We performed a comparison between LogicHub SOAR+ and ServiceNow Security Operations based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"This solution allows us to easily investigate malicious events, system alerts etc."
"It has improved my detection coverage in areas lacking by the SIEM."
"My favorite feature is the application vulnerability scanner."
"Reduces time to closure and closure metrics for vulnerabilities."
"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."
"The "follow" feature is really good. If the user is not responding, there's an option to "follow". Just click on the button, and it will automatically trigger an email to the end user."
"The product has a very simple UI."
"The solution is stable."
"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."
"It's stable."
"The troubleshooting has room for improvement."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"The reporting could be more structured."
"We would like this solution to have a higher level of support for SaaS applications."
"UI coloring can be improved."
"We'd like customization to be easier in terms of the UI and using the dashboards."
"They should stick to the roadmap and continue to build plugins and integrations with other third parties, enhance the UI, and enhance the reporting. It's all good. They should just continue enhancing the releases."
"There is room for improvement in terms of developer support and documentation."
"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."
"It doesn't interact with things very well."
"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."
"The threat intelligence module needs a better dashboard."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
More ServiceNow Security Operations Pricing and Cost Advice →
LogicHub SOAR+ is ranked 18th in Security Orchestration Automation and Response (SOAR) with 2 reviews while ServiceNow Security Operations is ranked 8th in Security Orchestration Automation and Response (SOAR) with 14 reviews. LogicHub SOAR+ is rated 9.6, while ServiceNow Security Operations is rated 8.0. The top reviewer of LogicHub SOAR+ writes "Integrated with hundreds of tools, analyzes data automatically, and has few false positives". On the other hand, the top reviewer of ServiceNow Security Operations writes "Mature with nice UI and customizable workflows". LogicHub SOAR+ is most compared with , whereas ServiceNow Security Operations is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, IBM Resilient, Swimlane and Fortinet FortiSOAR. See our LogicHub SOAR+ vs. ServiceNow Security Operations report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
