We performed a comparison between IBM Watson for Cyber Security and Sumo Logic Security based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The customer support is very good."
"The most valuable feature of this product is innovation, where the research and upgrading of technology never ends."
"The most valuable features of IBM Watson for Cyber Security are ease of use and out-of-the-box reports and compliance policies. Additionally, if there are aspects that are missing IBM add them in the next release."
"IBM Watson for Cyber Security is very stable."
"We can integrate threat intelligence solutions into the product."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"We'd like to see more connectors."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The playbook is a bit difficult and could be improved."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"They need to continue to build the AI capabilities."
"The dashboard could improve in IBM Watson for Cyber Security."
"This is an expensive product, so making it more cost-effective would be an improvement."
"In the future, I would like to see threat intelligence included."
"Sumo Logic needs to make sure integrating solutions are seamless."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"There are some API gaps that are missing."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"The solution should improve its UI."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"We would like the ability to drill down into a dashboard and get into deeper levels."
More IBM Watson for Cyber Security Pricing and Cost Advice →
IBM Watson for Cyber Security is ranked 45th in Security Information and Event Management (SIEM) with 4 reviews while Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews. IBM Watson for Cyber Security is rated 8.0, while Sumo Logic Security is rated 8.6. The top reviewer of IBM Watson for Cyber Security writes "An innovative and stable product that is well maintained and always up-to-date". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". IBM Watson for Cyber Security is most compared with IBM Security QRadar, Splunk Enterprise Security and i-SIEM, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar.
See our list of best Security Information and Event Management (SIEM) vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
