We performed a comparison between ClearSkies SaaS NG SIEM and Snare based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The analytic rule is the most valuable feature."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The UI-based analytics are excellent."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The correlation rules and the user platform are most valuable."
"The best thing about Snare is its format and consistency."
"Snare has good agents, especially for Windows."
"The most valuable feature of Snare is flexibility or the ability to filter all things you don't want and don't have security value."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"We'd like to see more connectors."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"The reporting could be more structured."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"They can add behavior analytics and AI or machine learning technology. They also improve their correlation engine. In addition to collecting logs from devices, they can collect the traffic and then correlate these logs and the traffic information."
"The solution is now developing a SIEM-like feature on Snare Central Server, but it's not complete yet."
"Snare should modernize its GUI a little bit."
"Users will initially find it difficult to identify the event types and installation in Snare."
Earn 20 points
ClearSkies SaaS NG SIEM is ranked 56th in Security Information and Event Management (SIEM) while Snare is ranked 37th in Security Information and Event Management (SIEM) with 3 reviews. ClearSkies SaaS NG SIEM is rated 8.0, while Snare is rated 8.0. The top reviewer of ClearSkies SaaS NG SIEM writes "Good correlation rules, competitive pricing, and good stability". On the other hand, the top reviewer of Snare writes "A highly scalable solution that is easy to manage and super easy to set up". ClearSkies SaaS NG SIEM is most compared with , whereas Snare is most compared with Splunk Enterprise Security, syslog-ng, SolarWinds Kiwi Syslog Server, LogRhythm SIEM and ArcSight Enterprise Security Manager (ESM).
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.