Sold by: Securonix, inc
Deployed on AWS
Securonix is leading the transformation of cybersecurity with the Unified Defense SIEM powered by agentic AI and built natively on AWS and Snowflake. By leveraging Amazon Bedrock for advanced AI agents and a split-data architecture, Securonix delivers elastic, privacy-preserving analytics that keep telemetry where customers want it while cutting storage costs and accelerating detection. Our platform collects and correlates logs across AWS services and applies behavioral analytics and AI-driven threat models and automates response with built-in SOAR to provide end-to-end visibility for containerized workloads and hybrid environments. Recognized as a 6x Leader in the Gartner® Magic Quadrant™ for SIEM and a 2x Customers Choice by Gartner Peer Insights™, Securonix empowers organizations to move from reactive security to proactive, autonomous operations.
4.1
Overview
Securonix Unified Defense SIEM is an industry leader in agentic AI-powered SIEM built on AWS and Snowflake. It unifies detection, investigation, and response (TDIR) across AWS, hybrid, and on-prem environments without data duplication or migration. With a cloud-native architecture, continuous threat content, and outcome-based analytics, Securonix delivers faster detection, lower costs, and measurable ROI. Security teams gain 360 degree visibility, maintain full control of their AWS data, and achieve compliance with built-in reporting from a single, scalable platform.
Securonix Unified Defense SIEM delivers modern, AI-reinforced threat detection, investigation, and response designed for the scale and speed of the modern enterprise SOC. Built natively on AWS and the Snowflake Data Cloud, the platform handles massive data volumes with single tier, real time analytics that eliminate rehydration delays and deliver 365 days of always hot searchable data. Powered by Amazon Bedrock, Securonix introduces agentic AI to accelerate triage, enrichment, and response, reducing noise by up to 60% and cutting investigation time by 3x. A split architecture design keeps telemetry in your AWS environment, preserving privacy and reducing storage costs by up to 50%. Through 15+ native AWS service integrations including Security Hub, CloudTrail, CloudWatch, GuardDuty, and S3, Securonix enables unified visibility and faster response without data movement. Curated threat content from Securonix Threat Labs, continuous updates, and out of the box detections for AWS environments allow security teams to stay ahead of evolving threats with less manual effort. The platform unifies SIEM, SOAR, UEBA, and TIP capabilities in one cloud native solution to eliminate tool sprawl, lower total cost of ownership, and simplify operations.
As a pioneer in SIEM, Securonix has defined the standard for AI driven security operations, consistently recognized as a 6x Leader in the Gartner® Magic Quadrant™ for SIEM and trusted by global enterprises, MSSPs, and government agencies. The Securonix mission is to help organizations move from reactive defense to proactive, autonomous operations through AI innovation, scalable architecture, and measurable business outcomes.
Key benefits include:
Faster detection and response: Agentic AI and automated workflows accelerate MTTR and improve accuracy.
Full data control: Keep your telemetry securely in AWS for privacy, compliance, and cost efficiency.
360 degree visibility: Unified analytics across AWS, hybrid, and on-prem environments.
Proven ROI: 177% ROI and 30 to 50% cost reduction, validated through independent TEI analysis.
Compliance and assurance: Built in executive reporting aligned to SEC, GDPR, DORA, and HIPAA.
Securonix Unified Defense SIEM helps organizations stay breach ready and board ready every day by delivering elastic scale, data sovereignty, and intelligent automation on AWS.
Highlights
- Unified Defense Architecture: SIEM, UEBA, SOAR, and TIP in one cloud-native platform built on AWS and Snowflake eliminates tool sprawl, reduces costs, and accelerates response.
- Agentic AI for Modern SOCs: Powered by Amazon Bedrock, modular AI agents automate triage, enrichment, and response, cutting investigation times by 3x and reducing alert noise by up to 60%.
- Cloud-Native Scale with 360 Degree Visibility: Open-by-design architecture integrates 15+ AWS Services and 750+ data sources while keeping telemetry in your environment for privacy-first analytics and up to 50% lower SIEM storage costs.
Details
Sold by
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
SNYPR-NxGEN SIEM 1K_ID | 1000 ID Nx-Gen SIEM 1 year of 7Hot, 60Warm, 365Cold storage days | $91,378.00 |
SNYPR-Basic SIEM_1K_ID | 1000 ID Basic SIEM 1 year of 60Warm, 365Cold storage days | $67,331.00 |
SNYPR -UEBA_1K_ID | 1000 ID UEBA + Insider,Cyber,CloudPackages 30 days of report | $48,094.00 |
UDS_Advanced_Bundle_P2 | United Defense SIEM with embedded datalake - 90 Days Hot 365 Days Cold - SW-R-FF-BNDL-UDSP2 | $100,000.00 |
MSSP_Bundle_P2 | United Defense SIEM with embedded datalake - 90 Days Hot 365 days Cold - includes SOAR & ATS - SW-R-FF-BNDL-BNDL-MSSPP2 | $150,000.00 |
Vendor refund policy
No refunds
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Securonix offers a range of Support Services and Professional Services to meet the needs of large enterprise customers. For more information please visit:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Securonix, inc
By SentinelOne
By SIEMonster Inc
Top
50
In Security Observability
Top
10
In Generative AI, Security Observability
Top
10
In Log Analysis, Analytics
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Agentic AI-Powered Threat Detection
Platform powered by Amazon Bedrock with modular AI agents that automate triage, enrichment, and response workflows, reducing investigation time by 3x and alert noise by up to 60%.
