We performed a comparison between DFLabs IncMan SOAR and Galvanize IncidentBond based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Sentinel pricing is good"
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The vendors themselves will actually help with any customizations a client may require"
"The customization and the transparency of data while still maintaining a mostly user-friendly UI, are key features. It allows for me, as an engineer, to evolve the individual components and modules, and to create a much more meaningful picture than the individual pieces in isolation ever could."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"I would like to be able to monitor applications outside of the Azure Cloud."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"The solution could be more user-friendly; some query languages are required to operate it."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The support is not 24/7."
"Stable – Release – Experimental" system with their releases, and all the proper checks and balances, I’d be an incredibly happy individual. I can appreciate the cause and affect, wherein the customization of the tool drives rapid release schedules, and the paradox that creates with the idea of stable releases. I’d also like more transparency about known bugs and issues."
Earn 20 points
Earn 20 points
DFLabs IncMan SOAR is ranked 28th in Security Orchestration Automation and Response (SOAR) while Galvanize IncidentBond is ranked 11th in Security Incident Response. DFLabs IncMan SOAR is rated 0.0, while Galvanize IncidentBond is rated 9.0. The top reviewer of DFLabs IncMan SOAR writes "Protects an organization from the threat of a data breach or cyberattack". On the other hand, the top reviewer of Galvanize IncidentBond writes "Customization and transparency of data, while maintaining a mostly user-friendly UI". DFLabs IncMan SOAR is most compared with IBM Resilient and Palo Alto Networks Cortex XSOAR, whereas Galvanize IncidentBond is most compared with .
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.