We performed a comparison between DFLabs IncMan SOAR and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The connectivity and analytics are great."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The vendors themselves will actually help with any customizations a client may require"
"The solution is user-friendly and easy to configure."
"The most valuable features of Palo Alto Networks Cortex XSOAR are its overall track record and features that fit our use case."
"It is a scalable solution."
"The most valuable features are the orchestration because of the way in which it coordinates the loss from all the devices and it provides us with a high-level overview of the critical log information."
"It is a scalable solution."
"The strengths of Palo Alto Networks Cortex XSOAR stem from the fact that it provides functionalities related to patching and URL blocking...It is a scalable solution."
"It is quite scalable. I would rate it a ten out of ten."
"The solution is easy to deploy."
"The product can be improved by reducing the cost to use AI machine learning."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"Sentinel's reporting is complex and can be more user-friendly."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"The support is not 24/7."
"We need a little hands-on experience to install the solution."
"The dashboard could be better."
"There should be an on-premise version available for customers to have different choices."
"Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"It's only one cloud right now. It might be helpful for some companies to have an on-premies option."
"The solution requires DV but does not support open-source DV elastic searches."
"The price of the solution could be improved."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
Earn 20 points
DFLabs IncMan SOAR is ranked 28th in Security Orchestration Automation and Response (SOAR) while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews. DFLabs IncMan SOAR is rated 0.0, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of DFLabs IncMan SOAR writes "Protects an organization from the threat of a data breach or cyberattack". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". DFLabs IncMan SOAR is most compared with IBM Resilient, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and IBM Resilient.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.