


Sumo Logic Security and Cynet are both competitive security solutions offering distinct benefits. Cynet appears to have the upper hand with its comprehensive features, while Sumo Logic appeals more with its support and pricing.
Features: Sumo Logic Security is praised for robust analytics, real-time monitoring capabilities, and detailed data insights. Cynet stands out with all-in-one autonomous threat protection, multiple security layers integrated into one platform, and a simpler holistic solution.
Room for Improvement: Sumo Logic Security users suggest enhancing integration capabilities, refining alert accuracy, and improving primary functionalities. Cynet users call for better reporting features, more extensive documentation, and improvements in expanding primary functionalities.
Ease of Deployment and Customer Service: Sumo Logic Security is recognized for smooth deployment but has mixed reviews on customer service responsiveness. Cynet offers straightforward deployment and garners positive feedback for proactive customer service. Sumo Logic's ease of integration and Cynet's user-friendly deployment meet different user needs effectively.
Pricing and ROI: Sumo Logic Security is seen as cost-effective, with users valuing the return on investment from its deep insights. Cynet's pricing is perceived as higher, justified by its comprehensive security coverage. Therefore, Sumo Logic is favored for budget-conscious users, while Cynet is preferred for extensive features.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
Cortex XDR by Palo Alto Networks helps to reduce my total cost of ownership significantly.
In Cortex XDR by Palo Alto Networks, most of the remediation is automated and the accuracy is quite good.
The return on investment with Cynet is pretty good, as it doesn't require a dedicated resource to manage, being highly automated.
We have saved 64 hours of our time overall.
The return on investment I have seen with Sumo Logic Security in the past year and a half is tough to quantify, but I would estimate it has hit the milestones we set internally for return on investment.
The technical support from Palo Alto deserves a mark of ten because they reach out within an hour whenever assistance is needed.
There is no back and forth, and they know what we are asking for and come up with the best resolution for a solution.
If any of these services are missed, it becomes a problem in terms of support tickets, follow-up, or special configuration that needs to be done in the system.
Their SOC side support, when a threat is detected, is excellent.
My experience with the technical support of Cynet is excellent; they are just one click away.
Based on our needs, they schedule remote sessions and resolve the issues.
They have a response time of forty-eight hours, which is not instant support.
In general, they usually provide continuous support post-implementation, being in touch and trying to help, which makes their after-sale process better than Splunk.
Sumo Logic Security has really good customer support.
You can onboard 10,000 endpoints in just hours, which demonstrates the excellent scalability of this product.
Activating the newly purchased licenses is instantaneous, allowing installations without adjustments since it's cloud-based.
Cortex XDR by Palo Alto Networks can be expanded anytime by purchasing another license without any issues related to scalability.
The solution is highly scalable.
We can deploy Cynet for 50,000 users, and we have deployed it at that scale, with the capability to scale higher to 100,000 users without any challenges.
Cynet is very scalable.
Sumo Logic Security scales up automatically because it is a cloud-native SIEM, and I do not need to worry about hardware clusters or capacity planning.
The tool has high scalability because everything is based in the cloud.
I did not face any significant issues with Sumo Logic Security, but the pricing may be a concern as they try to upsell and raise the prices very quickly.
Cortex remains fast and responsive, even with increasing data and alerts.
The thresholds we've seen on our firewall boxes at some instances reached 80% to 85%, but even at that level of utilization, we don't observe any latency or any issues reported with respect to accessing the application.
Cortex XDR by Palo Alto Networks can be trusted completely.
Within six years of usage, we have not had any issues such as outages or downtime.
If there are many records, the system may stop or the UI may become unresponsive.
The query language is pretty straightforward and easy, and it is very powerful for building different searches and dashboards that will serve for later exploration of the same interests I have.
It operates very well as a cloud-native SaaS platform with high availability, and there is no downtime that I have experienced.
Improving reporting and dashboard customization, along with the addition of real-time and exportable reports, would help SOC teams greatly.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
There should be more options than deploying solely through group policy, as the assumption that GPO is working isn’t always the case.
Having a DLP feature would also add value.
Integration with local Active Directory, not only Azure AD, is a must.
This can lead to alerts that are collections of disjointed signals that sometimes make no sense and lack real context; this simplistic approach makes it hard to find coherent stories during investigations.
