We performed a comparison between IBM Watson for Cyber Security and ManageEngine Log360 based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The connectivity and analytics are great."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"We have no complaints about the features or functionality."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The most valuable feature of this product is innovation, where the research and upgrading of technology never ends."
"IBM Watson for Cyber Security is very stable."
"The most valuable features of IBM Watson for Cyber Security are ease of use and out-of-the-box reports and compliance policies. Additionally, if there are aspects that are missing IBM add them in the next release."
"The customer support is very good."
"The reports that you can run are really nice."
"The deployment is quite simple and pretty straightforward."
"The most valuable feature is that this solution is more secure than others, and there are more applications and features as well."
"You can have all of the logs from servers to network and it gets sent out to the correct owners. This is very helpful."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
"The product is very user-friendly."
"It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy."
"The solution could be improved by including XDR, remediation and Sandbox."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"The only thing is sometimes you can have a false positive."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"We'd like to see more connectors."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"This is an expensive product, so making it more cost-effective would be an improvement."
"The dashboard could improve in IBM Watson for Cyber Security."
"In the future, I would like to see threat intelligence included."
"They need to continue to build the AI capabilities."
"The solution needs to improve hub storage. It should integrate AI and ML capabilities."
"The matter of the data retention needs to be addressed."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"Their technical support should be improved."
"It takes a little bit of time for Log360 to actually learn your environment."
"The integration with SharePoint and Teams should be improved."
"The solution lacks some features when compared to other products."
"It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system."
More IBM Watson for Cyber Security Pricing and Cost Advice →
IBM Watson for Cyber Security is ranked 45th in Security Information and Event Management (SIEM) with 4 reviews while ManageEngine Log360 is ranked 19th in Security Information and Event Management (SIEM) with 15 reviews. IBM Watson for Cyber Security is rated 8.0, while ManageEngine Log360 is rated 7.2. The top reviewer of IBM Watson for Cyber Security writes "An innovative and stable product that is well maintained and always up-to-date". On the other hand, the top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". IBM Watson for Cyber Security is most compared with IBM Security QRadar, Splunk Enterprise Security and i-SIEM, whereas ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security, Fortinet FortiSIEM and LogRhythm SIEM.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
