Additional Info

Websitehttp://www.securonix.com
Company size (employees)100 to 499
Headquarters RegionNorth America

Overview

Securonix is disrupting a well-established SIEM market with current sales estimated at over $2.7B. In doing so, Securonix has taken on established industry leaders as well as start-ups and out-performed their offerings with our combined SIEM, UEBA, and security intelligence solutions. Our market share is growing many times over compared to larger SIEM vendors selling legacy SIEM products, and very often we are asked to replace a legacy SIEM tool.

Securonix solves the problems of too much security data, too many tools with continuous, real-time security intelligence on internal users, systems and applications for true context-based monitoring and advanced detection of threats and risk.

– Ability to handle Three V’s of data – volume, variety, velocity
– Open and scalable data collection with a Hadoop big data architecture
– Connectors for modern data sources including cloud – AWS, O365, CASB’s
– Real-time enrichment with identity, threat intelligence, and business context
– Fast and scalable search on raw and enriched data with Hadoop SOLR
– Real-time Advanced Analytics
– Built-in UEBA with machine learning for advanced threat detection
– Packaged content for insider, cyber threat, fraud, cloud, and application analytics
– Incident Automation, including automated security orchestration and predefined IR run-books
– Built-in workflows for automated case management and approval workflows
– API framework for integration with EDRs, network devices, and 3rd party SOAR apps
– Industry first SaaS offering with Securonix Cloud; Co-managed SIEM service
– Deployment flexibility
– Priced by identity

How we are different

Securonix Next-Gen SIEM differentiates through proprietary signature-less detection algorithms that perform real-time analysis of incoming event logs at big data scale. It is purpose-built with advanced behavior analytics capabilities that mine, enrich and analyze data to detect actionable threats. In addition to architecture (above):


- Min-Max Clustering (Unsupervised learning): For machine data and user activity information
- Classification Algorithms (Supervised learning): Classification library and decision science to detect advanced threats such as DGA's, phishing/SPAM attacks, social threats including analysis via peer group profiling
- Event rarity: For activities not been seen before, Fuzzy correlation, Sequential Learning, Rule-based analysis (signatures)


While current technologies focus on limited data collection, retention and compliance reporting, Securonix focuses on analyzing high volume data for advanced threat including insider threats.