SIEM Vendor Securonix Debuts Standalone Insider Threat Tool, Revamped Partner Program

The standalone version of Securonix’s trailblazing UEBA (user and entity behavior analytics) tool will be a major boost to partner sales opportunities, according to Channel Chief Mark Stevens.

Next-generation SIEM unicorn Securonix unveiled a refreshed partner program Tuesday while also debuting a standalone version of its pioneering tool for thwarting insider threats.

The revamped channel program and new availability of a standalone UEBA (user and entity behavior analytics) offering will set up partners to accelerate their growth with Securonix as the massive shake-up in the SIEM market continues, according to Securonix Channel Chief Mark Stevens (pictured).

[Related: Here’s What 20 Top Cybersecurity CEOs And CTOs Were Saying At RSA Conference 2024]

The launch of standalone UEBA means that Securonix and its partners are no longer just targeting customers who are ready to make the switch to an entirely new SIEM (security information and event management) system, Stevens told CRN.

The vendor’s UEBA tool can now “sit inside any type of security stack, whether it's Splunk-based or Google or Microsoft,” he said. “The ability to do that, I think, is going to give us a real leg-up. We feel very comfortable that we are best-in-class in insider threat.”

Founded in 2008, Securonix has bundled SIEM and UEBA together in the past, and that option is still available to partners and customers, Stevens noted.

However, the company now has “the ability to say to a partner, 'You can go and work with any type of customer that may be running any SIEM. And we can play well with that, and we can sit on top of whatever SIEM that is,’” he said.

Securonix’s UEBA technology has long provided strong differentiation from other SIEM vendors around stopping insider threats, said Khiro Mishra, founder and CEO of Cybalt, an MSSP and Securonix partner based in Plano, Texas.

“Many of our customers love the concept of UEBA,” Mishra said, noting that he expects the “decoupled” insider-threat protection offering will resonate with organizations that are not ready to make the full switch to a new SIEM platform.

“Now they have the flexibility of taking that and attaching it to their SIEM platform,” he told CRN.

Replacing an existing SIEM for a client is typically a “long journey,” Mishra said. “But it might be easier for us to say, ‘OK, you already have a SIEM and you don't want to change. Let's start with the UEBA [tool], and it's not as huge of an investment as replacing a full SIEM stack. And if you start seeing value, down the line we can see if you want to update your SIEM to Securonix.’”

In other words, he said, “it becomes an upsell opportunity for us, an upsell opportunity for Securonix and an integrated platform for the clients.”

New Channel Program

Meanwhile, Securonix also took its next step Tuesday in shifting away from its historical focus on direct sales and toward driving more of its business through partners, with the debut of the new Securonix Elevate channel program.

The four-tier program will include a new partner portal as well as sales enablement, training, discounting, MDF and new “partner-friendly” pricing and packaging for its offerings, said Stevens, who joined Securonix last fall as senior vice president of channels and alliances.

The biggest change on pricing and packaging is that Securonix has now moved to a standardized consumption model, with pricing based on gigabytes per day, he said. That’s in contrast to the prior pricing system based on average events per second (EPS).

The launches come after Securonix was named to the “leaders” quadrant on Gartner’s latest Magic Quadrant for SIEM, released in May, which was the fifth consecutive “leaders” quadrant ranking for the company.

The announcements also follow the company’s recent debut of a suite of AI-powered capabilities, Securonix EON, using Large Language Models from Amazon Bedrock and Anthropic Claude 3 to extend the company’s Unified Defense SIEM. EON provides new “psycholinguistics” capabilities to assist with hunting for insider threats and adaptive threat modeling, which utilizes machine learning to uncover previously unknown attack chains in “near real-time,” the company has said.

Partner Growth

Securonix has been fueling its expansion in next-gen SIEM in part with the help of $1 billion in funding raised in early 2022.

The company currently has about 130 solution and service providers in its partner base and is aiming to expand that number to reach around 200 within 18 months, Stevens said.

In terms of its business deriving from the channel, Securonix is looking to grow from its current 60 percent of revenue through partners to upwards of 75 to 80 percent, he said.

Looking ahead, “we think that the combination of [Securonix’s] product and now the new pricing and packaging is really going to give partners the ability to deliver our solution and really offer something very unique to the market,” Stevens said.