We performed a comparison between Cyware Security Orchestration Layer and Siemplify based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The technical support team is helpful."
"The most valuable feature of Siemplify is the playbooks that can be created."
"The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user interface is generally straightforward, although recent changes may require some adjustment and Siemplify's integrations and capabilities offer potential support for various compliance requirements."
"Without hyperbole, I have never, in my entire career, encountered a vendor or a vendor community as awesome as Siemplify. Siemplify and the Siemplify Community quite literally made it possible for our SOC to increase almost five-fold in our number of clients and number of analysts and to go from a Monday to Friday 9-5 shop to a 24/7 shop all in the span of under a year and a half and all while continually adding capabilities and improving the services we offer to our clients."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The prices must be reduced."
"I'm inclined to say that I'd love to see some Machine Learning capabilities integrated into the platform, however, I just attended a demo this morning where Siemplify gave a sneak peek into some Machine Learning capabilities that they are currently developing and have roadmapped for release soon."
"We often encounter minor issues that could be improved, but we maintain communication with the developers and submit feature requests. Recently, I requested enhancements such as improved search functionality within playbooks and expanded options for exporting case data."
"Building the playbooks could be easier and the integration could improve. It is a difficult process, such as what API connections need to be made."
Cyware Security Orchestration Layer is ranked 21st in Security Orchestration Automation and Response (SOAR) with 1 review while Siemplify is ranked 16th in Security Orchestration Automation and Response (SOAR) with 3 reviews. Cyware Security Orchestration Layer is rated 9.0, while Siemplify is rated 8.6. The top reviewer of Cyware Security Orchestration Layer writes "A stable solution with excellent features and a helpful technical support team". On the other hand, the top reviewer of Siemplify writes "Great for reporting and ticketing for SOC MxDR client environments and has a great, supportive community". Cyware Security Orchestration Layer is most compared with , whereas Siemplify is most compared with Splunk SOAR, Palo Alto Networks Cortex XSOAR, ServiceNow Security Operations and Fortinet FortiSOAR.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.