We performed a comparison between Cyware Security Orchestration Layer and ThreatQ based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The UI of Sentinel is very good and easy to use, even for beginners."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The technical support team is helpful."
"The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious."
"Integrating the solution with our existing security tools and workflows was easy."
"The only thing is sometimes you can have a false positive."
"Sentinel's reporting is complex and can be more user-friendly."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"The prices must be reduced."
"The solution should be simpler for the end-user in terms of reporting and navigating the product."
"The tool is not user-friendly."
Cyware Security Orchestration Layer is ranked 21st in Security Orchestration Automation and Response (SOAR) with 1 review while ThreatQ is ranked 23rd in Security Orchestration Automation and Response (SOAR) with 2 reviews. Cyware Security Orchestration Layer is rated 9.0, while ThreatQ is rated 7.0. The top reviewer of Cyware Security Orchestration Layer writes "A stable solution with excellent features and a helpful technical support team". On the other hand, the top reviewer of ThreatQ writes "Improves the threat intelligence gathering process, but it is not user-friendly". Cyware Security Orchestration Layer is most compared with , whereas ThreatQ is most compared with ThreatConnect Threat Intelligence Platform (TIP), Anomali ThreatStream, Recorded Future and Palo Alto Networks Cortex XSOAR.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
