We performed a comparison between DFLabs IncMan SOAR and SECDO Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The initial setup is very simple and straightforward."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The vendors themselves will actually help with any customizations a client may require"
"The ease of deployment is a valuable feature."
"It basically automates the entire alert investigation process."
"Technical support is great. Palo Alto is extremely helpful and responsive."
"The on-prem log sources still require a lot of development."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"The support is not 24/7."
"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."
"The price should be reduced in order to be more competitive in the market."
"Maybe the notifications setting could use a simpler setting."
Earn 20 points
Earn 20 points
DFLabs IncMan SOAR is ranked 28th in Security Orchestration Automation and Response (SOAR) while SECDO Platform is ranked 9th in Security Incident Response. DFLabs IncMan SOAR is rated 0.0, while SECDO Platform is rated 9.0. The top reviewer of DFLabs IncMan SOAR writes "Protects an organization from the threat of a data breach or cyberattack". On the other hand, the top reviewer of SECDO Platform writes "Great documentation, good technical support, and very in-depth". DFLabs IncMan SOAR is most compared with Palo Alto Networks Cortex XSOAR and IBM Resilient, whereas SECDO Platform is most compared with Fortinet FortiSOAR.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.