Native AWS Integration
Integrates with 15+ native AWS services including Security Hub, CloudTrail, CloudWatch, GuardDuty, and S3 for unified visibility across AWS environments without data movement.
Split-Data Architecture
Split architecture design keeps telemetry in customer AWS environment, preserving privacy and reducing SIEM storage costs by up to 50% while maintaining real-time analytics.
Unified Platform Capabilities
Consolidates SIEM, SOAR, UEBA, and TIP capabilities in single cloud-native solution built on AWS and Snowflake with support for 750+ data sources.
Always-Hot Searchable Data
Single-tier, real-time analytics architecture with 365 days of always-hot searchable data that eliminates rehydration delays and handles massive data volumes at enterprise scale.
AI-Powered Threat Detection and Response
Real-time threat detection and automated response capabilities augmented by advanced AI and automation across endpoints, cloud workloads, and identity infrastructure.
Cloud Workload Protection
Runtime threat protection for Amazon EC2 instances, EKS clusters, and AWS Fargate with autonomous blocking of malware, ransomware, and fileless attacks.
Extended Detection and Response
Correlated view of full attack stories across endpoints, identities, and cloud workloads using patented Storyline technology to automatically correlate and contextually group related events.
Identity Threat Detection and Response
Continuous monitoring and protection against credential theft, privilege escalation, and lateral movement attacks across Active Directory and cloud identity providers including Entra ID, Okta, Ping, SecureAuth, and Duo.
Generative AI Security Analysis
Generative AI security analyst that automates threat hunting, provides incident summaries, and accelerates investigations through machine-speed analysis.
Multi-Region Deployment Architecture
Auto-deployed SIEM solution with multi-region, multi-zone architecture providing built-in redundancy
Endpoint Detection and Response
XDR endpoint protection integrated with threat detection capabilities and SOC playbooks
Security Orchestration and Automation
SOAR functionality for automated incident response and threat management
Event Processing Scalability
Unlimited event-per-second (EPS) ingestion capacity with infinitely scalable architecture
Multi-Tenant Architecture
Multi-tenant infrastructure supporting role-based access control for managed service providers and white-label deployment
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
-
-
-
-
-
No security profile
Standard contract
No
No
Customer reviews
Saikumar M.
Correlated Alerts Made Easy, with Fewer False Positives
Reviewed on Feb 17, 2026
Review provided by G2
What do you like best about the product?
You don't need to correlate the alerts , it's already correlated and easy to analyse the alerts, and it reduces the false positives and easy to raise the alerts
What do you dislike about the product?
You cannot analyze much using the securonix , and integration part is not easy and also if you face any error u cannot troubleshoot it
What problems is the product solving and how is that benefiting you?
It reduces the false positives, and saves time for the analyst , it's fully automated to raise the alerts
Pritam M.
Modern SIEM Tool with good features and Support
Reviewed on Apr 06, 2024
Review provided by G2
What do you like best about the product?
Overall Securonix has some great built in features which provides an edge from the day 1 of operation.
- Built in UseCases funtionality wise.
- Threat Models to detect complex behaviour based attacks.
- Wide Range of Out of the Box Parsers
- Built in UseCases funtionality wise.
- Threat Models to detect complex behaviour based attacks.
- Wide Range of Out of the Box Parsers
What do you dislike about the product?
The Log collector gives trouble from time to time but it has improved a lot in the last few builts and it's stable now.
What problems is the product solving and how is that benefiting you?
It gives a very wide range of options to take the security operations.
- Out of the box policies really helps us to kick start the journey.
- Easy to integrate the datsources
- Good support wherever we were stuck
- Out of the box policies really helps us to kick start the journey.
- Easy to integrate the datsources
- Good support wherever we were stuck
Shital U.
Securonix - A userfriendly tool
Reviewed on Mar 28, 2024
Review provided by G2
What do you like best about the product?
It is a good and userfriendly tool . easy to use and user can easily understand the dashboard.
What do you dislike about the product?
It is difficult to write a query for searching the alerts.
What problems is the product solving and how is that benefiting you?
Securonix tool is providing security to all the servers in our enviorment and it monitors and analyze the traffic as well as logs and notify us for the security.
Kannapiran G.
An Excellent Security Events analysis Tool
Reviewed on Aug 07, 2023
Review provided by G2
What do you like best about the product?
Easy of implementation. scalability. Integration ,and various OOB connectors and one click deployment of security policies.
What do you dislike about the product?
Securonix support and responce time. Engineering support and RIN perfomances.
What problems is the product solving and how is that benefiting you?
Security Command Center is one stop information center for all threats , contents and policy violations. violation entity based policy violation accumalation and easy of analysis.
Information Technology and Services
High customizable platform, however documentation and support teams are severly lacking
Reviewed on Jan 16, 2023
Review provided by G2
What do you like best about the product?
The platform is highly customizable. Custom dashboards for SLAs and ticket handling are good.
What do you dislike about the product?
Despite being highly customizable, they lack the support to guide teams through this. Ticket response time is horrendous and most of the time the support member is unhelpful, does not understand the request, or takes a long time to action on the tickets.
What problems is the product solving and how is that benefiting you?
We needed a solution to track SLA and ticket handling metrics, and consolidation of tickets.