We performed a comparison between DNIF HYPERCLOUD and ThreatConnect Threat Intelligence Platform (TIP) based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"Sentinel pricing is good"
"We have no complaints about the features or functionality."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The dashboard is helpful, and it creates visualizations to let staff review event data and identify patterns and anomalies."
"The solution is quite stable and offers good performance. It also works on a virtual machine. We haven't found any issues with it so far. It's been reliable."
"Great for scaling productivity for log monitoring purposes."
"I like the MITRE table, a feature I saw for the first time in the same solution. There was one MITRE tactic table, which can be used to identify threats if you have all kinds of rules enabled or if you have rules for all the tactics in the MITRE table. There are 14 tables in MITRE, and those 14 tables consist of multiple columns, tactics, and techniques. It was one of the first SIEM tools I saw that had that particular MITRE table. On that basis, you can create new rules and identify existing ones. At any point, if an alert is triggered, it will try to match it to any of those MITRE tactics. I liked that creating a workbook on MITRE business was straightforward. I also like that you can search using SQL or DQL."
"The User Behavior Analytics is a built-in threat-hunting feature. It detects and reports on any kind of malware or ransomware that enters the network."
"The response time on queries is super-fast."
"The beauty of the solution is that you can develop infrastructure for a data lake using open sources that are separate from the licenses."
"Has a great search capability."
"The most valuable features are ease of use and the ability to customize it."
"The product automatically generated a threat score based on the maliciousness of an IP."
"ThreatConnect has a highly user-friendly interface."
"It's a solid platform and is stable enough. It is not complicated and is easy to use."
More ThreatConnect Threat Intelligence Platform (TIP) Pros →
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"The AI capabilities must be improved."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"Dependency on the DNIF support team was frustrating."
"The solution should be able to connect to endpoints, such as desktops and laptops... If this solution had a smart connector to these logs- Windows, Linux, or any other logs - without affecting the performance of the connector, that would be wonderful."
"The vendor is fairly new and it's not as big as some of the international competitors. It's not a mature product. If you ask them to move data, it might take a lot of time."
"The solution's command line should be simpler so that routine commands can be used."
"I think DNIF HYPERCLOUD can implement the ability to export more than 100,000. At the moment, we can't go beyond that. So many times, if you're checking for the firewall logs and working on something related to authentication or network-related traffic, while that log count is low, the account goes beyond that. You can't restrict the logs or the amount of data you can export. It's very important for my situation. It would be better if they could increase the capacity of exports. Although there are many more types of searching in DNIF HYPERCLOUD, people still struggle to query out what they want because not everyone is good at SQL or DQL. The easiest way to query out in DNIF is using the GUI-based interface. But in the GUI interface, you can use operator calls. It gets tricky when you want to search for a specific type of event. You don't know where it will be passed and whether it will be consistent. In the initial phase, it's tough for us to use DNIF. You cannot pass every event in a stable DNIF. When we used that particular tool, we used to get those logs, but sometimes many things are not getting passed. So, we used to export the sheet or export the data into Excel and weigh the required details. In the next release, I would like them to improve the export of the columns and make the application more user-friendly. I would also like a threat-hunting feature in the next release."
"The EBA could be improved."
"There are currently some issues with machine learning plug-ins."
"They should make it a little bit easier to generate events and share them with the community"
"Integration is an area that could use some improvement."
"It would be good to have more feeds and more integrated sources for enrichment."
"I couldn’t get any training videos online when I was working with the tool."
More ThreatConnect Threat Intelligence Platform (TIP) Cons →
More ThreatConnect Threat Intelligence Platform (TIP) Pricing and Cost Advice →
DNIF HYPERCLOUD is ranked 13th in Security Orchestration Automation and Response (SOAR) with 7 reviews while ThreatConnect Threat Intelligence Platform (TIP) is ranked 19th in Security Orchestration Automation and Response (SOAR) with 4 reviews. DNIF HYPERCLOUD is rated 7.6, while ThreatConnect Threat Intelligence Platform (TIP) is rated 8.0. The top reviewer of DNIF HYPERCLOUD writes "Development from open sources is very valuable but a huge infrastructure is required". On the other hand, the top reviewer of ThreatConnect Threat Intelligence Platform (TIP) writes "The tool could be integrated into any environment, but it was expensive, and the deployment process was complex". DNIF HYPERCLOUD is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh and Rapid7 InsightOps, whereas ThreatConnect Threat Intelligence Platform (TIP) is most compared with Anomali ThreatStream, Recorded Future, ThreatQ, Palo Alto Networks Cortex XSOAR and Anomali Match. See our DNIF HYPERCLOUD vs. ThreatConnect Threat Intelligence Platform (TIP) report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
