We performed a comparison between DFLabs IncMan SOAR and SECDO Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The machine learning and artificial intelligence on offer are great."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The main benefit is the ease of integration."
"The vendors themselves will actually help with any customizations a client may require"
"It basically automates the entire alert investigation process."
"Technical support is great. Palo Alto is extremely helpful and responsive."
"The ease of deployment is a valuable feature."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"There is room for improvement in entity behavior and the integration site."
"The on-prem log sources still require a lot of development."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"The only thing is sometimes you can have a false positive."
"We'd like also a better ticketing system, which is older."
"The support is not 24/7."
"Maybe the notifications setting could use a simpler setting."
"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."
"The price should be reduced in order to be more competitive in the market."
Earn 20 points
Earn 20 points
DFLabs IncMan SOAR is ranked 28th in Security Orchestration Automation and Response (SOAR) while SECDO Platform is ranked 10th in Security Incident Response. DFLabs IncMan SOAR is rated 0.0, while SECDO Platform is rated 9.0. The top reviewer of DFLabs IncMan SOAR writes "Protects an organization from the threat of a data breach or cyberattack". On the other hand, the top reviewer of SECDO Platform writes "Great documentation, good technical support, and very in-depth". DFLabs IncMan SOAR is most compared with Palo Alto Networks Cortex XSOAR and IBM Resilient, whereas SECDO Platform is most compared with Fortinet FortiSOAR.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.