We performed a comparison between Exabeam Fusion SIEM and McAfee ePolicy Orchestrator based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI of Sentinel is very good and easy to use, even for beginners."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"Free ingestion for Azure logs (with E5 licence)"
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The main benefit is the ease of integration."
"The automation feature is valuable."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"It's a very user-friendly product and it's a very comprehensive technology."
"The advanced analytics has a really great overview of user behavior."
"Timeline based analysis; good platform support"
"I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
"The central management console is the solution's most valuable aspect."
"McAfee is helping us to clean all of the viruses from the machines, protecting our desktops from the latest threats."
"You have to have some experience, however, it's pretty simple to understand."
"It is a scalable solution...I rate its scalability a nine out of ten."
"What I like the most is the ability to manage centrally, to manage the various devices, the platform, and the endpoint, all from one console."
"Application control and traffic encryption are the most valuable features."
"I really like the auditing component because it really looks at exactly what has happened on the network."
"The general endpoint protection is valuable, and it is easy to manage."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"There is room for improvement in entity behavior and the integration site."
"The on-prem log sources still require a lot of development."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"We still have questions surrounding hardware deployment."
"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"The only problem is that the UI is not very impressive."
"I believe if it were more flexible it would be a better product."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"They should provide detailed information about detecting phishing emails."
"McAfee ePolicy Orchestrator could improve by supporting container microservices, such as Docker and Kubernetes."
"The issues with the integration capabilities of the product, specifically the ones that are deployed on an on-premises model, need to be improved."
"While there are bugs and a few functionality issues, it is just a matter of raising them with the support team. However, support is part of the problem as well. You want everything to be seamless in a perfect world, but the support is spread across different countries. They have Level 1, 2, and 3. Level 1 is most likely in a developing country. They don't provide the best service."
"McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors."
"They have to do something to make the solution more resilient or recoverable from power failure events, which may include creating their own database."
"McAfee should improve in terms of customer support and assigning a knowledgeable TAM to customers."
"The Virtual Patching feature needs to be improved."
"We need to consolidate multiple features into one console. It would be beneficial to have all the important features on a single platform."
Exabeam Fusion SIEM is ranked 11th in Security Orchestration Automation and Response (SOAR) with 10 reviews while McAfee ePolicy Orchestrator is ranked 8th in Security Orchestration Automation and Response (SOAR) with 38 reviews. Exabeam Fusion SIEM is rated 8.0, while McAfee ePolicy Orchestrator is rated 8.0. The top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". On the other hand, the top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". Exabeam Fusion SIEM is most compared with IBM Security QRadar, Palo Alto Networks Cortex XSOAR, Splunk Enterprise Security, Splunk User Behavior Analytics and Gurucul UEBA, whereas McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Symantec Data Loss Prevention, Forcepoint Data Loss Prevention, Zscaler Cloud DLP and Elastic Security. See our Exabeam Fusion SIEM vs. McAfee ePolicy Orchestrator report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.