We performed a comparison between Seceon Open Threat Management Platform and Trellix Helix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"Free ingestion for Azure logs (with E5 licence)"
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The algorithm used in Seceon OTM is clear and logical, categorizing events as needed. This helps us identify and respond to threats effectively."
"The most valuable features are behaviour analytics, threat intelligence, endpoint detection, and response features."
"You can use different solutions in a single platform which is very easy and attractive for customers."
"We only recently started using Seceon, so we aren't taking advantage of all its features yet. We have enabled some proactive alerts about utilization and bottlenecks from high traffic."
"I like that it's an AI-based platform. The most valuable feature is that it's a comprehensive solution. Most tools in the marketplace are comprised of miscellaneous items. They fail to provide real-time remediation features. However, with Seceon Open Threat Management Platform, anything you can think of in cybersecurity, like auto-remediation, real-time response, and even on-premise components, is available in a single platform. So, it's perfect for finance and healthcare who don't want to share their data with a third party like the cloud. You can have this on-premise as well. So, the expenditure will be lower as less human intervention is required."
"Seceon Open Threat Management Platform notifies only genuine alerts. It offers plenty of options that are suitable for MSPs."
"The solution is very cost-effective compared to Splunk and LogRhythm."
"The solution is stable."
"The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform."
"I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good."
"Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks."
"The most valuable features include predefined use cases and threatening states."
"It is kind of simple and very easily deployable. You can start working with it very fast."
"FireEye Helix's best features are its speed and use of an easy-to-understand language to send queries to the raw logs."
"The integration is very useful and very easy. You can have an API connection with any cloud and I'll be able to do both ways of communication with the help of APA."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"The on-prem log sources still require a lot of development."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"The SOP they provided wasn't great. They offered training over Sherp Virtualization, and the Seceon leadership visited our location to explain everything in detail, but the documentation and training could be better. It isn't as effective as it could be. There's some room for improvement there."
"The product should improve the triggering rate."
"It would be better if they offered global coverage."
"The product could be improved by including sandboxing capabilities in the next release."
"The management console could use some enhancements."
"We are at the client’s end, offering services. They don’t know about security rules and benchmarks. We are working on the discovery and remediation but we don’t really have the intelligence that was available while working with other tools. Human working is also very essential for the solution. The automatic session is impossible to play since it needs to touch Redfin for further analysis. No one has breached our clients."
"The dashboard has always been an issue."
"For future releases, integrating incident response tools and improving communication on incident reporting could be beneficial."
"It should have more cloud connectors. It could also be cheaper."
"Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing."
"The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution."
"Trellix Helix's configuration and learning could be improved to identify normal traffic from abnormal and to identify trusted domains."
"We have certain challenges with integrating the SOAR platform with multiple vendors."
"Integrations could be improved, and the dashboard could be a little better."
"FireEye Helix would be improved with the option of an on-prem version, which they don't currently offer."
More Seceon Open Threat Management Platform Pricing and Cost Advice →
Seceon Open Threat Management Platform is ranked 21st in Security Information and Event Management (SIEM) with 10 reviews while Trellix Helix is ranked 31st in Security Information and Event Management (SIEM) with 7 reviews. Seceon Open Threat Management Platform is rated 8.4, while Trellix Helix is rated 8.6. The top reviewer of Seceon Open Threat Management Platform writes "Has the ability to categorize alerts and reporting dashboards are useful". On the other hand, the top reviewer of Trellix Helix writes "Helps prevent email attacks, like phishing and email spoofing attacks". Seceon Open Threat Management Platform is most compared with IBM Security QRadar, Securonix Next-Gen SIEM, Fortinet FortiSIEM, Splunk Enterprise Security and LogRhythm SIEM, whereas Trellix Helix is most compared with LogRhythm SIEM, Splunk Enterprise Security, Trellix ESM, IBM Security QRadar and USM Anywhere. See our Seceon Open Threat Management Platform vs. Trellix Helix report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.