We performed a comparison between Exabeam Fusion SIEM and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The automation feature is valuable."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"Sentinel pricing is good"
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"The setup is not difficult. It was easy."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"Timeline based analysis; good platform support"
"It's a very user-friendly product and it's a very comprehensive technology."
"The most valuable feature is automation."
"It is a scalable solution."
"It is a scalable solution."
"They have a portal where you can find any kind of integration that you need."
"The product is quite easy to use."
"I have found the solution very useful, it integrates well with other platforms."
"The most valuable features are the orchestration because of the way in which it coordinates the loss from all the devices and it provides us with a high-level overview of the critical log information."
"The most valuable features are simplicity and ease of integration."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"The on-prem log sources still require a lot of development."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"The solution should allow for a streamlined CI/CD procedure."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"I believe if it were more flexible it would be a better product."
"They should provide detailed information about detecting phishing emails."
"The only problem is that the UI is not very impressive."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"We still have questions surrounding hardware deployment."
"It is been decommissioned by Palo Alto."
"XSOAR could have more integration options."
"It's only one cloud right now. It might be helpful for some companies to have an on-premies option."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"Palo Alto Networks Cortex XSOAR could improve the look, feel, and management of the cloud console. Additionally, the user could be more easily integrated."
"I would love to see more flexibility on what we can display and design on the dashboards."
"There should be an on-premise version available for customers to have different choices."
"With Palo Alto Networks Cortex XSOAR, managing its setup phase can be a complicated task."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
Exabeam Fusion SIEM is ranked 12th in Security Orchestration Automation and Response (SOAR) with 10 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews. Exabeam Fusion SIEM is rated 8.0, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". Exabeam Fusion SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Splunk User Behavior Analytics, Gurucul UEBA and Cortex XSIAM, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and ThreatConnect Threat Intelligence Platform (TIP). See our Exabeam Fusion SIEM vs. Palo Alto Networks Cortex XSOAR report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.