Securonix recently announced the launch of the industry’s first Unified Defense SIEM. The platform provides organizations with 365 days of ’Hot’ data, Powered by Snowflake, for fast search and investigation, best-in-class threat content-as-a-service, proactive defense with continuous peer and partner collaboration, and unified Threat Detection, Investigation and Response (TDIR) experience, all in a single platform.
“One of the biggest challenges organizations face today is defending against the ever-expanding attack surface while dealing with the growing talent gap in cybersecurity,” said Nayaki Nayyar, Chief Executive Officer, Securonix. “Securonix has an unparalleled history of innovation in security analytics and operations, solving the most challenging problems for customers. From pioneering User Entity Behavior Analytics (UEBA) to being the first to market with Cloud-Native Next-Gen SIEM, Securonix has continuously led the evolution of the space. To address the new set of challenges ahead, Securonix is introducing Unified Defense SIEM Platform that delivers a flexible data lake with Snowflake, threat content-as-a-service and simplified TDIR experience from analyst to CISO. With the launch of Unified Defense SIEM, Securonix once again redefines the future of the SIEM market.”
“Fast and cost-effective analytics across a full year of security data should be table stakes for SIEM,” said Omer Singer, Head of Cybersecurity Strategy, Snowflake. “Scalability alone is not enough – security teams need research-backed content and proven functionality. By combining its Gartner Magic Quadrant-leading security analytics with the Snowflake Data Cloud into a packaged solution, Securonix addresses some of the most pressing challenges in cybersecurity.”
Key features and benefits of the Securonix Unified Defense SIEM include:
Built with the Snowflake Data Cloud. Many SIEMs cannot scale to handle the sheer volume of data generated by modern enterprises. Securonix Unified Defense SIEM accommodates massive data demands with an easily adaptable data storage model.
- 365 Days of ‘Hot’ Searchable Data: Provides easy access to critical details before, during, and after a breach. With 365 days of ‘Hot’ searchable data, customers get the visibility they need to thoroughly investigate potential threats.
- Single-Tier Storage Model: Built specifically for large-scale searches, Securonix’s platform streamlines data management and eliminates search performance and operational issues commonly found in traditional tiered-storage models.
Threat Content-as-a-Service. The threat landscape is constantly evolving and adapting, with new challenges appearing daily. By staying current with the latest detection content, customers can stay one step ahead of potential attacks and protect their environment and data.
- Content Library: Delivers up-to-date threat content as a service, curated by the Securonix Threat Labs team, to stay ahead of emerging threats. Customers gain broad threat coverage with Securonix Threat Labs team acting as an extension of the customer’s team to alleviate the pressure for resources and skills.
- Threat Content Analyzer: Enables customers to understand threat detection gaps, their level of SOC maturity, and how their cybersecurity coverage stacks up against industry frameworks such as MITRE ATT&CK, Insider Threat and PCI.
Proactive Defense. Effective defense against the world’s cyber threats requires a team effort, and community collaboration and knowledge sharing are essential components in the fight against threat actors.
- Autonomous Threat Sweeper: The industry’s first product to retroactively sweep for IOCs and TTPs. This allows customers to leverage shared intelligence and retroactively sweep their environment for signs of compromise.
- Intelligence Sharing: Aggregates and curates intelligence across Securonix’s customers and partners, allowing customers to join forces with peers and industry security experts.
- Securonix Investigate: Easily gathers context from customer’s internal systems and external sources automatically or on-demand. Improves intra- and intercompany collaboration by sharing insights and findings across the security team without leaving the investigation.
Unified Experience from Analyst to CISO. Security teams that use disconnected and poorly integrated security solutions may complicate and delay threat detection and response. Securonix is streamlining the analyst experience to deliver detection, investigation, and response in a single interface.
- Unified Data Storage: Leverages consistent data across all TDIR processes. This reduces the need to move, duplicate and correlate data so customers can focus on investigating and remediating threats.
- Built In SOAR: Simplified TDIR process for analysts with seamless workflows across SIEM and SOAR, leveraging the same user interface and robust data store.