What users are saying about
3 Ratings
56 Ratings
3 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 9 out of 100
56 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.6 out of 100

Likelihood to Recommend

FireEye Helix

Overall, we've had a great experience with FireEye Helix and would recommend it to organizations looking to improve their operational security. We've found Helix to be a great way to collect and analyze revenant security events and take action. Having a single pane of glass makes this process much more efficient. Prior to moving to FireEye Helix, we had different teams sending data to different applications, which resulted in confusion and critical data being missed.
Anonymous | TrustRadius Reviewer

Sumo Logic

It is ready to collect data and search for it easily and quickly, without much hassle. It gives you the ability to view records and analyze them in real time. One thing we should highlight about the use of Sumo logic is that it completely eliminates the need to exchange ideas with clients or inquiry questions and replace them completely by visualizing the problem, so your team will be able to save time, have liquid work and resolve problems quickly to ensure good service.
Suman Lata | TrustRadius Reviewer

Feature Rating Comparison

Security Information and Event Management (SIEM)

FireEye Helix
8.7
Sumo Logic
Centralized event and log data collection
FireEye Helix
9.0
Sumo Logic
Correlation
FireEye Helix
9.0
Sumo Logic
Event and log normalization/management
FireEye Helix
9.0
Sumo Logic
Deployment flexibility
FireEye Helix
7.9
Sumo Logic
Integration with Identity and Access Management Tools
FireEye Helix
7.5
Sumo Logic
Custom dashboards and workspaces
FireEye Helix
9.0
Sumo Logic
Host and network-based intrusion detection
FireEye Helix
9.6
Sumo Logic

Pros

FireEye Helix

  • Single pane of glass for all alerts.
  • Great at consolidating threat intelligence, alerts, and metadata all in a single platform.
  • The ability to pivot directly from Helix to endpoint (HX) EDR, Email, etc. is a big blessing.
Anonymous | TrustRadius Reviewer

Sumo Logic

  • Searching is powerful and fast and does not require you to pre-filter/pre-parse your data in order to extract fields, filter messages, or run analytics
  • User data can be private or shared with the organization, allowing developers to create searches and share them with Support folks.
  • It's easy to create email alerts when certain conditions are detected.
Anonymous | TrustRadius Reviewer

Cons

FireEye Helix

  • Overly complex platform
  • Multiple logins needed for various tools--leads to confusion
  • Costs can add up
Anonymous | TrustRadius Reviewer

Sumo Logic

  • Sumo Logic, during the period that I used their product (up until at least November 2015), did not have a User / RBAC API. This made it very difficult to manage users (we had about 100 users). Even though they had SAML integration, allowing us to utilize a single-sign on solution, we would have to do manual reviews of user accounts in Sumo Logic on a regular basis. There was no export feature, so it became a matter of copy/pasting all users from the web portal, and creating a spreadsheet out of the data. This was a big pain, as we were all about automation. I had been told that a User / RBAC REST API would be made available sometime during Q1 - Q1 2016.
  • The user who creates any saved search queries, alerts, reports, or dashboards, is the only user that is able to edit them. In a collaborative environment, or larger enterprise, this brings a level of difficulty. For example, if an alert breaks and is spamming an inbox/pager, it cannot be edited or stopped unless done specifically by the user who created it. The RBAC has not been improved enough to allow groups/teams/organizations to have ownership over them (as of November 2015).
  • If you are to delete a user account in Sumo Logic, as your account is setup to allow a specific amount of user accounts in addition to the storage limits agreed in contract, all of the work they had created for teams -- dashboards, scheduled searches, alerting, reporting, etc. -- all become unpublished and unscheduled. They all become inherited by the user that deletes their account. This may create a mess, as this may now completely stop many useful reports/alerts/dashboards that were being taken care of initially. As a result, deletion of a user who is no longer having access to Sumo Logic (due to leaving the company, or leaving a team the needs access), requires a complete review of everything the user has saved in order to see whether anything needs to be rescheduled for alerting/reporting or republished for dashboard viewing. This is all as of November 2015.
  • Purging log data can be extremely difficult. Sumo Logic stores data in a WORM (Write Once, Read Many) type of database. This is done for security reasons, and the database also stores it's data in an encrypted form. If you wish for any data to be removed for any reason, such as PHI / PII / etc. information, you have to wipe out absolutely all data within a time range that Sumo Logic has ever gathered for you. This does not just include the source of the data you are trying to purge, but would include all log data from all sources that you have (even if separately indexed, or partitioned). I am unsure of whether this is still the fact, or if this has at least narrowed down to partition/index, or source.
  • In the web portal, Sumo Logic has icons for agents that are working -- green/yellow if I remember right. Source hosts would always show a big green checkmark for health, even if certain sources were completely failing. If Sumo Logic agents are logging errors that logs can't be collected (permissions, some agent issue, etc.), there wasn't a way to visibly see there was an issue unless you were looking for it in logs. This resulted in periods of time where we did not receive logs from many sources. This is hard to alert on, as we found we would have to create a scheduled search of Sumo Logic agent logs that looked for as many error/warning messages as we could, that we knew about. This was incredibly difficult, and unmanageable.
Derek Ardolf | TrustRadius Reviewer

