We performed a comparison between NNT Log Tracker Enterprise and Trellix ESM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The pricing of the product is excellent."
"The features that stand out are the detection engine and its integration with multiple data sources."
"The initial setup is very simple and straightforward."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"This is a very easy-to-use interface with a quick ramp-up time."
"The most valuable feature is the predefined reports for PCI compliance."
"The FIM features in the Change Tracker and the Log Tracker are the most valuable."
"File integrity monitoring is a very important function."
"The ease of use is the most valuable feature. Over the years I have always been using this solution and have become comfortable with it."
"McAfee as a whole is a good solution."
"The most valuable feature is the capability to correlate different events from different platforms that we feed into it."
"The product’s most valuable feature is log monitoring."
"It is a good central viewpoint for issues. These can then be investigated in more detail on the subnet server(s)/endpoints."
"It enables us to detect malicious threats, issues, or vulnerabilities in our network."
"The support I have received from the vendor has been great."
"The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"I would like to see more AI used in processes."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"The solution could improve the playbooks."
"Sentinel's reporting is complex and can be more user-friendly."
"The solution could be more user-friendly; some query languages are required to operate it."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it."
"It is able to identify the vulnerability, however, they need an option to auto-mitigate."
"The correlation suite needs to be improved."
"Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet."
"The user interface could be more user-friendly."
"Tech support is required each time there is a system update of the solution."
"It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."
"We would welcome integrations with some of the new McAfee acquisitions, e.g., behavioural analytics."
"I would like to see improvements to the user interface."
"The support from McAfee ESM could improve. They could improve the speed."
"The only issue I have with McAfee is the amount of computer resources that it takes... it's definitely impacting some of the other applications that are running on a computer at the same time."
"I would like to see good analytics in future releases."
NNT Log Tracker Enterprise is ranked 42nd in Security Information and Event Management (SIEM) with 4 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. NNT Log Tracker Enterprise is rated 8.2, while Trellix ESM is rated 7.4. The top reviewer of NNT Log Tracker Enterprise writes "Great for PCI compliance but issues with stability and large amounts of data". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". NNT Log Tracker Enterprise is most compared with Cybereason Endpoint Detection & Response, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Cybereason Endpoint Detection & Response.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.