1 Introduction
Securonix is a privately held security analytics solution vendor headquartered in Addison, Texas, USA. Founded in 2008 by a team of seasoned experts in information security, risk management, and identity compliance, the company brought their first product to the market in 2011 and has been growing steadily ever since. The company currently has over 350 employees across North America, EMEA and APJ and a large global partner network. With a strong focus on developing a healthy technology ecosystem, Securonix provides a substantial number of integrations with different security solutions and maintains strategic partnerships with large integrators and consulting companies.
As a response to the increasing sophistication of cyber-attacks and the growing lack of skilled experts to defend against them using traditional perimeter-oriented security tools, the cybersecurity market now offers a wide range of next-generation Security Analytics solutions that focus on real-time analysis and correlation of security events across the corporate network, detecting outliers and other anomalies and thus identifying possible malicious activities. These products eliminate false positives and provide security analysts with a small number of actionable alerts enriched with additional context information for forensic analysis and clearly assigned risk scores. Combined with a high degree of workflow automation and significantly improved reporting capabilities, they can significantly reduce the time needed for the analysis and the mitigation of cyber-threats.
In early 2017, Securonix has also introduced their next-generation SNYPR Security Analytics Platform, a Big Data security analytics solution with a backend based on Apache Hadoop and Kafka platforms. The new product removed the long-term storage limitations of their previous generation platform and provides customers with an end-to-end solution for log management, security information and event management (SIEM) and user and entity behavior analytics (UEBA) in a single platform. We have reviewed the new platform back in April 2017 and were generally impressed with its broad feature set, citing only the increased upfront hardware requirements as a notable challenge along with the company’s still relatively small presence outside the US.
Since then, Securonix has addressed both these concerns. Since our last review, the company’s global market presence has increased significantly, with a new technical partnership program and a massive expansion of their MSSP network around the world. Consequently, over a third of the company’s new customers last year came from non-US markets. More important, however, was the company’s expansion into the SaaS market with the launch of their first cloud-based security solution back in July 2017.
In August 2018, the company has introduced Securonix Version 6.2, which expands the functionality of the cloud-based offering to a full-featured SIEM solution and introduces several major improvements to the underlying platform itself, such as the addition of automated incident response recommendations based on machine learning, centralized monitoring of all system components and processes that simplifies operations and maintenance, as well as various privacy-enhancing features to align with GDPR and other compliance regulations.
All these improvements warrant an updated review of the Securonix Security Analytics Platform in both if its on-premises and cloud-based incarnations.