We performed a comparison between Swimlane and ThreatQ based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Log aggregation and data connectors are the most valuable features."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The pricing of the product is excellent."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The technical support from Swimlane is very good."
"It provides us with a single portal for our logs from different solutions."
"The most valuable feature of the solution is the support."
"Integrating the solution with our existing security tools and workflows was easy."
"The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"The product can be improved by reducing the cost to use AI machine learning."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"The solution should allow for a streamlined CI/CD procedure."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"The stability of the solution has room for improvement."
"The initial setup and deployment are complex."
"We faced a lot of issues with the product’s stability."
"The solution should be simpler for the end-user in terms of reporting and navigating the product."
"The tool is not user-friendly."
Swimlane is ranked 18th in Security Orchestration Automation and Response (SOAR) with 3 reviews while ThreatQ is ranked 24th in Security Orchestration Automation and Response (SOAR) with 2 reviews. Swimlane is rated 7.6, while ThreatQ is rated 7.0. The top reviewer of Swimlane writes "Great support, scalable, and easier to code". On the other hand, the top reviewer of ThreatQ writes "Improves the threat intelligence gathering process, but it is not user-friendly". Swimlane is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Fortinet FortiSOAR, Tines and Cyware Fusion and Threat Response, whereas ThreatQ is most compared with ThreatConnect Threat Intelligence Platform (TIP), Anomali ThreatStream, Recorded Future and Palo Alto Networks Cortex XSOAR. See our Swimlane vs. ThreatQ report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
