We performed a comparison between DNIF HYPERCLOUD and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product can integrate with any device."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The dashboard is helpful, and it creates visualizations to let staff review event data and identify patterns and anomalies."
"The response time on queries is super-fast."
"The beauty of the solution is that you can develop infrastructure for a data lake using open sources that are separate from the licenses."
"Has a great search capability."
"Great for scaling productivity for log monitoring purposes."
"The solution is quite stable and offers good performance. It also works on a virtual machine. We haven't found any issues with it so far. It's been reliable."
"I like the MITRE table, a feature I saw for the first time in the same solution. There was one MITRE tactic table, which can be used to identify threats if you have all kinds of rules enabled or if you have rules for all the tactics in the MITRE table. There are 14 tables in MITRE, and those 14 tables consist of multiple columns, tactics, and techniques. It was one of the first SIEM tools I saw that had that particular MITRE table. On that basis, you can create new rules and identify existing ones. At any point, if an alert is triggered, it will try to match it to any of those MITRE tactics. I liked that creating a workbook on MITRE business was straightforward. I also like that you can search using SQL or DQL."
"The User Behavior Analytics is a built-in threat-hunting feature. It detects and reports on any kind of malware or ransomware that enters the network."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"Technical support is always great."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"The solution is quite stable."
"It helps a lot because we can troubleshoot issues pretty easily."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"We are able to diagnose problems before our customers."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"We are invoiced according to the amount of data generated within each log."
"There is room for improvement in entity behavior and the integration site."
"I think the number one area of improvement for Sentinel would be the cost."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The vendor is fairly new and it's not as big as some of the international competitors. It's not a mature product. If you ask them to move data, it might take a lot of time."
"The solution should be able to connect to endpoints, such as desktops and laptops... If this solution had a smart connector to these logs- Windows, Linux, or any other logs - without affecting the performance of the connector, that would be wonderful."
"Dependency on the DNIF support team was frustrating."
"There are currently some issues with machine learning plug-ins."
"I think DNIF HYPERCLOUD can implement the ability to export more than 100,000. At the moment, we can't go beyond that. So many times, if you're checking for the firewall logs and working on something related to authentication or network-related traffic, while that log count is low, the account goes beyond that. You can't restrict the logs or the amount of data you can export. It's very important for my situation. It would be better if they could increase the capacity of exports. Although there are many more types of searching in DNIF HYPERCLOUD, people still struggle to query out what they want because not everyone is good at SQL or DQL. The easiest way to query out in DNIF is using the GUI-based interface. But in the GUI interface, you can use operator calls. It gets tricky when you want to search for a specific type of event. You don't know where it will be passed and whether it will be consistent. In the initial phase, it's tough for us to use DNIF. You cannot pass every event in a stable DNIF. When we used that particular tool, we used to get those logs, but sometimes many things are not getting passed. So, we used to export the sheet or export the data into Excel and weigh the required details. In the next release, I would like them to improve the export of the columns and make the application more user-friendly. I would also like a threat-hunting feature in the next release."
"The solution's command line should be simpler so that routine commands can be used."
"The EBA could be improved."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"The initial setup is the most stressful, like learning how to use it."
"There are some API gaps that are missing."
"Sumo Logic needs to make sure integrating solutions are seamless."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"Sumo Logic Security is expensive, and its pricing could be improved."
DNIF HYPERCLOUD is ranked 22nd in Security Information and Event Management (SIEM) with 7 reviews while Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews. DNIF HYPERCLOUD is rated 7.6, while Sumo Logic Security is rated 8.6. The top reviewer of DNIF HYPERCLOUD writes "Development from open sources is very valuable but a huge infrastructure is required". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". DNIF HYPERCLOUD is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh and Rapid7 InsightOps, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and Grafana Loki. See our DNIF HYPERCLOUD vs. Sumo Logic Security report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.