We performed a comparison between DFLabs IncMan SOAR and Swimlane based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The features that stand out are the detection engine and its integration with multiple data sources."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The vendors themselves will actually help with any customizations a client may require"
"The technical support from Swimlane is very good."
"The most valuable feature of the solution is the support."
"It provides us with a single portal for our logs from different solutions."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"The product can be improved by reducing the cost to use AI machine learning."
"The support is not 24/7."
"The stability of the solution has room for improvement."
"The initial setup and deployment are complex."
"We faced a lot of issues with the product’s stability."
Earn 20 points
DFLabs IncMan SOAR is ranked 28th in Security Orchestration Automation and Response (SOAR) while Swimlane is ranked 17th in Security Orchestration Automation and Response (SOAR) with 3 reviews. DFLabs IncMan SOAR is rated 0.0, while Swimlane is rated 7.6. The top reviewer of DFLabs IncMan SOAR writes "Protects an organization from the threat of a data breach or cyberattack". On the other hand, the top reviewer of Swimlane writes "Great support, scalable, and easier to code". DFLabs IncMan SOAR is most compared with IBM Resilient and Palo Alto Networks Cortex XSOAR, whereas Swimlane is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Tines, Fortinet FortiSOAR and Siemplify.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.