We just raised a $30M Series A: Read our story
2019-05-15T05:16:00Z

What needs improvement with Securonix Security Analytics?

11

Please share with the community what you think needs improvement with Securonix Security Analytics.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
Guest
1313 Answers

author avatar
Top 20Real User

The monitoring, analysis, and visualization of data that Securonix provides is good. However, there are some things that I would love Securonix to change. For example, they don't allow us to make changes on the graphical reports that they have integrated into the platform. We have to create our own. If we just want to take out one thing, our page should allow us to change that template just for our platform. I'm not talking about changing others' platforms; this is just for my platform. They should allow me to make changes according to my scalability. I would like a little bit more changes in the analytics and visual views that they already have out-of-the-box in the platform. They are working on this, but I have not heard from them for a while. I'm satisfied with the visualization that they have, but I would like to get some more out of it. For example, I am taking the report and manually making changes. I want all those changes already integrated and automated, so they are automatically done in the product. I would not say its threat hunting is easy or difficult to use. It is medium because it totally depends on the data that is coming to you. It does not depend on the platform. It depends on whether you can find the correct attribute that you need to look at, then you can go further on that. They are working on this. They are introducing more features, e.g., they have a couple of updates pending at this time. They are working on it to cut down the steps. If I am doing 28 steps right now just to onboard our data, then they are cutting those steps down. They are also putting more automation in the solution. While they are working on these improvements, it is just a matter of time. It ingests 85% of all our log sources already built into the product when investigating threats. If the data sources have the functionality, Securonix will create a custom parser for us on a request. If the functionality is not there in the product, then there is a difficulty, but we can still ingest it through the file base, etc. However, I am not a big fan of the file base because a user is creating a file per day for data that was generated the day before. Specifically for activity that has already taken place, we can prevent it, but we cannot stop the activity.

2021-10-12T17:10:00Z
author avatar
Top 20Real User

We would like to see better integration with other products.

2021-06-09T13:25:00Z
author avatar
Top 5LeaderboardMSP

We thought they were going to be a great product, however, they're actually not great at all as an MSP. The integration is very bad. The initial setup failed in both use cases. The technical support is terrible and completely unhelpful. The product itself needs a lot of work; it's very immature. The stability isn't great.

2021-04-16T10:28:32Z
author avatar
Top 20Real User

Some of the user experience when doing threat-hunting, such as being able to see multiple types of analytics from different log sources in one view, would be beneficial. Right now, there are some limitations around that. So some of the user experience when doing threat-hunting could be improved. That's the main point that I've seen that we're working with them on.

2020-03-18T08:00:00Z
author avatar
Top 20Real User

There is slight room for improvement in terms of the initial deployment. What I see is that Securonix is more focused on their product. They are expanding, in a big way, the number of customers. So there has to be a number of dedicated teams to jump on and speed up the deployment process. We would like to partner with different teams that can implement and deploy it faster, whose only job is just to go to the client's site and deploy. Just do it. That's one improvement, based on my experience, that would definitely help them go a long way. Because the way they are expanding they need to focus, because the first impression is the last impression. During the initial one to two months of deployment, that momentum and that support you provide a client is very important. That first two months after a client buys it, how the deployment goes, leaves a long-lasting impression on the client and the team.

2020-03-18T08:00:00Z
author avatar
Top 5MSP

As far as what can be improved, again it is the pricing. I'm not sure how they are proceeding with the identity-based pricing compared with DB pricing which most of the vendors are using today. Some of them are dealing with EPS based pricing.

2020-02-02T10:42:00Z
author avatar
Real User

There is room for improvement in the product's integration with ServiceNow and in the reporting features.

2019-08-20T05:12:00Z
author avatar
Real User

Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized and they've been working with us to help improve things.

2019-08-05T06:24:00Z
author avatar
Real User

The UX could be simpler. I know they're working on it. I would like to have one dashboard that has everything in it. We have compliance needs. We have investigation needs. And we have situations where an analyst needs to look at threats. These three things require a different view of how they look at the threats. What would be good is to have Securonix create three different views of their Security Command Center so that, depending on the persona of the person logging in, they'd get the relevant data they need and not see everything.

2019-06-27T08:13:00Z
author avatar
Real User

Other than issues with the training, there have been issues with the encryption. There have also been issues with some of the reporting, minor glitches that they have fixed as they've gone along. I think they have fixed the encryption piece and they have supposedly fixed training. I haven't seen the new training modules yet. The reporting and metrics will be improved in the next release, from what I understand.

2019-05-26T06:53:00Z
author avatar
Real User

A helpful feature would be an event export. A way to create more substantial summary reports would be nice.

2019-05-22T07:18:00Z
author avatar
Real User

One of the things they can improve on a little bit is the usability side, to make some things simpler. Maybe it's because of their customer base, but the tool does have a lot of knobs, you can turn a lot of things on and off and you can change things. Sometimes, it can become a little overwhelming. They should remove some confirmation options and make it simpler for the less mature customers and people who are still trying to grasp it.

2019-05-16T16:17:00Z
author avatar
Real User

It's tough in some cases for the solution to do it, but we have a lot of users who, because they're engineers and they're bringing down product data - where, at times, a top-level product could be 10,000 or 15,000 objects - it's difficult for us to determine what should be a concern and what shouldn't be a concern. We work with the Securonix folks to try to come up with better ways to identify that. That's a difficult problem to solve because it's very application-driven and very user-driven, based on what the user's role is.

2019-05-15T05:16:00Z
Learn what your peers think about Securonix Security Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,529 professionals have used our research since 2012.