Try our new research platform with insights from 80,000+ expert users

Logpoint vs Splunk SOAR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 4, 2024
 

Categories and Ranking

Logpoint
Ranking in Security Orchestration Automation and Response (SOAR)
15th
Average Rating
7.6
Number of Reviews
21
Ranking in other categories
Log Management (27th), Security Information and Event Management (SIEM) (26th), User Entity Behavior Analytics (UEBA) (7th), Endpoint Detection and Response (EDR) (32nd)
Splunk SOAR
Ranking in Security Orchestration Automation and Response (SOAR)
3rd
Average Rating
8.2
Number of Reviews
43
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Logpoint is 1.2%, up from 0.9% compared to the previous year. The mindshare of Splunk SOAR is 8.8%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Subhash Sreenivasan - PeerSpot reviewer
Jun 21, 2024
Roughly 800 to 1000 integrations available with various security products and applications and offers built-in SOAR capabilities
The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investigating. But that, I think, maybe Logpoint can improve more. The threat investigations and reporting to the end-users can be improved. Logpoint can also come up with IR [incident response] capabilities. Other important SIEM solutions have some IR services. If I am an MSSP working with LogPoint for SIEM/SOAR solutions and I need immediate support, I should be able to get some support. It can be paid support, like SecureWorks, which has those kinds of functionalities. They will immediately get in and start working on helping us identify the threats, isolate them, and give us remedies to take care of and recover from any kind of attacks. Whereas in LogPoint, that functionality is missing. We will be on our own if something happens. We will get other support from them, but there's no paid support before taking ownership and helping us recover from those kinds of attacks. They have a kind of integration for AI, but the incident response capability is what they should improve.
Ryan Plas - PeerSpot reviewer
Jun 12, 2024
Offers playbook automation that helps reduce the manual and tedious work for users
When it comes to Splunk SOAR's ability to provide end-to-end visibility into our company's cloud-native environment, I would say that we are not using the cloud portions of it. I don't know if that's super relevant to what we are doing in our organization. I am 100 percent sure that Splunk SOAR helped reduce your mean time to resolve, but I don't have any metrics on hand but I know it has dramatically decreased. The tool has helped with the business resilience part. I think having it as a platform has been a solid portion of the product that we offer to people. Spunk SOAR has definitely saved my time in alert triage. When some of the tedious enrichment and lookup stuff happens, the analyst doesn't have to deal with such areas, and they can just jump in and see relevant data all in one pane of glass, which has been super helpful for speeding things up. The unified platform helps consolidate networking, security, and IT observability tools. The consolidation of tools impacts our organization as it just helps focus the SOC analyst on a single unified place to find information. It helps keep things streamlined and regular so they know where to look for certain stuff they want. It really helps people with training. It is a really easy tool to onboard people into because everything is right there in the product itself. The product is really great. I would love to see more SOAR innovation going into the tool, especially the on-premises version since it is what we use in our company. I feel the tool needs to encourage continuous improvements, but as a product itself, my company is really happy with the solution. I rate the tool an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution's user interface is quite simple, and the integration is better than other products."
"We like the user and entity behaviour analytics (UEBA) and find it valuable."
"The solution's most valuable aspect is the combination of the software and the support that they have."
"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"In my experience with medium-sized operations, LogPoint's scalability is excellent, so I would rate it a ten out of ten."
"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."
"The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"The most valuable feature of Splunk SOAR is the automated playbooks, which saves analysts time."
"The ability to automate Splunk SOAR and customize the playbook use cases is the most valuable feature and is very exciting for me."
"It's pretty easy when it comes to setting up assets. If you want to fetch emails or call a REST API, you can set up an asset and grab that information."
"Scalability is the best feature of the solution."
"The most valuable feature is the API connector, depending on how it's formatted and who made the actual app offering for it. The REST API is my favorite component. It's very easy to use. The filters are also really valuable. Those are the two primary features but I enjoy using the rest of it."
"Splunk has many features that make work easier, and it's simple to implement in a large production environment. Splunk collects a massive amount of data from cloud servers and handles it perfectly."
"The most valuable feature is the risk-based access control."
"The most valuable feature of Splunk SOAR that stands out is it has a great SOAR. The automation and orchestration module is highly mature. A lot of use cases are on user entity and behavioral analytics (UEBA), which is artificial intelligence and machine learning-based (AIML)."
 

