I work in a major bank SecOps. Here we use RSA Security Analytics for aggregating packets and logs from all over the network, fire alerts and do our analysis.
I would like to know if someone here has used both RSA Security Analytics and Security Onion, and what they think about how they compare against one another. The last time (which was about 2 years ago) RSA Sales people came to our site and showed the capabilities of their product, it seemed to exceed the capabilities of Security Onion, but I am still a junior guy in SecOps and I still have a lot to catch up and learn, so I don't have the sufficient knowledge and expertise to determine how they compare against one another and what the pros and cons of each product are.
I would like to know if someone here has used both RSA Security Analytics and Security Onion, and what they think about how they compare against one another. The last time (which was about 2 years ago) RSA Sales people came to our site and showed the capabilities of their product, it seemed to exceed the capabilities of Security Onion, but I am still a junior guy in SecOps and I still have a lot to catch up and learn, so I don't have the sufficient knowledge and expertise to determine how they compare against one another and what the pros and cons of each product are.