Seceon Open Threat Management Platform Reviews

The solution is primarily used in a business server on-premises.

At the workplace, this solution collects security events and security incidents, information, from around 300 critical customer nodes. It covers everything from firewalls, servers, key management stations, IoT gateways, and more. 

The capacity to identify the behavior of attacks and to generate rules in an actionable format is the solution's most valuable aspect. The solution generates rules that can go directly to the devices. YOu can set up a behavioral alarm and can generate rules to monitor specific ports, network segments, network servers, server isolation, and so on. It can actually write rules that can be used immediately by the security devices that are connected to it. It doesn't allow for the threats to touch the devices they are attacking.

The solution is very fast. 

It's easy to set up the solution. 

The solution is stable. 

In terms of missing features, it's too soon to say as I've only had two weeks with it. That said, one of the things that caught my attention is that a number of processes seem to take up CPUs. It's a huge amount of computational power. It's justified, of course, however, this puts the solution at a level that's too high for a small enterprise to handle.

It would be ideal with the processing was more manageable. Not many customers are willing to have a dedicated server with two CPUs and one TB of memory. The cost of this is huge for a smaller organization. 

We've been using the solution for two weeks. 

The solution is stable. We have two monitors for the physical-based server, and one for the virtual servers. We have no issues at all transferring the application.

We have only begun working with the solution for two weeks. We have not attempted to scale it. 

We're using about nine to ten percent of the capacity. The number of security events and information coming in, however, was very fast. We've had to expand the storage to double in less than a month. After the first hour or so of collecting security information, you can already have a dashboard. It's already collected that amount of information. 

We haven't tested their level of response to issues yet as we have just started using the product. However, we have had direct contact with them to run a test case. It seems that the solution itself then doesn't have any potential issues. The issues are coming from our side. The solution needs to be compatible with standard systems and some systems that are not standard. However, there is also a development area in Seceon, and they can allow for connection via an API to support legacy or nonstandard systems. In any case, we haven't had issues directly related to problems with the solution just yet. 

The product is very easy to set up. It's not overly complex or difficult. It's quite straightforward. 

There is no need for a very sophisticated professional to do this. I mean, a technician can do this. There's no mystery about it.

The deployment is quick. When deployed to virtual machines, we spend half a day. If it's just for an application, it takes two hours. 

We're just a customer and an end-user. We're also distributing the product.

We're looking to move to a cloud solution within a couple of months. 

If we compare the solution with other SIEM solutions that are also turning to artificial intelligence, this will be the number one choice. It's very good.

I'd advise new users to be mindful of the calculations, planning, and sizing. You have to be careful about the selection of virtual machines and capacity. The sizing on the architectures is the most important issue to take a look at and to be careful of before beginning to use this solution.

I'd rate the solution at a ten out of ten. That said, this is not a very simple solution. We need to be mindful of the selection of the right customer, the right size, the right financial capacity. This is not a solution for everyone.

We're an MSSP, and we provide a security operations center as a service. We've been doing that for 20 years. We have recently embarked on, for the first time, co-managed SIEM solutions. We have customers who are interested in owning a SIEM but having us to manage it. We're always looking for products that are beneficial for different classifications of customers. We recommend these products to customers based on their requirements. We work with several SIEM developers, where when they sell a solution to another MSP or an end customer, they recommend us for 24/7 management.

We implemented this solution into our data centers and onboarded customers on behalf of the MSP partners. We operated a 24/7 security operation center that managed it and responded to alerts, etc. That's actually one of the best values on the market when it comes to a SIEM.

The main thing is the value proposition. It is one of the most sophisticated yet affordable solutions that I've come across. It is also one of the easiest-to-manage yet comprehensive solutions for a SOC analyst.

Its customizations are really good, and it has a lot of integrations. It is multi-tenant and very fast to onboard. Its stability is 100%. We've never had an outage with it. It doesn't require extensive hardware resources. 

Its level of support is also very good. They have a very responsive technical team.

It is a standalone solution now. They need to make it into a cloud-based subscription model.

It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft.

I have been using this solution for about two years. I have worked for them as a consultant for some time, and I have also worked for a company where I purchased it or made the purchasing decision and implemented it. 

I have used its multiple versions. I have used their first iteration all the way up to the version about three months ago.

Its stability is 100%. We've never had an outage with it. Some of the customers had outages sometimes, but these outages weren't because of this solution. They were fast to build integrations. 

Its stability has been really good. It didn't require extensive hardware resources. It was more efficient in terms of resource usage than some of the other SIEMs that I've implemented.

Their technical support was excellent. We didn't have to engage them very often. They had their own development team, and they were very fast at the turnaround for things like integration. If we ran into a problem, they were fast. 

They also provided the most extensive training than any of the other SIEMs that I've implemented.

The initial setup was very straightforward. It uses industry-standard tools.

