console could use some enhancements.

The functionality of the product is not affected, but the management console itself could be improved. Overall, that's the only aspect that comes to mind for potential enhancement.

For how long have I used the solution?

I've been using it for four months now. I compared it with other SIM solutions that incorporate artificial intelligence (AI). 

Seceon stands out because they have been using AI in its platform since its launch in 2015, which makes them very unique in the market. They offer unique features compared to competitors like LogRhythm, QRadar, and RxI.

What do I think about the stability of the solution?

As far as stability is concerned, based on the feedback I've seen on the internet, the solution appears to be stable. It's still relatively new in the market, but it has received positive feedback, even in terms of the operating system. 

Many customers in our company, especially server providers, have expressed satisfaction with it.

What do I think about the scalability of the solution?

It is a scalable solution. It is easy to scale and flexible. Since Seceon system is virtual and can operate in a virtual environment; there are no limitations like those found in hardware appliances. This virtual support enables easy scaling. I would rate the scalability of Seceon a nine out of ten.

How are customer service and support?

Customer service and support are good. They respond quickly.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is not much hard. There are deployment phases involved, but it's nothing hard.

What about the implementation team?

The deployment of a SIM solution requires a minimum of two weeks. During this time, the solution starts receiving Syslogs from various network devices such as firewalls, switches, and routers. It takes some time for the system to learn and adapt to this data. 

However, if everything is ready from the customer's side, the implementation can be completed within two weeks. The presence of AI helps expedite the process.

What was our ROI?

There is an ROI as a level one SOC analyst, it's 100%. Seceon AI will work effectively without them.

What's my experience with pricing, setup cost, and licensing?

The pricing is very competitive. It's not expensive. It's closer to the low end, so I would rate the pricing around a four out of ten, where one is for low price, and ten is for high price. 

Seceon is still establishing itself in the market and is not yet leading the industry, but they are growing rapidly. Therefore, the price is quite competitive.

There are additional costs, but if you opt for those, you'll get around three additional features. When you purchase an additional license, it unlocks four features, providing more options. They are flexible in this regard, so it's not mandatory to pay more. You can simply purchase the standard licenses. So it's up to the customer's requirements. If they require the additional license, we can add it for them. If not, they can stick with the standard licenses.

So just the standard license covers their needs.

What other advice do I have?

I would recommend this solution for those who are not looking to hire a level-one SOC analyst, it's better to go with Seceon AI. Most other solutions require a SOC analytics level one, which operates on a three-level system: SOC analytics one, SOC two, and SOC three. The level depends on the severity of network problems. 

For example, SOC one is responsible for detecting and catching any attacks in the network, then analyzing them manually before reporting to the SOC analyst. However, with Seceon AI, you don't need to have that. There's no requirement for a level one SOC analyst. Seceon AI will work for you. It will work for them. So, in this aspect, there's no need to hire additional personnel.  

So, Seceon AI will work for you. It will work for them. This means there's no need to hire additional staff, so the AI can do the job.

Overall, I would rate the solution an eight out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
PeerSpot user
Buyer's Guide
Download our free Seceon Open Threat Management Platform Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2024
Buyer's Guide
Download our free Seceon Open Threat Management Platform Report and get advice and tips from experienced pros sharing their opinions.