Sumo Logic Security vs ThreatQ Comparison 2024

Sponsored

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews

17,715 views|9,994 comparisons

Sumo Logic Security

Read 18 Sumo Logic Security reviews

875 views|571 comparisons

ThreatQ

Read 2 ThreatQ reviews

520 views|378 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Security Orchestration Automation and Response (SOAR)

May 2024

Executive Summary

We performed a comparison between Sumo Logic Security and ThreatQ based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR).

To learn more, read our detailed Security Orchestration Automation and Response (SOAR) Report (Updated: May 2024).

Download the complete report

771,157 professionals have used our research since 2012.

Featured Review

Hari Shankar

IT Architect at a real estate/law firm

It's a plug-and-play solution, so you can start seeing benefits quickly using the out-of-the-box analytics rules and...

Sentinel has reduced our mean time to resolution, one of our KPIs, by about 30 to 40 percent and enabled us to identify vulnerabilities faster. The... Read more →

Varaprasad

Senior Technical Lead

Easy to use, simple to learn, and offers real-time observability

The solution has been very critical for monitoring.

Anonymous User

Threat Intelligence Lead at a tech services company

Improves the threat intelligence gathering process, but it is not user-friendly

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information.""The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources.""Microsoft Sentinel comes preloaded with templates for teaching and analytics rules.""We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility.""The UI of Sentinel is very good and easy to use, even for beginners.""Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing""Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually.""Sentinel pricing is good"

More Microsoft Sentinel Pros →

"The solution is quite stable.""With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help.""We have used it many times to find a root cause of a live issue, then fix the problem in the applications.""The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs.""It helps a lot because we can troubleshoot issues pretty easily.""We can integrate threat intelligence solutions into the product.""The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI.""For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."

More Sumo Logic Security Pros →

"The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious.""Integrating the solution with our existing security tools and workflows was easy."

More ThreatQ Pros →

Cons

"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to.""We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers.""They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome.""The troubleshooting has room for improvement.""There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework.""I would like to see more AI used in processes.""The reporting could be more structured.""Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."

More Microsoft Sentinel Cons →

"There are some API gaps that are missing.""The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial.""It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement.""There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries.""The solution should improve its UI.""Sumo Logic needs to make sure integrating solutions are seamless.""The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems.""If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."

More Sumo Logic Security Cons →

"The solution should be simpler for the end-user in terms of reporting and navigating the product.""The tool is not user-friendly."

More ThreatQ Cons →

Pricing and Cost Advice

"It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."

"It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"

"Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."

"I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."

"It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."

"I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."

"Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."

"Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

More Microsoft Sentinel Pricing and Cost Advice →

"Purchasing Sumo Logic through the AWS Marketplace was a simple step."

"Purchasing the solution through the AWS Marketplace is very easy."

"We chose to go through the AWS Marketplace because it makes it a lot easier when we bill our customers. Rather than having to get multiple different sources of information then correlate a monthly bill for our customers, it is just included in the AWS usage charges."

"The AWS Marketplace pricing is fairly reasonable for what it does. I wouldn't call it expensive, but I wouldn't call it cheap. It is pretty good."

"The only limit to the scalability of the product for us is how much we are willing to pay."

"The price scaling comes in a bit expensive."

"Pricing has been cheaper than some of the competing tools, like Splunk."

"If we went to ELK Stack, which is open source, it would have been less costly, but it would have required more development from our side."

More Sumo Logic Security Pricing and Cost Advice →

Information Not Available

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.

See Recommendations

771,157 professionals have used our research since 2012.

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threa...

Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »

Read all 10 answers →

What is a better choice, Splunk or Azure Sentinel?

Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »

Which is better - Azure Sentinel or AWS Security Hub?

Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »

Read all 2 answers →

What do you like most about Sumo Logic Security?

Top Answer:Sumo Logic Security is a good solution for searching the logs and identifying the issues.

Read all 16 answers →

What is your experience regarding pricing and costs for Sumo Logic Security?

Top Answer:Storing logs in Sumo Logic Security is charged GB-wise, which is a little higher than other products.

Read all 13 answers →

What needs improvement with Sumo Logic Security?

Top Answer:Sumo Logic Security is expensive, and its pricing could be improved.

Read all 16 answers →

What do you like most about ThreatQ?

Top Answer:Integrating the solution with our existing security tools and workflows was easy.

Read all 2 answers →

What needs improvement with ThreatQ?

Top Answer:The tool is not user-friendly. It is not beginner-friendly. It would be very difficult for a beginner to learn the tool… more »

Read all 2 answers →

What is your primary use case for ThreatQ?

Top Answer:We used the solution for threat mapping and managing IoCs.

Read all 2 answers →

Comparisons

AWS Security Hub vs. Microsoft Sentinel

Compared 17% of the time.

IBM Security QRadar vs. Microsoft Sentinel

Compared 12% of the time.

Splunk Enterprise Security vs. Microsoft Sentinel

Compared 6% of the time.

Microsoft Defender for Cloud vs. Microsoft Sentinel

Compared 6% of the time.

Elastic Security vs. Microsoft Sentinel

Compared 5% of the time.

