Logpoint and Splunk SOAR are leading products in security operations automation, each serving different enterprise needs. Splunk SOAR generally has the advantage due to its extensive automation and integration capabilities, which offer superior customization and scalability.
Features: Logpoint is noted for its quick deployment, cost-effectiveness, and the integration of SIEM and SOAR functionalities. Its flexible log management and advanced correlation engine are standout features. Splunk SOAR, in contrast, provides robust automation and integration capabilities, allowing for customizable playbooks and seamless integration with various systems, which significantly enhances security operations' scalability and speed.
Room for Improvement: Logpoint's documentation and integration with third-party solutions need enhancement. There are calls for better user interface design and more efficient identification of modern threats such as ransomware. It lacks a cloud-native architecture, limiting flexibility. Splunk SOAR could improve its integration with Microsoft products and user interface. Users seek more granular customization and an improved playbook development environment, along with better API documentation for user support.
Ease of Deployment and Customer Service: Logpoint primarily offers on-premises deployment, potentially limiting flexibility compared to Splunk SOAR, which supports both on-premises and cloud deployment. Logpoint is commended for responsive customer service, though there are occasional issues with technical support. Splunk SOAR, while competent, can be slow in complex situations. Both face support infrastructure limitations, but Splunk SOAR’s broader deployment options make it adaptable to diverse IT environments.
Pricing and ROI: Logpoint’s fixed-cost pricing model appeals to those prioritizing cost efficiency and transparency, offering good ROI focused on compliance and efficiency. Splunk SOAR, considered pricier due to consumption and user-based licensing, can be costly for large deployments. Despite higher costs, its robust automation offers strong returns, providing good value for businesses reliant on automated workflows.
We've seen a decrease in false positives and a significant increase in our containment.
The technical support for Logpoint is very good, and I would rate it as nine out of ten.
Logpoint's customer support is not sufficient with only one engineer in the US.
Discovering different troubleshooting methods is harder to do with Splunk SOAR than with Enterprise Security or other Splunk services.
Splunk's technical support is very good and generally not needed often due to the stable environment.
It is web-based and accommodates the expansion of our organization.
Logpoint is scalable and capable of expanding.
It can be extended and adapted as necessary.
Splunk SOAR has the ability to scale quite significantly.
I have received reports indicating glitches and downtimes with Logpoint.
We have not experienced any downtime, crashes, or performance issues.
Splunk SOAR provides a stable environment and technology.
Dealing with foreign entities for support was a challenge, leading us to switch providers due to lack of adequate support.
Logpoint needs to be cloud-native, as currently, it is not.
Although it enhances alert handling, it still has a journey to compete with Palo Alto SOAR and FortiSOAR.
Splunk's Unified Platform does help consolidate networking security and IT observability tools.
To make Splunk SOAR a better solution, there could be better built-in debugging tools, smarter playbook suggestions, and enhanced lifecycle management.
I rate the pricing at eight, suggesting it's relatively good or affordable.
Splunk SOAR is moderately priced, neither cheap nor overly expensive.
Splunk SOAR is affordable cost-wise only.
The solution is free for us, which is a beneficial aspect.
The UEBA enables us to monitor at the device level, and SOAR provides playbooks and templates that we can modify and incorporate into the platform.
It effectively facilitates logging and log storage and assists in security event management by ingesting security events.
Creating playbooks using the Playbook Editor in Splunk SOAR is easy. The editor is designed to be user-friendly with visual drag and drop features, allowing for easy workflows without writing any code.
The stable environment and the community provide strong support, reducing the need for technical support.
My impressions of Splunk's ability to predict, identify, and solve problems in real-time are very impressive.
| Product | Market Share (%) |
|---|---|
| Splunk SOAR | 7.7% |
| Logpoint | 1.2% |
| Other | 91.1% |
| Company Size | Count |
|---|---|
| Small Business | 17 |
| Midsize Enterprise | 3 |
| Large Enterprise | 4 |
| Company Size | Count |
|---|---|
| Small Business | 11 |
| Midsize Enterprise | 7 |
| Large Enterprise | 28 |
Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs.
Benefits of Logpoint
Some of the benefits of using Logpoint include:
Reviews from Real Users
Logpoint is a security and management solution that stands out among its competitors for a number of reasons. Two major ones are its data gathering and artificial intelligence (AI) capabilities. Logpoint enables users to not only gather the data, but also to maximize both the amount of data that can be gathered and its usefulness. It removes many of the challenges that users may face in data collection. The solution allows users to set rules for collection and then it pulls information from sources that meet the rules that have been set. This data is then broken into manageable segments and ordered. Users can then analyze these ordered segments with ease. Additionally, LogPoint utilizes both machine learning and AI technology. Users gain the ability to protect themselves from and if necessary resolve emerging threats as soon as they arise. The AI sets security parameters for a user’s system. These act as a baseline that are triggered and notify the user if anything deviates from the rules that it set up.
The chief infrastructure & security officer at a financial services firm writes, “It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. Logpoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parsed because all logs are not the same, but with Logpoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them.”
A. Secca., a Cyber Security Analyst at a transportation company, writes, “It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all of the user’s activities. It devises a baseline and monitors if there is any deviation from the baseline.”
Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats.
Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.
Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.
Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.
Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
