We performed a comparison between LogicHub SOAR+ and McAfee ePolicy Orchestrator based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The analytic rule is the most valuable feature."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"This solution allows us to easily investigate malicious events, system alerts etc."
"It has improved my detection coverage in areas lacking by the SIEM."
"McAfee ePolicy Orchestrator has a built-in advanced pattern, which is very useful because it can detect any pattern."
"The general endpoint protection is valuable, and it is easy to manage."
"The central manager policy means we have almost all client modules in one solution."
"Their support is really good. I would rate it a nine out of ten. I have never any issues with their support. They always reply and follow our queries on time."
"The best part is management in McAfee ePolicy Orchestrator."
"The graphical interface of the solution is its most valuable aspect."
"Technical support is very helpful."
"You have to have some experience, however, it's pretty simple to understand."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"The only thing is sometimes you can have a false positive."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"We'd like to see more connectors."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"We would like this solution to have a higher level of support for SaaS applications."
"UI coloring can be improved."
"They have to do something to make the solution more resilient or recoverable from power failure events, which may include creating their own database."
"The issues with the integration capabilities of the product, specifically the ones that are deployed on an on-premises model, need to be improved."
"McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors."
"There needs to be support for Mac computers. Currently, McAfee does not work on iOS."
"McAfee ePolicy Orchestrator could improve by supporting container microservices, such as Docker and Kubernetes."
"The installation process is quite difficult and requires technical support."
"There is a problem when it comes to agent communication and duplicate records, where the rebooting of a machine leads to the installation of a new agent and you get a lot of duplicate records that ultimately affect your compliance monitoring."
"McAfee ePolicy Orchestrator should improve its integration with other tools."
LogicHub SOAR+ is ranked 18th in Security Orchestration Automation and Response (SOAR) with 2 reviews while McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 38 reviews. LogicHub SOAR+ is rated 9.6, while McAfee ePolicy Orchestrator is rated 8.0. The top reviewer of LogicHub SOAR+ writes "Integrated with hundreds of tools, analyzes data automatically, and has few false positives". On the other hand, the top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". LogicHub SOAR+ is most compared with , whereas McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Symantec Data Loss Prevention, Zscaler DLP, Forcepoint Data Loss Prevention and Trend Micro Integrated Data Loss Prevention. See our LogicHub SOAR+ vs. McAfee ePolicy Orchestrator report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.