We performed a comparison between Exabeam Fusion SIEM and ServiceNow Security Operations based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"Free ingestion for Azure logs (with E5 licence)"
"It has basic out-of-the-box integrations with multiple log sources."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The solution's initial setup process is easy."
"Timeline based analysis; good platform support"
"It's a very user-friendly product and it's a very comprehensive technology."
"The setup is not difficult. It was easy."
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"The advanced analytics has a really great overview of user behavior."
"The ease of use is great."
"The solution is available over the cloud and is easy to manage."
"The solution is stable."
"What I found most valuable in ServiceNow Security Operations is that it's very useful for any incoming vulnerability. For example, if my team finds any vulnerability on servers such as the CA and CMDB integrated with ServiceNow Security Operations, my team can make some changes. My team can map the vulnerabilities found on the CA server, make the changes required, and resolve the vulnerabilities before the system is attacked. You can avoid vulnerability attacks through ServiceNow Security Operations, so this is the best feature of the solution. ServiceNow Security Operations is beneficial mainly for vulnerability response and engagement purposes."
"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."
"It has helped optimize security costs by consolidating multiple tools into one platform."
"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."
"It's stable."
"There is room for improvement in entity behavior and the integration site."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"I would like Microsoft Sentinel to enhance its SOAR capabilities."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The AI capabilities must be improved."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"We still have questions surrounding hardware deployment."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"They should provide detailed information about detecting phishing emails."
"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"I believe if it were more flexible it would be a better product."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"The organzation is rigid and not flexible in the way they operate"
"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."
"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."
"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."
"Customer awareness and understanding of ServiceNow's SecOps capabilities could be improved."
"There is room for improvement in terms of developer support and documentation."
"We'd like customization to be easier in terms of the UI and using the dashboards."
"The threat intelligence module needs a better dashboard."
"An area for improvement I observed in ServiceNow Security Operations is the need to maintain correct CMDB data because if you're unable to do this, you can't perfectly maintain the vulnerability data. CMDB data in ServiceNow Security Operations needs to be accurate. As I've been working on ServiceNow Security Operations for only seven months, I still need more time to try all its modules before I can give recommendations regarding additional features I'd like to see in the solution."
More ServiceNow Security Operations Pricing and Cost Advice →
Exabeam Fusion SIEM is ranked 13th in Security Orchestration Automation and Response (SOAR) with 10 reviews while ServiceNow Security Operations is ranked 7th in Security Orchestration Automation and Response (SOAR) with 15 reviews. Exabeam Fusion SIEM is rated 8.0, while ServiceNow Security Operations is rated 8.0. The top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". On the other hand, the top reviewer of ServiceNow Security Operations writes "Mature with nice UI and customizable workflows". Exabeam Fusion SIEM is most compared with IBM Security QRadar, Splunk User Behavior Analytics, Splunk Enterprise Security, Palo Alto Networks Cortex XSOAR and Cortex XSIAM, whereas ServiceNow Security Operations is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, IBM Resilient, Swimlane and Proofpoint Threat Response. See our Exabeam Fusion SIEM vs. ServiceNow Security Operations report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.