We performed a comparison between Exabeam Fusion SIEM and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"Free ingestion for Azure logs (with E5 licence)"
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The initial setup is very simple and straightforward."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"The solution's initial setup process is easy."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"Timeline based analysis; good platform support"
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"It's a very user-friendly product and it's a very comprehensive technology."
"The setup is not difficult. It was easy."
"The strengths of Palo Alto Networks Cortex XSOAR stem from the fact that it provides functionalities related to patching and URL blocking...It is a scalable solution."
"Palo Alto is easy to use."
"The product is quite easy to use."
"It is a scalable solution."
"It has an extensive list of integrations that are available out of the box which makes it easy to start."
"The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
"I have no complaints about Cortex's stability."
"We use the solution to automate our SIEM tools and incidents."
"We'd like also a better ticketing system, which is older."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The only thing is sometimes you can have a false positive."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"The only problem is that the UI is not very impressive."
"The organzation is rigid and not flexible in the way they operate"
"We still have questions surrounding hardware deployment."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"I believe if it were more flexible it would be a better product."
"It is been decommissioned by Palo Alto."
"Its dashboard features need improvement."
"I think they should increase their collaboration base."
"It doesn't offer automatic internet reports out of the box."
"The integration could be better. Cortex, for example, does not work with iPhone."
"The tool’s multi-tenancy feature must be improved."
"The formats are not compatible, are readily not available, and are not readable."
"I would love to see more flexibility on what we can display and design on the dashboards."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
Exabeam Fusion SIEM is ranked 12th in Security Orchestration Automation and Response (SOAR) with 10 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews. Exabeam Fusion SIEM is rated 8.0, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". Exabeam Fusion SIEM is most compared with IBM Security QRadar, Splunk User Behavior Analytics, Splunk Enterprise Security, Cortex XSIAM and Gurucul UEBA, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and IBM Security QRadar. See our Exabeam Fusion SIEM vs. Palo Alto Networks Cortex XSOAR report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.