We just raised a $30M Series A: Read our story

Securonix Security Analytics Alternatives and Competitors

Get our free report covering Splunk, Exabeam, IBM, and other competitors of Securonix Security Analytics. Updated: October 2021.
552,305 professionals have used our research since 2012.

Read reviews of Securonix Security Analytics alternatives and competitors

YJ
Program Coordinator at a financial services firm with 10,001+ employees
Real User
Good at security logging in our infrastructure but be prepared for problems if you start with a large implementation

Pros and Cons

  • "The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
  • "We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."

What is most valuable?

The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it. 

It's good at security logging in our infrastructure but not really application logging. 

For how long have I used the solution?

We have been using Exabeam for a few months. 

How was the initial setup?

We had RSA earlier, we were a mature client, we had a big bang kind of start. Exabeam was really prepared there. We had some issues that we were able to sort out. They sent very experienced engineers to help us with the issues we had. Now we have a technical account manager. We are very pleased with it. Now, it looks much better but it's a large implementation. If you have a large implementation with lots of data you can expect a few issues and problems. If you start off with a small implementation then it would be a different story. We started off with loads and loads of data that we wanted to ingest. After a couple of months, things look a lot better. 

Which other solutions did I evaluate?

We did a POC with Splunk, IBM QRadar and Securonix and we came to the conclusion that Exabeam was the best option for us. Everybody knows that Splunk is the top product but it's very expensive. The price model is based on the volume of logs of data that you process in the system. It's very unpredictable and expensive compared to other products.

What other advice do I have?

We reviewed four different vendors but before we did the evaluation, we took a deep look at our use cases to understand our requirements so we would know the expected use cases and requirements on the system. It's important to know what you want to use it for. For us, it was about security use cases. If you are a new customer, you should think of the use cases that you have. All of the vendors we evaluated were good but Exabeam has a very good price model. That's where they win when they compete with Splunk, for instance. With Exabeam, you're not restricted to the log volume. You can add as much as you like. The only limit is the hardware. At some point, you may need to extend the hardware. We have plans to increase usage.

I would rate it a seven out of ten. 

We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with. That's where they could try to improve their services. We had some issues. Some of it was due to our own load balancing problems that caused a few issues. But if they had had their expert guys on-site they would have found the error much earlier. They didn't have their best experts so I think we lost a big of implementation time. I would've expected more attention on their side. They created tickets but that wasn't the way to work. When you start a large implementation, they need to have their experts on-site as opposed to opening regular tickets. They need to be on-site to fix the issues. They sent very good technical experts after a few months and it only took them half a day to figure out the issues and after that, it worked very well. Our account manager is very senior and we are very pleased with him.

They've been very professional during the POC. We had ongoing commercial discussions. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
MA
Information Security Officer at a tech services company with 51-200 employees
MSP
Top 20
It is easy to use and deploy, but it lacks proper support

Pros and Cons

  • "It is easy to use and deploy. It comes with user-friendly manuals."
  • "McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."

What is our primary use case?

We use McAfee ESM for IT operations and a few security-related things. 

What is most valuable?

It is easy to use and deploy. It comes with user-friendly manuals.

What needs improvement?

McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support.

It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better.

For how long have I used the solution?

I have been using McAfee ESM for maybe the last six years. 

What do I think about the stability of the solution?

It has very good stability.

What do I think about the scalability of the solution?

So far, we haven't tried scaling. Because it is on-premises, it is almost a setup environment. We don't do any major changes on the same site because it is quite critical and gets alerts. We don't want to mess up with our configuration.

How are customer service and technical support?

They take a long time, and the technical person who comes from support doesn't seem to be knowledgeable. When something goes wrong on the hardware or the application side, or we need some technical support in filling up use cases, it takes a long time.

We always struggle to get proper support from their technical support team. It seems that there is only one person who is handling the Middle East technical support, and when we don't get that person, we struggle a lot.

How was the initial setup?

The initial setup was straightforward. There were no complications in its deployment.

What about the implementation team?

Its deployment was done by an engineer in our company. 

We are a security team of five members. Whoever a ticket is assigned to handles the cases.

What's my experience with pricing, setup cost, and licensing?

The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it.

What other advice do I have?

We are quite happy with the product and its stability, but the problem is the lack of support, which is one of the major issues that we are facing. I really look forward to them providing proper technical support.

I would rate McAfee ESM a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Suraj Jagtap
Senior Security Engineer at a tech services company with 51-200 employees
Real User
Top 20
Feature rich solution recommended for every customer

Pros and Cons

  • "The features that I have found most valuable in QRadar are its data enrichment, use case creations, and adding references - those kinds of features are very good. Also QRadar's event filtration and device integration are perfect."
  • "In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features."

What is most valuable?

The features that I have found most valuable in QRadar are its data enrichment, use case creations, and adding references - those kinds of features are very good. Also, QRadar's event filtration and device integration are perfect. 

Actually, we are looking for another product because a customer is demanding different products and they're not going with QRadar, hence we are trying to compare QRadar with other solutions like Securonix, Splunk, Exabeam, LogRhythm. Otherwise, all our customers are happy with QRadar.

I'm doing integrations and deployments for QRadar. So, in regards to integration and deployment, QRadar is very easy as compared to other products.

What needs improvement?

In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature.  Additionally, QRadar has to provide the playbooks designing features.

For how long have I used the solution?

I have been working with IBM QRadar for the last four years.

What do I think about the stability of the solution?

QRadar is very stable in our deployment. I'm not aware of other customer deployments.

What do I think about the scalability of the solution?

IBM QRadar is scalable. We can scale it according to our requirements. We can scale it up, as per our requirement. We can increase the resources, we can increase the storage. We can do everything with QRadar.

How are customer service and technical support?

Their technical support is also good. During weekends they are only looking at the priority issues. That is difficult, because sometimes the critical log sources stop sending events to QRadar and in those cases we need support on an urgent basis, but they're not going to support it during weekend.

Which solution did I use previously and why did I switch?

We work with LogRhythm as well as QRadar, as well as NetIQ Sentinel, Azure Sentinel and others.

How was the initial setup?

The initial setup for QRadar is easy. It is easy to understand and easy to implement.

What's my experience with pricing, setup cost, and licensing?

As compared to LogRhythm, IBM QRadar's pricing is moderate.

What other advice do I have?

We recommend QRadar. It is a good product, a good solution.

Every customer should go with IBM QRadar.

On a scale of one to ten, I would give IBM QRadar a nine.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Flag as inappropriate
Get our free report covering Splunk, Exabeam, IBM, and other competitors of Securonix Security Analytics. Updated: October 2021.
552,305 professionals have used our research since 2012.