George SuccarStrategic Account Specialist at FITS Consulting
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The vendors themselves will actually help with any customizations a client may require"
"The advanced analytics has a really great overview of user behavior."
"Timeline based analysis; good platform support"
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"It's a very user-friendly product and it's a very comprehensive technology."
"The support is not 24/7."
"I believe if it were more flexible it would be a better product."
"The organzation is rigid and not flexible in the way they operate"
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"We still have questions surrounding hardware deployment."
"They have a great model for pricing that can be based either on user count or gigabits per day."
DFLabs' Security Orchestration, Automation and Response (SOAR) platform, IncMan SOAR, is designed for SOCs, CSIRTs and MSSPs to automate, orchestrate and measure security operations and incident response processes and tasks, all from within one single, intuitive platform. By integrating security tools, fusing intelligence, sharing knowledge and implementing seamless workflows, IncMan SOAR enables every security incident to be detected, responded to, and remediated in the fastest possible time frame.
DFLabs IncMan SOAR is the only Security Orchestration, Automation and Response (SOAR) platform capable of full incident lifecycle automation, that includes built-in, automated threat intelligence gathering, risk assessment, triage and notification, context enrichment, hunting and investigating, threat containment and more. This feature rich, unique and scalable SOAR platform provides context to security incidents, automates actions, orchestrates response to activities, while enabling full reporting and measurement functionality across all stakeholders.
DFLabs covers the entire spectrum of security orchestration, automation and response components as outlined by Gartner, with a unique combination of features and capabilities, driven through continuous improvement and innovation. IncMan SOAR is the only platform to offer full incident response lifecycle management with machine learning and threat hunting. Acting as a force multiplier, it enables security teams to do more with less, empowering security analysts, while ensuring organizations stay one step ahead of any potential threat.
Automate. Orchestrate. Measure.
IncMan SOAR provides three critical functions as an enabler to your security program. Automation and orchestration which in turn enables response, as well as measurement.
Augment analysts by automating common, repetitive and menial tasks driven by machine learning for faster response to all alerts.
Establish repeatable, enforceable, measurable and effective incident response workflows, orchestrating your security tool set into one seamless response process.
Measure, benchmark and optimize security operations and incident response activities and performance from one intuitive and collaborative platform.
Seamlessly Integrate and Orchestrate Your Tools Together as One.
Improve efficiencies by enabling your security analysts to access and manage all tools, technologies and processes from one intuitive platform. IncMan SOAR supports hundreds of 3rd party security technologies via QIC, API, CEF, Syslog and Email, with a constantly growing list of certified bidirectional integrations and Open Integration Framework for custom integrations.
Dramatically reduce the mean time to detection, response and remediation of all potential security incidents, ensuring no alert goes untouched.
See IncMan SOAR in Action.
Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
DFLabs IncMan SOAR is ranked 15th in Security Orchestration Automation and Response (SOAR) with 1 review while Exabeam Fusion SIEM is ranked 4th in Security Orchestration Automation and Response (SOAR) with 6 reviews. DFLabs IncMan SOAR is rated 0.0, while Exabeam Fusion SIEM is rated 7.8. The top reviewer of DFLabs IncMan SOAR writes "Protects an organization from the threat of a data breach or cyberattack". On the other hand, the top reviewer of Exabeam Fusion SIEM writes "Good at security logging in our infrastructure but be prepared for problems if you start with a large implementation ". DFLabs IncMan SOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk Phantom, Siemplify, Fortinet FortiSOAR and ThreatConnect, whereas Exabeam Fusion SIEM is most compared with Splunk, Securonix Security Analytics, IBM QRadar, Splunk User Behavior Analytics and LogRhythm NextGen SIEM.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.