We performed a comparison between Logsign Next-Gen SIEM and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"Sentinel pricing is good"
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"It's pretty powerful and its performance is pretty good."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats."
"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"The most valuable features are the packet decoder, log decoder, and concentrator."
"The reporting could be more structured."
"The solution could be more user-friendly; some query languages are required to operate it."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The troubleshooting has room for improvement."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts."
"The solution should have more integration capabilities with different platforms."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"More customizability is required, which is something that they need to improve on."
"The log system is a bit complex and has room for improvement."
"I believe that integrating the solution with other products such as Oracle would be beneficial."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"The product's licensing models are complex to understand. This particular area needs improvement."
"Technical support could be improved."
Logsign Next-Gen SIEM is ranked 44th in Log Management with 2 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Logsign Next-Gen SIEM is rated 7.6, while NetWitness Platform is rated 7.4. The top reviewer of Logsign Next-Gen SIEM writes "Easy to use and find the features that you need". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Logsign Next-Gen SIEM is most compared with Grafana Loki, Wazuh, IBM Security QRadar, ManageEngine EventLog Analyzer and Splunk Enterprise Security, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Trellix Network Detection and Response. See our Logsign Next-Gen SIEM vs. NetWitness Platform report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.