We performed a comparison between ServiceNow Security Operations and Tines based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The Log analytics are useful."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The solution is available over the cloud and is easy to manage."
"Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."
"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."
"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."
"We refer to the setup and installation guide provided by ServiceNow. They have good documentation, which makes it easier to handle the process."
"The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."
"Reduces time to closure and closure metrics for vulnerabilities."
"The "follow" feature is really good. If the user is not responding, there's an option to "follow". Just click on the button, and it will automatically trigger an email to the end user."
"The tool was vendor-neutral."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"I think the number one area of improvement for Sentinel would be the cost."
"Sentinel's reporting is complex and can be more user-friendly."
"We'd like to see more connectors."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"One key area that can be improved is by building a strong integration with our XDR platform."
"It doesn't interact with things very well."
"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."
"It's very slow. When you click a button or update a field, it takes forever to actually react."
"Process framework and best practices for ease of integration between IT and security teams via incident, problem, and change."
"An area for improvement I observed in ServiceNow Security Operations is the need to maintain correct CMDB data because if you're unable to do this, you can't perfectly maintain the vulnerability data. CMDB data in ServiceNow Security Operations needs to be accurate. As I've been working on ServiceNow Security Operations for only seven months, I still need more time to try all its modules before I can give recommendations regarding additional features I'd like to see in the solution."
"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."
"The initial setup is difficult."
"Customer awareness and understanding of ServiceNow's SecOps capabilities could be improved."
"Tines was a little bit more expensive than Torq."
More ServiceNow Security Operations Pricing and Cost Advice →
Earn 20 points
ServiceNow Security Operations is ranked 8th in Security Orchestration Automation and Response (SOAR) with 15 reviews while Tines is ranked 24th in Security Orchestration Automation and Response (SOAR) with 1 review. ServiceNow Security Operations is rated 8.0, while Tines is rated 8.0. The top reviewer of ServiceNow Security Operations writes "Mature with nice UI and customizable workflows". On the other hand, the top reviewer of Tines writes "Vendor-neutral, increases response time, and enables to reduce staff by 30%". ServiceNow Security Operations is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, IBM Resilient, Swimlane and Exabeam Fusion SIEM, whereas Tines is most compared with Torq, Palo Alto Networks Cortex XSOAR, Splunk SOAR and Swimlane.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.