We performed a comparison between DFLabs IncMan SOAR and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Sentinel pricing is good"
"It has basic out-of-the-box integrations with multiple log sources."
"The vendors themselves will actually help with any customizations a client may require"
"For organizations that are stable with their security operations, like those with around 50 members in their security team running full-phased operations 24/7, Cortex is necessary."
"It’s easy to install."
"The product can automate security tasks."
"I am satisfied with the product overall."
"I chose Cortex XSOAR because the client also has Palo Alto firewalls. I can incorporate the data from the Palo Alto firewalls into Cortex and send it into the same data lake to manipulate that data. It lets me manage and monitor the data in one place."
"The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
"Its agility and scalability are valuable."
"It is a scalable solution."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Sentinel's reporting is complex and can be more user-friendly."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"The support is not 24/7."
"Palo Alto Networks Cortex XSOAR lacks to offer SIEM functionalities currently."
"The platform’s setup procedures could be streamlined compared to one of its competitors."
"The integration could be better. Cortex, for example, does not work with iPhone."
"The dashboard performance could be improved."
"It's only one cloud right now. It might be helpful for some companies to have an on-premies option."
"I would love to see more flexibility on what we can display and design on the dashboards."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"With Palo Alto Networks Cortex XSOAR, managing its setup phase can be a complicated task."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
Earn 20 points
DFLabs IncMan SOAR is ranked 28th in Security Orchestration Automation and Response (SOAR) while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 40 reviews. DFLabs IncMan SOAR is rated 0.0, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of DFLabs IncMan SOAR writes "Protects an organization from the threat of a data breach or cyberattack". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". DFLabs IncMan SOAR is most compared with IBM Resilient, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and IBM Resilient.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.