We performed a comparison between ManageEngine Log360 and Seceon Open Threat Management Platform based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The product can integrate with any device."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
"The solution could be improved by including XDR, remediation and Sandbox."
"The reporting is great. Everything you need is in the report for you already."
"The product is very user-friendly."
"The deployment is quite simple and pretty straightforward."
"It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect."
"The reports that you can run are really nice."
"The most valuable feature is that this solution is more secure than others, and there are more applications and features as well."
"The algorithm used in Seceon OTM is clear and logical, categorizing events as needed. This helps us identify and respond to threats effectively."
"The main thing is the value proposition. It is one of the most sophisticated yet affordable solutions that I've come across. It is also one of the easiest-to-manage yet comprehensive solutions for a SOC analyst. Its customizations are really good, and it has a lot of integrations. It is multi-tenant and very fast to onboard. Its stability is 100%. We've never had an outage with it. It doesn't require extensive hardware resources. Its level of support is also very good. They have a very responsive technical team."
"The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features."
"I like that it's an AI-based platform. The most valuable feature is that it's a comprehensive solution. Most tools in the marketplace are comprised of miscellaneous items. They fail to provide real-time remediation features. However, with Seceon Open Threat Management Platform, anything you can think of in cybersecurity, like auto-remediation, real-time response, and even on-premise components, is available in a single platform. So, it's perfect for finance and healthcare who don't want to share their data with a third party like the cloud. You can have this on-premise as well. So, the expenditure will be lower as less human intervention is required."
"The most valuable feature of this solution is its artificial intelligence."
"The solution is stable."
"You can use different solutions in a single platform which is very easy and attractive for customers."
"Seceon Open Threat Management Platform notifies only genuine alerts. It offers plenty of options that are suitable for MSPs."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The solution could be more user-friendly; some query languages are required to operate it."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The AI capabilities must be improved."
"The solution needs to improve hub storage. It should integrate AI and ML capabilities."
"On the logging system, there's a local on-client side that is encrypted, and there's one that is not encrypted. It is only for diagnostical purposes. However, both being encrypted would be very valuable for some audits."
"The graphical interface could be made easier to use when you are connecting to different network equipment."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"It takes a little bit of time for Log360 to actually learn your environment."
"Their technical support should be improved."
"The integration with SharePoint and Teams should be improved."
"It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system."
"The product could be improved by including sandboxing capabilities in the next release."
"We are at the client’s end, offering services. They don’t know about security rules and benchmarks. We are working on the discovery and remediation but we don’t really have the intelligence that was available while working with other tools. Human working is also very essential for the solution. The automatic session is impossible to play since it needs to touch Redfin for further analysis. No one has breached our clients."
"The management console could use some enhancements."
"It would be ideal with the processing was more manageable. Not many customers are willing to have a dedicated server with two CPUs and one TB of memory. The cost of this is huge for a smaller organization."
"The product should improve the triggering rate."
"It is a standalone solution now. They need to make it into a cloud-based subscription model. It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft."
"The SOP they provided wasn't great. They offered training over Sherp Virtualization, and the Seceon leadership visited our location to explain everything in detail, but the documentation and training could be better. It isn't as effective as it could be. There's some room for improvement there."
"For future releases, integrating incident response tools and improving communication on incident reporting could be beneficial."
More Seceon Open Threat Management Platform Pricing and Cost Advice →
ManageEngine Log360 is ranked 24th in Security Information and Event Management (SIEM) with 15 reviews while Seceon Open Threat Management Platform is ranked 21st in Security Information and Event Management (SIEM) with 10 reviews. ManageEngine Log360 is rated 7.2, while Seceon Open Threat Management Platform is rated 8.4. The top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". On the other hand, the top reviewer of Seceon Open Threat Management Platform writes "Has the ability to categorize alerts and reporting dashboards are useful". ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security and Fortinet FortiSIEM, whereas Seceon Open Threat Management Platform is most compared with IBM Security QRadar, Securonix Next-Gen SIEM, Fortinet FortiSIEM, Splunk Enterprise Security and LogRhythm SIEM. See our ManageEngine Log360 vs. Seceon Open Threat Management Platform report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