I would also appreciate the AWS automation integrations to be more secure because currently, they are using access keys, which involves a user rather than roles, which is the security best practice recommended by AWS.
The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk.
The pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks.
I would say it is definitely not a cheap product, considering how mature it is and how scalable all Palo Alto products are together.
Compared to CrowdStrike, which is very costly, and SentinelOne, which is also very costly, Cortex XDR by Palo Alto Networks is a medium cost-efficient solution.
I think the pricing of Cynet is fair and one of the better options in the market.
The price of Cynet is reasonable considering its features and support.
Cynet does not ask for additional costs for add-on features.
This makes it more cost-effective because other solutions often include a third element in their pricing.
From one to ten, where one is cheap and ten is expensive, I would put Sumo Logic Security at a seven.
If you go to the well-known vendors such as Azure Sentinel or other tools like Splunk, you are going to find them costly since they are well-known and they have much more integration compared to Sumo Logic Security.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
It includes machine learning to easily analyze data and detect complex threats across endpoints, networks, or clouds.
The valuable aspects of Cynet are its EDR and XDR components, which are available at a reasonable price point.
The most effective features of Cynet are its ransomware protection and lateral movement deception.
The SOAR function, deception, and forensics are very useful.
The features I find most useful in Sumo Logic Security are the ease of implementation and connectors; they have a very easy connection and many connectors to important systems, making it very easy to implement and fast to start running in production.
They are able to save time on fewer alerts because we are able to perform tuning on the logs to be able to only get relevant or security relevant incidents.
My SOC analysts were crushed under Splunk, but Sumo has actually eased the workload and made it tolerable for three people.


| Company Size | Count |
|---|---|
| Small Business | 46 |
| Midsize Enterprise | 21 |
| Large Enterprise | 53 |
| Company Size | Count |
|---|---|
| Small Business | 30 |
| Midsize Enterprise | 7 |
| Large Enterprise | 12 |
| Company Size | Count |
|---|---|
| Small Business | 7 |
| Midsize Enterprise | 4 |
| Large Enterprise | 16 |
Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.
Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.
What are the key features of Cortex XDR?Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.
Cynet provides comprehensive endpoint protection and advanced threat detection, offering intuitive deployment and monitored support. It ensures real-time visibility and minimal management, enhancing security for diverse and remote teams.
Cynet integrates seamlessly with existing infrastructure, providing an efficient solution for endpoint protection, threat detection, and response. Its automation, scalability, and stability are key benefits. Users benefit from real-time network visibility, ransomware protection, and deception capabilities. Cynet serves as a robust alternative to CrowdStrike, offering a multifaceted approach to security operations, especially in environments needing continuous threat monitoring and zero-day threat management. Areas needing improvement include mobile device support, enhanced reporting, third-party integrations, and AI-based detection.
What are Cynet's most important features?In the financial sector, Cynet's ability to support efficient threat detection and endpoint protection is crucial. Healthcare industries leverage its data protection features for compliance and security. In manufacturing, real-time threat monitoring supports safeguarding intellectual property. Retail sectors benefit from its scalability and minimal management demands, helping secure diverse, distributed locations.
Sumo Logic Security offers efficient event monitoring with customizable alerts, centralized log search, and real-time threat detection. It supports multi-cloud environments and integrates with threat intelligence, reducing workload with AI-driven analytics.
Sumo Logic Security empowers organizations with advanced logging and monitoring solutions, facilitating comprehensive security event management. Its robust log search and comparison features, combined with user-friendly dashboards, enable quick event analysis. The platform's multi-cloud support and real-time threat detection are notable features, seamlessly integrating automated log correlation and AI analytics to optimize user experience. Despite needing enhancements in querying and dashboard functionalities, Sumo Logic Security remains a reliable choice for application log management, IT asset visibility, and incident alerting. Organizations utilize it for threat detection, posture monitoring, and compliance audits, in platforms like AWS, focusing on security insights and performance monitoring.
What are the key features of Sumo Logic Security?Organizations in industries like finance and technology implement Sumo Logic Security to maintain security and compliance, leveraging its advanced monitoring and alerting capabilities. Teams focus on application troubleshooting and forensic analysis, ensuring robust security posture and effective incident response across cloud-based environments.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.