Usability

FireEye Helix

No score
No answers yet
No answers on this topic

Sumo Logic

Sumo Logic 8.3
Based on 4 answers
Ideal for data collection and search without many problems in an easy and fast way. It helps you to access and view documents in real time. This helps us to provide service to our customers that enhances customer experience. This is the best way to explore records in groups of computers. Our team also investigates the root sources of the issues.
Suman Lata | TrustRadius Reviewer

Support Rating

FireEye Helix

FireEye Helix 9.0
Based on 1 answer
We've been fairly happy with FireEye Helix support overall. Most issues are resolved the same day the case is opened.
Anonymous | TrustRadius Reviewer

Sumo Logic

Sumo Logic 9.0
Based on 9 answers
I would give this rating because I attended a free Sumo Logic training at a WeWork in Chicago. I found the training very useful, and I learned a lot of features that I was not aware of before I went to the training. I like the idea that SumoLogic provides free training seminars. I am certified in level1, and I plan on certifying to level2.
M Phillip Yogore | TrustRadius Reviewer

Implementation Rating

FireEye Helix

No score
No answers yet
No answers on this topic

Sumo Logic

Sumo Logic 9.0
Based on 2 answers
I was satisfied with the implementation, as at the time, it was the best way to implement the product with the available feature sets in Sumo Logic. User creation and management became more of an issue during continued use, instead of it being an issue related to deploying the product in our environment.
Derek Ardolf | TrustRadius Reviewer

Alternatives Considered

FireEye Helix

I find Helix to be super-efficient and able to cut through the noise. Previous installations of LogRhythm and Splunk resulting in an overwhelming amount of noise (out of the gate), and we had to constantly tune out false positives. Helix is different. Out of the gate, Helix provided higher fidelity hits, and our teams don't spend half their day turning out the noise.
Anonymous | TrustRadius Reviewer

Sumo Logic

Sumo Logic works very well out of the gate. For a small business it has given us what we need. I worked at a larger company previously, and we produced so many logs we had to create a custom logging service to handle them all. Cost and availability are big issues when deciding between the different services, whether self maintained and hosted, or provided by another company.
David Tanner | TrustRadius Reviewer

Professional Services

FireEye Helix

No score
No answers yet
No answers on this topic

Sumo Logic

Sumo Logic 7.3
Based on 4 answers
It is a fully supported tool and I have real-time access to a team of supporters or engineers who have developed this tool and can assist you with any questions or issues you may have about the tool. The training provided is also excellent and you get to know the full functionality and other advanced features of the tool.
Suman Lata | TrustRadius Reviewer

Return on Investment

FireEye Helix

  • Helix has had a significant impact on CSOC visibility efforts across the organization.
  • Helix fills the logging and alerting gaps that are missing across the infrastructure side.
  • Having a single pane of glass allows teams to more efficiently run incidents. Additionally, Helix is integrated with ServiceNow providing enhanced and efficient case management for all Helix alerts.
Anonymous | TrustRadius Reviewer

Sumo Logic

  • I can't think of any negative side effects other than it being SO slow sometimes, but compared to Splunk everything is slow
  • It's SO much cheaper than Splunk that the time it takes to query information is well worth it
  • In the times that we've had Sumo go down or stop logging information, we've found that we'd be absolutely lost without Sumo
Anonymous | TrustRadius Reviewer

Screenshots

Pricing Details

FireEye Helix

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional

Starting Price

$0 Events per second

FireEye Helix Editions & Modules

Edition
Helix Console$01
Helix Enterprise$01
  1. Events per second
Additional Pricing Details

Sumo Logic

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Starting Price

$3 Per GB Logs

Sumo Logic Editions & Modules

Edition
Essentials$3.001
Enterprise$4.001
Enterprise Security$4.251
Enterprise Suite$4.751
  1. Per GB Logs
Additional Pricing Details

Rating Summary

Likelihood to Recommend

FireEye Helix
9.0
Sumo Logic
9.3

Usability

FireEye Helix
Sumo Logic
8.3

Support Rating

FireEye Helix
9.0
Sumo Logic
9.0

Implementation Rating

FireEye Helix
Sumo Logic
9.0

Professional Services

FireEye Helix
Sumo Logic
7.3

Add comparison