Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks Cortex XSOAR vs Sumo Logic Security comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Palo Alto Networks Cortex X...
Ranking in Security Orchestration Automation and Response (SOAR)
2nd
Average Rating
8.4
Number of Reviews
44
Ranking in other categories
SOC as a Service (2nd)
Sumo Logic Security
Ranking in Security Orchestration Automation and Response (SOAR)
12th
Average Rating
8.6
Number of Reviews
18
Ranking in other categories
Log Management (19th), Security Information and Event Management (SIEM) (19th)
 

Mindshare comparison

As of November 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Palo Alto Networks Cortex XSOAR is 13.1%, down from 15.0% compared to the previous year. The mindshare of Sumo Logic Security is 0.8%, down from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

NikhilSharma2 - PeerSpot reviewer
Aug 23, 2024
Ability to multiple playbooks to fetch data from multiple firewalls and utomated several tasks, including vulnerability scans and SOCL (Security Orchestration, Automation
Recently, they started implementing microservices in XSOAR, which has improved quality and addressed previous issues. However, they should focus more on licensing costs. The user licensing fees are quite high. For example, I received a quote for XSOAR, and it was $12,000 per user per year. If you have a SOC team of 30 members/analysts, you're looking at a substantial expense. They should consider reducing these costs since this high pricing seems to be more about profit. So, there is room for improvement in the pricing. Moreover, the reporting and dashboard features are decent but could be improved. The user interface (UI) is quite heavy and takes time to load, which is a major drawback.
Moole Muralidhara Reddy - PeerSpot reviewer
Mar 26, 2024
Used to store and monitor application logs and VPC flow logs
We are mainly concentrating on networking. We use VPC products and application logs to monitor the genuineness of users who have logged in. We also store and monitor GuardDuty logs to see if someone is trying to access the same server multiple times. We are storing and monitoring WAF logs and GuardDuty logs. If someone faces any issues, we'll receive an email and take action based on it. If someone tries to access one of the applications from a different country, we can search in Google and identify the location of that particular IP address. Sumo Logic Security identifies whether a particular IP address is low, medium, or high risk without the help of Google. We can store logs in CloudWatch, but it is very difficult to search them in CloudWatch. We should know the query in order to do that. Searching for logs with Sumo Logic Security is very easy compared to CloudWatch. We have been using the solution for more than two years and haven't faced any issues with the solution's availability. I would recommend the solution to other users. I would recommend Sumo Logic Security instead of AWS, CloudWatch, or CloudTrail. With Sumo Logic Security, you can capture and see all the logs in a single place. If some issues occur, you can log into the solution and verify all the logs. At an organizational level, we have multiple AWS accounts for different environments. Instead of logging in to all the AWS accounts, you can log in to Sumo Logic Security and verify everything. Overall, I rate the solution a nine out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of Palo Alto Networks Cortex XSOAR are its overall track record and features that fit our use case."
"The orchestration in XSOAR is significantly easier compared to other SOAR tools I've used."
"Many different playbooks are available and can be customized."
"The product is quite easy to use."
"The strengths of Palo Alto Networks Cortex XSOAR stem from the fact that it provides functionalities related to patching and URL blocking...It is a scalable solution."
"The most valuable features of Palo Alto Networks Cortex XSOAR are the remote controller from the workstation that can execute commands and isolate the systems outside of the network. Only the system with an internet connection can execute the task because the main console is in the cloud."
"The pricing is very good."
"It is a scalable solution."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"We can integrate threat intelligence solutions into the product."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"The solution is quite stable."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
 

Cons

"For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."
"The solution's correlation rules and playbooks should be improved."
"I think they should increase their collaboration base."
"Previously, when Demisto was, there was a community edition; we could use it, reinstall it, and customize it. Since Palo Alto took over, it has become more financially oriented. It's business, but they could offer a pro model and a lighter model for different needs."
"The price of the solution could be improved."
"Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners."
"I would like to see Cortex become less dependent on Active Directory and group policies to manage the deployment. Maybe I need to update my understanding of how to deploy it, but that's the way I know how to use it."
"Palo Alto Networks Cortex XSOAR could improve the look, feel, and management of the cloud console. Additionally, the user could be more easily integrated."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"Sumo Logic Security is expensive, and its pricing could be improved."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"The solution should improve its UI."
"There are some API gaps that are missing."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
 

Pricing and Cost Advice

"The solution's cost is reasonable."
"My company did not make any payments towards the licensing costs attached to the product since we were only using its pilot version."
"It is approx $10,000 or $20,000 per year for two user licenses."
"When I first looked at Demisto, it had a price tag of $250,000 but when we finally purchased it, it was $345,000."
"The pricing is fair. The pricing reflects the value and feature set it offers."
"The solution is expensive."
"The price of Palo Alto Networks Cortex XSOAR is comparable to other solutions in the market."
"Palo Alto offers significant discounts to customers who purchase the products repeatedly."
"I don't pay the bill. I've heard the AWS Marketplace pricing is high, but I like the value."
"The only limit to the scalability of the product for us is how much we are willing to pay."
"The product is costly."
"We chose to go through the AWS Marketplace because it makes it a lot easier when we bill our customers. Rather than having to get multiple different sources of information then correlate a monthly bill for our customers, it is just included in the AWS usage charges."
"Purchasing the solution through the AWS Marketplace is very easy."
"Purchasing Sumo Logic through the AWS Marketplace was a simple step."
"Storing logs in Sumo Logic Security is charged GB-wise, which is a little higher than other products."
"The AWS Marketplace pricing is borderline. Every annual renewal, we always contemplate if we are getting what we think we could out of it or could we do it cheaper with some other product."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Computer Software Company
13%
Government
10%
Manufacturing Company
9%
Computer Software Company
16%
Financial Services Firm
11%
Government
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Palo Alto Networks Cortex XSOAR?
I do not know about the pricing as it was handled by the salespeople.
What needs improvement with Palo Alto Networks Cortex XSOAR?
Creating complex playbooks using coding languages, such as Python, could be easier. Sometimes the process becomes tedious and requires manual tasks.
What do you like most about Sumo Logic Security?
Sumo Logic Security is a good solution for searching the logs and identifying the issues.
What is your experience regarding pricing and costs for Sumo Logic Security?
Storing logs in Sumo Logic Security is charged GB-wise, which is a little higher than other products.
What needs improvement with Sumo Logic Security?
Sumo Logic Security is expensive, and its pricing could be improved.
 

Also Known As

Demisto Enterprise, Cortex XSOAR, Demisto
No data available
 

Overview

 

Sample Customers

Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT Cybersecurity
Information Not Available
Find out what your peers are saying about Palo Alto Networks Cortex XSOAR vs. Sumo Logic Security and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.