We performed a comparison between DNIF HYPERCLOUD and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The analytic rule is the most valuable feature."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"It has a lot of great features."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"It has basic out-of-the-box integrations with multiple log sources."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The solution is quite stable and offers good performance. It also works on a virtual machine. We haven't found any issues with it so far. It's been reliable."
"The dashboard is helpful, and it creates visualizations to let staff review event data and identify patterns and anomalies."
"The beauty of the solution is that you can develop infrastructure for a data lake using open sources that are separate from the licenses."
"I like the MITRE table, a feature I saw for the first time in the same solution. There was one MITRE tactic table, which can be used to identify threats if you have all kinds of rules enabled or if you have rules for all the tactics in the MITRE table. There are 14 tables in MITRE, and those 14 tables consist of multiple columns, tactics, and techniques. It was one of the first SIEM tools I saw that had that particular MITRE table. On that basis, you can create new rules and identify existing ones. At any point, if an alert is triggered, it will try to match it to any of those MITRE tactics. I liked that creating a workbook on MITRE business was straightforward. I also like that you can search using SQL or DQL."
"Great for scaling productivity for log monitoring purposes."
"The response time on queries is super-fast."
"Has a great search capability."
"The User Behavior Analytics is a built-in threat-hunting feature. It detects and reports on any kind of malware or ransomware that enters the network."
"The solution is quite stable."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"The solution should allow for a streamlined CI/CD procedure."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"The only thing is sometimes you can have a false positive."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"There are currently some issues with machine learning plug-ins."
"The solution should be able to connect to endpoints, such as desktops and laptops... If this solution had a smart connector to these logs- Windows, Linux, or any other logs - without affecting the performance of the connector, that would be wonderful."
"I think DNIF HYPERCLOUD can implement the ability to export more than 100,000. At the moment, we can't go beyond that. So many times, if you're checking for the firewall logs and working on something related to authentication or network-related traffic, while that log count is low, the account goes beyond that. You can't restrict the logs or the amount of data you can export. It's very important for my situation. It would be better if they could increase the capacity of exports. Although there are many more types of searching in DNIF HYPERCLOUD, people still struggle to query out what they want because not everyone is good at SQL or DQL. The easiest way to query out in DNIF is using the GUI-based interface. But in the GUI interface, you can use operator calls. It gets tricky when you want to search for a specific type of event. You don't know where it will be passed and whether it will be consistent. In the initial phase, it's tough for us to use DNIF. You cannot pass every event in a stable DNIF. When we used that particular tool, we used to get those logs, but sometimes many things are not getting passed. So, we used to export the sheet or export the data into Excel and weigh the required details. In the next release, I would like them to improve the export of the columns and make the application more user-friendly. I would also like a threat-hunting feature in the next release."
"The solution's command line should be simpler so that routine commands can be used."
"The vendor is fairly new and it's not as big as some of the international competitors. It's not a mature product. If you ask them to move data, it might take a lot of time."
"Dependency on the DNIF support team was frustrating."
"The EBA could be improved."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"The solution should improve its UI."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"Sumo Logic Security is expensive, and its pricing could be improved."
DNIF HYPERCLOUD is ranked 22nd in Security Information and Event Management (SIEM) with 7 reviews while Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews. DNIF HYPERCLOUD is rated 7.6, while Sumo Logic Security is rated 8.6. The top reviewer of DNIF HYPERCLOUD writes "Development from open sources is very valuable but a huge infrastructure is required". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". DNIF HYPERCLOUD is most compared with IBM Security QRadar, Splunk Enterprise Security and Rapid7 InsightOps, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, Google Chronicle Suite and Grafana Loki. See our DNIF HYPERCLOUD vs. Sumo Logic Security report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.