We performed a comparison between D3 Security and ServiceNow Security Operations based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The analytic rule is the most valuable feature."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"We have no complaints about the features or functionality."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The UI-based analytics are excellent."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The initial setup is very simple and straightforward."
"It is an out-of-the-box automated integration with our 20 departments. We perform L1 LiveOps automatically through the portal."
"The solution's valuable feature is its GUI. It has more than 450 connectors, which are excellent for connecting devices and automating integration. The solution has all the features we need. We deployed it in our environment, and it's fully integrated. Thanks to their open APIs, the seamless integration makes everything work well together."
"My favorite feature is the application vulnerability scanner."
"Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."
"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."
"The solution is available over the cloud and is easy to manage."
"We refer to the setup and installation guide provided by ServiceNow. They have good documentation, which makes it easier to handle the process."
"It's stable."
"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."
"It has helped optimize security costs by consolidating multiple tools into one platform."
"We'd like also a better ticketing system, which is older."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"The solution could be more user-friendly; some query languages are required to operate it."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The reporting, especially custom reporting, needs to be improved. Additionally, it would be better if it could be hosted on Linux."
"Reporting needs improvement. MTTR and MTTD metrics aren't directly available in playbooks and require manual effort to achieve."
"The threat intelligence module needs a better dashboard."
"There is room for improvement in terms of developer support and documentation."
"Process framework and best practices for ease of integration between IT and security teams via incident, problem, and change."
"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."
"It doesn't interact with things very well."
"Customer awareness and understanding of ServiceNow's SecOps capabilities could be improved."
"The product is called SecOps, but it is not security operations in terms of SIEM solutions."
"The initial setup is difficult."
More ServiceNow Security Operations Pricing and Cost Advice →
D3 Security is ranked 8th in Security Incident Response with 2 reviews while ServiceNow Security Operations is ranked 3rd in Security Incident Response with 15 reviews. D3 Security is rated 9.0, while ServiceNow Security Operations is rated 8.0. The top reviewer of D3 Security writes "Offers open API for integrating any available tools without any recurring costs". On the other hand, the top reviewer of ServiceNow Security Operations writes "Mature with nice UI and customizable workflows". D3 Security is most compared with Palo Alto Networks Cortex XSOAR, Fortinet FortiSOAR and Splunk SOAR, whereas ServiceNow Security Operations is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, IBM Resilient, Swimlane and Fortinet FortiSOAR. See our D3 Security vs. ServiceNow Security Operations report.
See our list of best Security Incident Response vendors and best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.