We performed a comparison between DNIF HYPERCLOUD and Seceon Open Threat Management Platform based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"The features that stand out are the detection engine and its integration with multiple data sources."
"We have no complaints about the features or functionality."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The dashboard is helpful, and it creates visualizations to let staff review event data and identify patterns and anomalies."
"The User Behavior Analytics is a built-in threat-hunting feature. It detects and reports on any kind of malware or ransomware that enters the network."
"The solution is quite stable and offers good performance. It also works on a virtual machine. We haven't found any issues with it so far. It's been reliable."
"The beauty of the solution is that you can develop infrastructure for a data lake using open sources that are separate from the licenses."
"The response time on queries is super-fast."
"Has a great search capability."
"Great for scaling productivity for log monitoring purposes."
"I like the MITRE table, a feature I saw for the first time in the same solution. There was one MITRE tactic table, which can be used to identify threats if you have all kinds of rules enabled or if you have rules for all the tactics in the MITRE table. There are 14 tables in MITRE, and those 14 tables consist of multiple columns, tactics, and techniques. It was one of the first SIEM tools I saw that had that particular MITRE table. On that basis, you can create new rules and identify existing ones. At any point, if an alert is triggered, it will try to match it to any of those MITRE tactics. I liked that creating a workbook on MITRE business was straightforward. I also like that you can search using SQL or DQL."
"I like that it's an AI-based platform. The most valuable feature is that it's a comprehensive solution. Most tools in the marketplace are comprised of miscellaneous items. They fail to provide real-time remediation features. However, with Seceon Open Threat Management Platform, anything you can think of in cybersecurity, like auto-remediation, real-time response, and even on-premise components, is available in a single platform. So, it's perfect for finance and healthcare who don't want to share their data with a third party like the cloud. You can have this on-premise as well. So, the expenditure will be lower as less human intervention is required."
"The solution is very cost-effective compared to Splunk and LogRhythm."
"The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features."
"The algorithm used in Seceon OTM is clear and logical, categorizing events as needed. This helps us identify and respond to threats effectively."
"You can use different solutions in a single platform which is very easy and attractive for customers."
"Seceon Open Threat Management Platform notifies only genuine alerts. It offers plenty of options that are suitable for MSPs."
"We only recently started using Seceon, so we aren't taking advantage of all its features yet. We have enabled some proactive alerts about utilization and bottlenecks from high traffic."
"The solution is stable."
"The solution could improve the playbooks."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"We'd like to see more connectors."
"The solution's command line should be simpler so that routine commands can be used."
"The EBA could be improved."
"There are currently some issues with machine learning plug-ins."
"Dependency on the DNIF support team was frustrating."
"The solution should be able to connect to endpoints, such as desktops and laptops... If this solution had a smart connector to these logs- Windows, Linux, or any other logs - without affecting the performance of the connector, that would be wonderful."
"I think DNIF HYPERCLOUD can implement the ability to export more than 100,000. At the moment, we can't go beyond that. So many times, if you're checking for the firewall logs and working on something related to authentication or network-related traffic, while that log count is low, the account goes beyond that. You can't restrict the logs or the amount of data you can export. It's very important for my situation. It would be better if they could increase the capacity of exports. Although there are many more types of searching in DNIF HYPERCLOUD, people still struggle to query out what they want because not everyone is good at SQL or DQL. The easiest way to query out in DNIF is using the GUI-based interface. But in the GUI interface, you can use operator calls. It gets tricky when you want to search for a specific type of event. You don't know where it will be passed and whether it will be consistent. In the initial phase, it's tough for us to use DNIF. You cannot pass every event in a stable DNIF. When we used that particular tool, we used to get those logs, but sometimes many things are not getting passed. So, we used to export the sheet or export the data into Excel and weigh the required details. In the next release, I would like them to improve the export of the columns and make the application more user-friendly. I would also like a threat-hunting feature in the next release."
"The vendor is fairly new and it's not as big as some of the international competitors. It's not a mature product. If you ask them to move data, it might take a lot of time."
"The product could be improved by including sandboxing capabilities in the next release."
"The management console could use some enhancements."
"The product should improve the triggering rate."
"The dashboard has always been an issue."
"It is a standalone solution now. They need to make it into a cloud-based subscription model. It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft."
"We are at the client’s end, offering services. They don’t know about security rules and benchmarks. We are working on the discovery and remediation but we don’t really have the intelligence that was available while working with other tools. Human working is also very essential for the solution. The automatic session is impossible to play since it needs to touch Redfin for further analysis. No one has breached our clients."
"The SOP they provided wasn't great. They offered training over Sherp Virtualization, and the Seceon leadership visited our location to explain everything in detail, but the documentation and training could be better. It isn't as effective as it could be. There's some room for improvement there."
"For future releases, integrating incident response tools and improving communication on incident reporting could be beneficial."
More Seceon Open Threat Management Platform Pricing and Cost Advice →
DNIF HYPERCLOUD is ranked 22nd in Security Information and Event Management (SIEM) with 7 reviews while Seceon Open Threat Management Platform is ranked 25th in Security Information and Event Management (SIEM) with 10 reviews. DNIF HYPERCLOUD is rated 7.6, while Seceon Open Threat Management Platform is rated 8.4. The top reviewer of DNIF HYPERCLOUD writes "Development from open sources is very valuable but a huge infrastructure is required". On the other hand, the top reviewer of Seceon Open Threat Management Platform writes "Has the ability to categorize alerts and reporting dashboards are useful". DNIF HYPERCLOUD is most compared with IBM Security QRadar, Splunk Enterprise Security and Wazuh, whereas Seceon Open Threat Management Platform is most compared with IBM Security QRadar, Securonix Next-Gen SIEM, Fortinet FortiSIEM, Splunk Enterprise Security and Elastic Security. See our DNIF HYPERCLOUD vs. Seceon Open Threat Management Platform report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
