We performed a comparison between DNIF HYPERCLOUD and ServiceNow Security Operations based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The UI of Sentinel is very good and easy to use, even for beginners."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The User Behavior Analytics is a built-in threat-hunting feature. It detects and reports on any kind of malware or ransomware that enters the network."
"The response time on queries is super-fast."
"The dashboard is helpful, and it creates visualizations to let staff review event data and identify patterns and anomalies."
"Has a great search capability."
"Great for scaling productivity for log monitoring purposes."
"I like the MITRE table, a feature I saw for the first time in the same solution. There was one MITRE tactic table, which can be used to identify threats if you have all kinds of rules enabled or if you have rules for all the tactics in the MITRE table. There are 14 tables in MITRE, and those 14 tables consist of multiple columns, tactics, and techniques. It was one of the first SIEM tools I saw that had that particular MITRE table. On that basis, you can create new rules and identify existing ones. At any point, if an alert is triggered, it will try to match it to any of those MITRE tactics. I liked that creating a workbook on MITRE business was straightforward. I also like that you can search using SQL or DQL."
"The solution is quite stable and offers good performance. It also works on a virtual machine. We haven't found any issues with it so far. It's been reliable."
"The beauty of the solution is that you can develop infrastructure for a data lake using open sources that are separate from the licenses."
"Reduces time to closure and closure metrics for vulnerabilities."
"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."
"What I found most valuable in ServiceNow Security Operations is that it's very useful for any incoming vulnerability. For example, if my team finds any vulnerability on servers such as the CA and CMDB integrated with ServiceNow Security Operations, my team can make some changes. My team can map the vulnerabilities found on the CA server, make the changes required, and resolve the vulnerabilities before the system is attacked. You can avoid vulnerability attacks through ServiceNow Security Operations, so this is the best feature of the solution. ServiceNow Security Operations is beneficial mainly for vulnerability response and engagement purposes."
"The product has a very simple UI."
"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."
"The "follow" feature is really good. If the user is not responding, there's an option to "follow". Just click on the button, and it will automatically trigger an email to the end user."
"The solution is stable."
"Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."
"The on-prem log sources still require a lot of development."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"The troubleshooting has room for improvement."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"The EBA could be improved."
"The vendor is fairly new and it's not as big as some of the international competitors. It's not a mature product. If you ask them to move data, it might take a lot of time."
"Dependency on the DNIF support team was frustrating."
"I think DNIF HYPERCLOUD can implement the ability to export more than 100,000. At the moment, we can't go beyond that. So many times, if you're checking for the firewall logs and working on something related to authentication or network-related traffic, while that log count is low, the account goes beyond that. You can't restrict the logs or the amount of data you can export. It's very important for my situation. It would be better if they could increase the capacity of exports. Although there are many more types of searching in DNIF HYPERCLOUD, people still struggle to query out what they want because not everyone is good at SQL or DQL. The easiest way to query out in DNIF is using the GUI-based interface. But in the GUI interface, you can use operator calls. It gets tricky when you want to search for a specific type of event. You don't know where it will be passed and whether it will be consistent. In the initial phase, it's tough for us to use DNIF. You cannot pass every event in a stable DNIF. When we used that particular tool, we used to get those logs, but sometimes many things are not getting passed. So, we used to export the sheet or export the data into Excel and weigh the required details. In the next release, I would like them to improve the export of the columns and make the application more user-friendly. I would also like a threat-hunting feature in the next release."
"The solution's command line should be simpler so that routine commands can be used."
"The solution should be able to connect to endpoints, such as desktops and laptops... If this solution had a smart connector to these logs- Windows, Linux, or any other logs - without affecting the performance of the connector, that would be wonderful."
"There are currently some issues with machine learning plug-ins."
"The product is called SecOps, but it is not security operations in terms of SIEM solutions."
"We'd like customization to be easier in terms of the UI and using the dashboards."
"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."
"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."
"The threat intelligence module needs a better dashboard."
"The initial setup is difficult."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
"An area for improvement I observed in ServiceNow Security Operations is the need to maintain correct CMDB data because if you're unable to do this, you can't perfectly maintain the vulnerability data. CMDB data in ServiceNow Security Operations needs to be accurate. As I've been working on ServiceNow Security Operations for only seven months, I still need more time to try all its modules before I can give recommendations regarding additional features I'd like to see in the solution."
More ServiceNow Security Operations Pricing and Cost Advice →
DNIF HYPERCLOUD is ranked 13th in Security Orchestration Automation and Response (SOAR) with 7 reviews while ServiceNow Security Operations is ranked 8th in Security Orchestration Automation and Response (SOAR) with 14 reviews. DNIF HYPERCLOUD is rated 7.6, while ServiceNow Security Operations is rated 8.0. The top reviewer of DNIF HYPERCLOUD writes "Development from open sources is very valuable but a huge infrastructure is required". On the other hand, the top reviewer of ServiceNow Security Operations writes "Mature with nice UI and customizable workflows". DNIF HYPERCLOUD is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh and Rapid7 InsightOps, whereas ServiceNow Security Operations is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, IBM Resilient, Swimlane and Fortinet FortiSOAR. See our DNIF HYPERCLOUD vs. ServiceNow Security Operations report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.