No more typing reviews! Try our Samantha, our new voice AI agent.

DNIF HYPERCLOUD vs Elastic Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Torq
Sponsored
Ranking in Security Orchestration Automation and Response (SOAR)
4th
Average Rating
8.8
Reviews Sentiment
6.5
Number of Reviews
14
Ranking in other categories
AI-SOC (1st), AI-Powered Security Automation (1st)
DNIF HYPERCLOUD
Ranking in Security Orchestration Automation and Response (SOAR)
28th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
8
Ranking in other categories
Log Management (46th), Security Information and Event Management (SIEM) (46th), User Entity Behavior Analytics (UEBA) (19th)
Elastic Security
Ranking in Security Orchestration Automation and Response (SOAR)
10th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
66
Ranking in other categories
Log Management (11th), Security Information and Event Management (SIEM) (7th), Endpoint Detection and Response (EDR) (15th), Extended Detection and Response (XDR) (12th)
 

Featured Reviews

AD
Solutions Architect at ProArch
Automation has streamlined multi-tenant SOC workflows and improves alert handling efficiency
Although the reporting within Torq is not that great, we did ask for many features regarding reporting in Torq, but due to some platform constraints, they could not make the whole dataset available for us to be used in reporting. Except for that, we used some basic reporting. When I used Torq, it was indeed in the early stages of AI capabilities. Only a few customers were allowed to use it, and we were among them. It functioned well as long as we summarized the data properly. If you input garbage, you would get garbage out. Thus, we had to do significant fine-tuning regarding what data context we provided to the AI orchestrator to get meaningful results. In terms of Torq's unified platform approach to AI SOC automation and case management compared to managing multiple point solutions across my security stack, I find it case-centric. The unified view in case management is good since it provides clarity, although there are limitations regarding how many items in case management can be modified at once. Bulk operations are very limited, potentially due to their back-end database or data retrieval processes that can be improved. Regarding improvements for Torq, when we were onboarded, there were aspects we were uncertain about, such as the number of cases that could be generated, what data we could bring in, how many clients we could onboard, and similar concerns. Initially, we also lacked clarity about the number of playbooks or workflows we could build. Different triggers like system triggers, case-based triggers, and others can be employed without restrictions, but when it comes to on-demand and scheduled jobs, there is a limitation based on the subscription and pricing tier that notably caps the number of workflows we can create. No bulk editing across cases was one issue, along with limited filtering related to single grouping constraints. Additionally, the out-of-the-box case templates provided require substantial modifications before they become usable. There is also a feature in the cases for notes that cannot be searched. They are only visible through the UI, which is another area for improvement. The workflow and execution-based charges seem misleading as this was not discussed initially. I am not sure if new customers are made aware of this. It seems that workflows revolving around cases hinder functionality outside of case management, as we have many use cases needing on-demand triggers and schedules for functions like reporting or polling devices. Creating additional workflows to achieve basic functionalities raises costs significantly, which disadvantages customers. While they facilitate optimization and scaling, the support received tends to be very basic. Improvements can be made in that area as well.
Kishore Tiwari - PeerSpot reviewer
Deputy General Manager - Information Security (Lead ISA) at a energy/utilities company with 1,001-5,000 employees
Development from open sources is very valuable but a huge infrastructure is required
The solution's command line should be simpler so that routine commands can be used. The search configuration is a bit different than other OEMs or SIEM solutions like ArcSight or QRadar that are easy to search because they operate similarly. The logic is there and the solution supplies a pretty good explanation. Basically, DNIF spelled out is the opposite of FIND. You have to find commands whenever you want to search something. For example, a highway gets you to your destination but there is an alternate way people don't yet know about. Gartner or Forrester haven't yet studied it. We were a bit nervous when we were trying to get familiar with the solution. We wondered if we could realize ROI because the commands and ways of pulling data were different to us. We raised a case with the support team and their professionals provided the needed support. The command line is user friendly once you understand it. If you need immediate use, then you might want to get assistance from someone who is well-versed in methods for using key patterns to find things. Lengthier files for threat hunting or analysis are needed. The correlation happens, but exporting a large number of files to abstract them is not possible. For example, I want to present raw data to management so I should be able to customize a date range in my query and download the files.
Laurentiu Popescu - PeerSpot reviewer
Chief Product Officer at ClusterPower
Has improved threat detection with deep log analysis and streamlined investigation workflows
The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"What I appreciate most about Torq is that it is an essential part of our system."
"Since we started working with Torq, I am handling much fewer alerts, it is becoming really easy for me to handle an alert, I have all the information that I need, I do not need to connect to different vendors to receive this information, and the main thing I got from Torq is time, which now helps me to build another automated system and learn."
"Almost four or five hours of work is now completed in four or five minutes."
"Torq's unified platform approach to AI, SOAR, automation, and case management is superior compared to my experience managing multiple point solutions."
"As an analyst, it has demonstrated potential to reduce workforce requirements and time needed for related activities."
"Using that one piece of AI, we auto-closed 511 cases in quarter four alone."
"Torq has exceeded expectations by delivering workflows in a timely and lower effort manner than XSOAR, and it meets all my needs while saving a ton of time and targeting $600,000 saved this year, which is a substantial amount of money."
"What I liked the most about Torq is the actual workflow builder, which is really great because they offer a lot of features and convenience features that are useful for any automation engineer."
"The benefit of DNIF was that the solution was able to detect any anomalies and identify and prevent any possible security threats or attacks."
"The solution is quite stable and offers good performance, it also works on a virtual machine and we haven't found any issues with it so far, it's been reliable."
"The User Behavior Analytics is a built-in threat-hunting feature. It detects and reports on any kind of malware or ransomware that enters the network."
"The most valuable feature of the solution is the number of EPS it can handle."
"Great for scaling productivity for log monitoring purposes."
"The beauty of the solution is that you can develop infrastructure for a data lake using open sources that are separate from the licenses."
"Has a great search capability."
"The dashboard is helpful, and it creates visualizations to let staff review event data and identify patterns and anomalies."
"I think that it's a good solution for a SIEM."
"The cost is reasonable. It's not overly pricey."
"The solution has very good logging functionality, the aggregation capability is quite useful, the solution is quite stable, the performance has been good, and the solution scales well."
"The most valuable feature is the speed, as it responds in a very short time."
"The visualization is very good."
"The product in general has come very far and it's gotten a lot better over the years."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
 