It has a per-asset model instead of an ingestion-based model, which gives predictable pricing. In terms of price, it is in the middle to lower range of SIEMs that it competes against.

It is the most affordable solution that we have implemented so far. It was much more affordable than anything else I've implemented. 

I would rate Seceon Open Threat Management Platform a nine of ten.

We use this solution primarily for event management, cyber threat hunting and threat management. Additionally, we deploy this solution on-premises.

The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features.

The product could be improved by including sandboxing capabilities in the next release.

We have been using this solution for two years.

The solution is fairly stable.

The solution is scalable. There are currently four people working with this solution on my team.

We provide technical support as employees to our customers.

The initial setup was straightforward and took approximately two weeks to implement.

The pricing for this solution is reasonable. However, I am unsure of the approximate costs.

We evaluated the Splunk SIEM solution. Splunk as a SIEM solution is good, but Seceon Open Threat Management Platform provides a more straightforward implementation that is better than Splunk. In addition, Splunk offers more flexibility and search capabilities, but Seceon Open Threat Management Platform provides an AI-based platform with machine learning and deep learning capabilities. So, in my opinion, Seceon Open Threat Management Platform is a better solution than Splunk.

I rate this solution an eight out of ten. I advise new users looking to implement this solution to choose Seceon Open Threat Management Platform if they are searching for government compliance and regulatory parts, as it will assist in meeting their requirements or securing the organization's IT assets very quickly for deployment. The solution is good, but more sandboxing capabilities could be introduced into the product.

Seceon OTM is primarily used as a security operations center (SOC) solution.

Seceon OTM gives a bundle of solutions with a single license, eliminating the need to purchase different tools. For example, you can get source solutions and endpoint protection from the platform. So, you can get multiple solutions from one platform. 

On top of that, they are using AI. So it's very good to be a possession of the Seceon OTM in SOC. It's very valuable.

The most valuable feature of this solution is its artificial intelligence. It greatly enhances their technology.

There might be room for improvement in the Seceon Open Threat Management platform. For example, the management console could use some enhancements.

The functionality of the product is not affected, but the management console itself could be improved. Overall, that's the only aspect that comes to mind for potential enhancement.

I've been using it for four months now. I compared it with other SIM solutions that incorporate artificial intelligence (AI). 

Seceon stands out because they have been using AI in its platform since its launch in 2015, which makes them very unique in the market. They offer unique features compared to competitors like LogRhythm, QRadar, and RxI.

As far as stability is concerned, based on the feedback I've seen on the internet, the solution appears to be stable. It's still relatively new in the market, but it has received positive feedback, even in terms of the operating system. 

Many customers in our company, especially server providers, have expressed satisfaction with it.

It is a scalable solution. It is easy to scale and flexible. Since Seceon system is virtual and can operate in a virtual environment; there are no limitations like those found in hardware appliances. This virtual support enables easy scaling. I would rate the scalability of Seceon a nine out of ten.

Customer service and support are good. They respond quickly.

Positive

The initial setup is not much hard. There are deployment phases involved, but it's nothing hard.

The deployment of a SIM solution requires a minimum of two weeks. During this time, the solution starts receiving Syslogs from various network devices such as firewalls, switches, and routers. It takes some time for the system to learn and adapt to this data. 

However, if everything is ready from the customer's side, the implementation can be completed within two weeks. The presence of AI helps expedite the process.

There is an ROI as a level one SOC analyst, it's 100%. Seceon AI will work effectively without them.

The pricing is very competitive. It's not expensive. It's closer to the low end, so I would rate the pricing around a four out of ten, where one is for low price, and ten is for high price. 

Seceon is still establishing itself in the market and is not yet leading the industry, but they are growing rapidly. Therefore, the price is quite competitive.

There are additional costs, but if you opt for those, you'll get around three additional features. When you purchase an additional license, it unlocks four features, providing more options. They are flexible in this regard, so it's not mandatory to pay more. You can simply purchase the standard licenses. So it's up to the customer's requirements. If they require the additional license, we can add it for them. If not, they can stick with the standard licenses.

So just the standard license covers their needs.

I would recommend this solution for those who are not looking to hire a level-one SOC analyst, it's better to go with Seceon AI. Most other solutions require a SOC analytics level one, which operates on a three-level system: SOC analytics one, SOC two, and SOC three. The level depends on the severity of network problems. 

For example, SOC one is responsible for detecting and catching any attacks in the network, then analyzing them manually before reporting to the SOC analyst. However, with Seceon AI, you don't need to have that. There's no requirement for a level one SOC analyst. Seceon AI will work for you. It will work for them. So, in this aspect, there's no need to hire additional personnel.  

So, Seceon AI will work for you. It will work for them. This means there's no need to hire additional staff, so the AI can do the job.

Overall, I would rate the solution an eight out of ten.