We performed a comparison between Logsign Next-Gen SIEM and Trellix Helix based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The initial setup is very simple and straightforward."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The UI-based analytics are excellent."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats."
"I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good."
"The most valuable features include predefined use cases and threatening states."
"It is kind of simple and very easily deployable. You can start working with it very fast."
"The integration is very useful and very easy. You can have an API connection with any cloud and I'll be able to do both ways of communication with the help of APA."
"Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks."
"FireEye Helix's best features are its speed and use of an easy-to-understand language to send queries to the raw logs."
"The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"The reporting could be more structured."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"We'd like to see more connectors."
"I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts."
"Trellix Helix's configuration and learning could be improved to identify normal traffic from abnormal and to identify trusted domains."
"Integrations could be improved, and the dashboard could be a little better."
"Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing."
"It should have more cloud connectors. It could also be cheaper."
"The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution."
"We have certain challenges with integrating the SOAR platform with multiple vendors."
"FireEye Helix would be improved with the option of an on-prem version, which they don't currently offer."
Logsign Next-Gen SIEM is ranked 39th in Security Information and Event Management (SIEM) with 2 reviews while Trellix Helix is ranked 32nd in Security Information and Event Management (SIEM) with 7 reviews. Logsign Next-Gen SIEM is rated 7.6, while Trellix Helix is rated 8.6. The top reviewer of Logsign Next-Gen SIEM writes "Easy to use and find the features that you need". On the other hand, the top reviewer of Trellix Helix writes "Helps prevent email attacks, like phishing and email spoofing attacks". Logsign Next-Gen SIEM is most compared with Grafana Loki, Wazuh, IBM Security QRadar, ManageEngine EventLog Analyzer and Splunk Enterprise Security, whereas Trellix Helix is most compared with LogRhythm SIEM, Splunk Enterprise Security, Trellix ESM, IBM Security QRadar and USM Anywhere.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.