Cons

"Torq does extensive marketing saying that SOAR is dead and markets itself as an all-in-one solution, but this is not actually true."
"Additionally, the documentation for Torq is not very clear. Most of the information is presented in videos, which are not ideal for reading; there are mostly paragraphs and other text-based content."
"The initial deployment of Torq was not easy."
"The workflow and execution-based charges seem misleading as this was not discussed initially, and creating additional workflows to achieve basic functionalities raises costs significantly, which disadvantages customers."
"It was able to capture data but was unable to differentiate between the agent hostname we are using and the hostname that resides on the back end of the Internet."
"I wish Torq's AI assistant for building templated workflows from scratch worked better; when you start with a blank slate, asking AI to help you build or template the workflow out does not go well."
"Regarding stability, I have noticed some lagging, crashing, and downtime, which is one of my largest gripes."
"We have MCP that we are working with our cloud security platform, and we wanted to connect this MCP to the case management."
"The EBA could be improved."
"There are currently some issues with machine learning plug-ins."
"We have some issues with machine learning plug-ins and I believe they're working on a solution for that."
"I feel that DNIF needs to invest more in marketing, considering that it operates at a very competitive speed."
"Dependency on the DNIF support team was frustrating."
"The solution should be able to connect to endpoints, such as desktops and laptops... If this solution had a smart connector to these logs- Windows, Linux, or any other logs - without affecting the performance of the connector, that would be wonderful."
"I think DNIF HYPERCLOUD can implement the ability to export more than 100,000. At the moment, we can't go beyond that. So many times, if you're checking for the firewall logs and working on something related to authentication or network-related traffic, while that log count is low, the account goes beyond that. You can't restrict the logs or the amount of data you can export. It's very important for my situation. It would be better if they could increase the capacity of exports. Although there are many more types of searching in DNIF HYPERCLOUD, people still struggle to query out what they want because not everyone is good at SQL or DQL. The easiest way to query out in DNIF is using the GUI-based interface. But in the GUI interface, you can use operator calls. It gets tricky when you want to search for a specific type of event. You don't know where it will be passed and whether it will be consistent. In the initial phase, it's tough for us to use DNIF. You cannot pass every event in a stable DNIF. When we used that particular tool, we used to get those logs, but sometimes many things are not getting passed. So, we used to export the sheet or export the data into Excel and weigh the required details. In the next release, I would like them to improve the export of the columns and make the application more user-friendly. I would also like a threat-hunting feature in the next release."
"The solution's command line should be simpler so that routine commands can be used."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"This solution is very hard to implement."
"Email notification should be done the same way as Logentries does it."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"We'd like to see some more artificial intelligence capabilities."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
 

Pricing and Cost Advice

Information not available
"The solution requires a huge infrastructure and that is costly."
"The pricing is based on the log size."
"Price-wise, the product is quite economical. I rate the solution's price as three or four on a scale of one to ten, where one is considered to be a very economically priced tool."
"I can say that the product is cheaply priced."
"There is no charge for using the open-source version."
"Elastic Security is free to use."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"The solution is free."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Construction Company
10%
Manufacturing Company
10%
Comms Service Provider
9%
Construction Company
16%
Comms Service Provider
8%
Outsourcing Company
8%
Financial Services Firm
7%
Comms Service Provider
9%
Financial Services Firm
9%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise5
Large Enterprise6
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise1
Large Enterprise3
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise12
Large Enterprise15
 

Questions from the Community

What needs improvement with Torq?
I do not dislike anything about Torq because it has satisfied all of our use cases and requirements. We contacted sup...
What is your primary use case for Torq?
Initially, we were using Slack for small automations, such as creating pipelines or shutting down servers. For exampl...
What advice do you have for others considering Torq?
I have been working for five years with experience in the IT field. Torq is very good. It manages everything. I would...
Ask a question
Earn 20 points
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several time...
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
What needs improvement with Elastic Security?
I do not have any specific recommendations for improvements in Elastic Security, but I feel that the AI module should...
 

Also Known As

No data available
No data available
Elastic SIEM, ELK Logstash
 

Overview

 

Sample Customers

Information Not Available
Mahindra & Mahindra, Tata Consultancy Services (TCS), ICICI Bank, Yes Bank, Tata Motors, RBL Bank
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Find out what your peers are saying about DNIF HYPERCLOUD vs. Elastic Security and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.