Cons

"It is a good product, but its interface or GUI could be better."
"The solution should offer more integrations and third-party solutions like incident response platforms or allow access to third-party big data"
"I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products."
"The documentation part is something that needs to be improved, as well as the threat intelligence investigation part."
"What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated."
"It is complicated to collect daily logs from other systems."
"The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."
"Log management could be better because transporting the log from a password to the client system takes time."
"Unfortunately, not all of our analysts are iPhone users or iOS users. The mobile app is only supported on iOS. Our analysts who have Android do not have that benefit. That would be a nice thing to have so that we can have it across the board and not just for iOS."
"I haven't used it fully, but based on my usage, I could not find simulation tools and features. It currently lacks simulation features, which are important for me for creating a playbook. It is also very expensive for my region."
"We've run into a few minor issues. Some of the playbook writing is a bit complicated. We've had a few hiccups with the source control. We'd really like to use GitHub deployment keys for a dedicated account. We haven't been able to do that. I think those are some of the major ones."
"Portability is one thing that is currently lacking. The open-source product that I evaluated had portability. It would require a lot of development effort, but it will save the cost of rewriting all the playbooks."
"They can improve on what they are currently doing. They can provide more playbooks or at least template playbooks that are in their repository."
"have put a number of ideas on the ideas.splunk.com site for feature requests for the Splunk SOAR product. I posted one of them about three years ago, which finally got implemented in the latest release that just got announced, so the time to implement new features and things like that is a little bit concerning."
"We want to see improvements made to the APIs such that we can connect to many different systems and data sources."
"It could be easier to implement."
 

Pricing and Cost Advice

"LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when customers needed a lower-costing solution."
"On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not very cheap compared to some of the cheaper products in the SIEM market."
"Our licensing fees are about $10,000 USD per month, which I think is fair."
"It's less expensive than the competitors. The Logpoint marketing team is very accommodating and client-friendly. They offer very good reductions in price. They are pretty good in this aspect. They are transparent in their licensing and pricing."
"For a hundred user deployment the cost is about $10,000. The next year it would be the same because it's a subscription-based license. There are separate costs as well, for example, if a customer asks for training for their staff."
"Logpoint's pricing is mid-ranged and depends on the number of devices."
"It was on a yearly basis at about $100K. It was not a huge environment. We were running it on our own virtual server environment, which, of course, had a cost. There was hardware and some energy cost, and then there were Microsoft Windows licenses for servers. That's all, but there was nothing in comparison to the licensing costs."
"It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value."
"Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all the functions and tie together the data. It's the perfect tool for our needs."
"We renewed it this year. This year was the first time there was a dramatic increase in the price. It was kind of non-negotiable. It was just a high increase. We had internal communications, and it was definitely a surprise to us. In a short time frame, we renewed it this year. Prices are going up everywhere, but they are not always justifiable, at least not to our eyes. The pricing this year was definitely a big shock."
"The licensing cost is reasonable."
"In my opinion, the price is high, but if you want good products, you have to be willing to pay for them."
"Splunk SOAR is more expensive compared to other options for SOAR."
"While I can't confirm the exact pricing, some colleagues have mentioned that Splunk SOAR may be on the costlier side."
"It's very overpriced because it is based on the number of users. There is no bulk licensing."
"The cost is high and the licensing is on an annual basis."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
66%
Computer Software Company
8%
Comms Service Provider
4%
Manufacturing Company
3%
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
11%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for LogPoint?
On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not ver...
What needs improvement with LogPoint?
The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investig...
What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
What is your experience regarding pricing and costs for Splunk Phantom?
I rate Splunk SOAR two out of 10 for affordability. Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all ...
What needs improvement with Splunk Phantom?
The dashboard could be improved and some other features. SOAR should integrate network capabilities, allowing us to also monitor the WLAN network. Splunk is also expensive and difficult for beginne...
 

Comparisons

 

Also Known As

No data available
Phantom
 

Learn More

 

Overview

 

Sample Customers

AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...
Recorded Future, Blackstone
Find out what your peers are saying about Logpoint vs. Splunk SOAR and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.