Trellix ESM and Sumo Logic Security cater to different aspects of security management. Trellix ESM has an edge in customization and flexibility, but Sumo Logic Security is superior in ease of use and advanced analytics.
Features: Trellix ESM offers robust threat detection, comprehensive reporting, and deep customization options. Sumo Logic Security provides powerful log management, real-time monitoring, and intuitive dashboards.
Room for Improvement: Trellix ESM users note the complexity, steep learning curve, and need for better user-friendliness. Sumo Logic Security users desire better integration with third-party apps, improved documentation, and enhanced customer support responsiveness.
Ease of Deployment and Customer Service: Trellix ESM’s deployment is time-consuming but has responsive customer service. Sumo Logic Security offers quicker deployment with minimal fuss but has mixed reviews about customer support.
Pricing and ROI: Trellix ESM has high initial setup costs but significant ROI due to its extensive capabilities. Sumo Logic Security has more affordable setup costs and provides commendable ROI despite some recurring fees.
They have a response time of forty-eight hours, which is not instant support.
I would rate support for Trellix ESM 10 out of 10 because if we connect with the support in the UK, we get excellent support.
It's rare for me to need them unless it's an issue with licensing, and they are the best in that regard.
The tool has high scalability because everything is based in the cloud.
Scalability is quite easier with Trellix ESM, because all we need to do is add more receivers to it, so it can go to any point.
If there are many records, the system may stop or the UI may become unresponsive.
This is crucial to sell to the government and financial sectors as they require data retention within each country.
The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk.
If there is any device which is not covered, there should not be any additional charges for writing the custom parsers on that.
This makes it more cost-effective because other solutions often include a third element in their pricing.
If we cannot find the data in other tools, like email security or NDR, we can fetch those logs in the Log Analytics platform of Sumo Logic.
Sumo Logic Security offers a single dashboard and customization, which are the most valuable features.
In case of other ESM solutions, there are no parsers required, and almost every device is covered within the license, so there is no hidden cost as custom parsers.
Sumo Logic
Sumo Logic is a cloud-based machine data analytics company focusing on security, operations, and BI use cases. It provides log management and analytics services that leverage machine-generated big data to deliver real-time IT insights.
Sumo Logic is developed as a SaaS solution, it processes and analyzes large quantities of IT infrastructure data, spotting patterns and anomalies that can indicate a potential threat or significant event.
The platform is designed to help IT, security, and business operations teams develop, manage, and secure their applications and cloud infrastructures. It collects, aggregates, and analyzes data from various sources including servers, virtual machines, and network devices, providing visibility into complex systems.
What are the key features of Sumo Logic?
Real-time Analytics: Continuous queries and live dashboards that provide insights into application performance, user behavior, and security threats.
Advanced Machine Learning: Utilizes machine learning algorithms to identify trends, anomalies, and patterns.
Integrated Threat Intelligence: Tools and workflows to enhance security postures by detecting threats and anomalies.
Multi-tenant Cloud Service: Allows users to operate in a shared cloud environment securely.
The solution aims to simplify data complexity, streamline operations, and provide actionable insights to businesses across various industries.
Sumo Logic is designed to handle high data volumes from multiple sources without diminishing performance. It is primarily deployed in the cloud with seamless integrations for AWS, Google Cloud, and Microsoft Azure. This flexibility allows users to leverage Sumo Logic’s capabilities regardless of their existing cloud infrastructure.
In summary, Sumo Logic is a comprehensive, AI-driven analytics solution ideal for businesses looking to enhance their IT and security operations through data-driven insights and real-time monitoring. Its flexible deployment options and scalable pricing model make it accessible for various business sizes and sectors.
Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
