We performed a comparison between LogicHub SOAR+ and ThreatQ based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The pricing of the product is excellent."
"Log aggregation and data connectors are the most valuable features."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"It has improved my detection coverage in areas lacking by the SIEM."
"This solution allows us to easily investigate malicious events, system alerts etc."
"Integrating the solution with our existing security tools and workflows was easy."
"The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"There is room for improvement in entity behavior and the integration site."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"The AI capabilities must be improved."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"We would like this solution to have a higher level of support for SaaS applications."
"UI coloring can be improved."
"The tool is not user-friendly."
"The solution should be simpler for the end-user in terms of reporting and navigating the product."
LogicHub SOAR+ is ranked 18th in Security Orchestration Automation and Response (SOAR) with 2 reviews while ThreatQ is ranked 23rd in Security Orchestration Automation and Response (SOAR) with 2 reviews. LogicHub SOAR+ is rated 9.6, while ThreatQ is rated 7.0. The top reviewer of LogicHub SOAR+ writes "Integrated with hundreds of tools, analyzes data automatically, and has few false positives". On the other hand, the top reviewer of ThreatQ writes "Improves the threat intelligence gathering process, but it is not user-friendly". LogicHub SOAR+ is most compared with , whereas ThreatQ is most compared with ThreatConnect Threat Intelligence Platform (TIP), Anomali ThreatStream, Recorded Future and Palo Alto Networks Cortex XSOAR.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