More Microsoft Sentinel Competitors →

Wazuh vs. Sumo Logic Security

Compared 11% of the time.

Rapid7 InsightIDR vs. Sumo Logic Security

Compared 10% of the time.

Splunk Enterprise Security vs. Sumo Logic Security

Compared 9% of the time.

VMware Aria Operations for Logs vs. Sumo Logic Security

Compared 7% of the time.

Grafana Loki vs. Sumo Logic Security

Compared 6% of the time.

More Sumo Logic Security Competitors →

ThreatConnect Threat Intelligence Platform (TIP) vs. ThreatQ

Compared 40% of the time.

Anomali ThreatStream vs. ThreatQ

Compared 34% of the time.

Recorded Future vs. ThreatQ

Compared 20% of the time.

Palo Alto Networks Cortex XSOAR vs. ThreatQ

Compared 6% of the time.

More ThreatQ Competitors →

Also Known As

Azure Sentinel

Learn More

Microsoft

Sumo Logic

ThreatQuotient

Video Not Available

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Sumo Logic

Sumo Logic is a cloud-based machine data analytics company focusing on security, operations, and BI use cases. It provides log management and analytics services that leverage machine-generated big data to deliver real-time IT insights.

Sumo Logic is developed as a SaaS solution, it processes and analyzes large quantities of IT infrastructure data, spotting patterns and anomalies that can indicate a potential threat or significant event.

The platform is designed to help IT, security, and business operations teams develop, manage, and secure their applications and cloud infrastructures. It collects, aggregates, and analyzes data from various sources including servers, virtual machines, and network devices, providing visibility into complex systems.

What are the key features of Sumo Logic?

Real-time Analytics: Continuous queries and live dashboards that provide insights into application performance, user behavior, and security threats.
Advanced Machine Learning: Utilizes machine learning algorithms to identify trends, anomalies, and patterns.
Integrated Threat Intelligence: Tools and workflows to enhance security postures by detecting threats and anomalies.
Multi-tenant Cloud Service: Allows users to operate in a shared cloud environment securely.

The solution aims to simplify data complexity, streamline operations, and provide actionable insights to businesses across various industries.

Sumo Logic is designed to handle high data volumes from multiple sources without diminishing performance. It is primarily deployed in the cloud with seamless integrations for AWS, Google Cloud, and Microsoft Azure. This flexibility allows users to leverage Sumo Logic’s capabilities regardless of their existing cloud infrastructure.

In summary, Sumo Logic is a comprehensive, AI-driven analytics solution ideal for businesses looking to enhance their IT and security operations through data-driven insights and real-time monitoring. Its flexible deployment options and scalable pricing model make it accessible for various business sizes and sectors.

ThreatQ is a Threat Intelligence Platform (TIP) designed to enable threat operations and management. ThreatQ is the only solution with an integrated Threat Library, Adaptive Workbench and Open Exchange that help you to act upon the most relevant threats facing your organization and to get more out of your existing security infrastructure.

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.

Radar, Bitdefender, Crowdstrike, FireEye, IBM Security

Top Industries

REVIEWERS

Financial Services Firm22%

Computer Software Company11%

Comms Service Provider8%

Manufacturing Company8%

VISITORS READING REVIEWS

Computer Software Company16%

Financial Services Firm10%

Government9%

Manufacturing Company7%

REVIEWERS

Financial Services Firm30%

Media Company20%

Retailer10%

Transportation Company10%

VISITORS READING REVIEWS

Computer Software Company15%

Financial Services Firm11%

Government9%

Manufacturing Company8%

VISITORS READING REVIEWS

Financial Services Firm21%

Computer Software Company14%

Government9%

Educational Organization9%

Company Size

REVIEWERS

Small Business33%

Midsize Enterprise21%

Large Enterprise47%

VISITORS READING REVIEWS

Small Business25%

Midsize Enterprise16%

Large Enterprise59%

REVIEWERS

Small Business26%

Midsize Enterprise11%

Large Enterprise63%

VISITORS READING REVIEWS

Small Business25%

Midsize Enterprise16%

Large Enterprise58%

VISITORS READING REVIEWS

Small Business15%

Midsize Enterprise9%

Large Enterprise76%

Buyer's Guide

Security Orchestration Automation and Response (SOAR)

May 2024

Download Free Report

Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR). Updated: May 2024.

DOWNLOAD NOW

771,157 professionals have used our research since 2012.

Sumo Logic Security is ranked 11th in Security Orchestration Automation and Response (SOAR) with 18 reviews while ThreatQ is ranked 23rd in Security Orchestration Automation and Response (SOAR) with 2 reviews. Sumo Logic Security is rated 8.6, while ThreatQ is rated 7.0. The top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". On the other hand, the top reviewer of ThreatQ writes "Improves the threat intelligence gathering process, but it is not user-friendly". Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and Grafana Loki, whereas ThreatQ is most compared with ThreatConnect Threat Intelligence Platform (TIP), Anomali ThreatStream, Recorded Future and Palo Alto Networks Cortex XSOAR.

See our list of best Security Orchestration Automation and Response (SOAR) vendors and best Security Information and Event Management (SIEM) vendors.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sumo Logic Security vs ThreatQ comparison