LogPoint detects, analyzes and responds to threats within an organization’s data for faster security investigations. LogPoint is dedicated to helping overloaded security analysts work more efficiently with accelerated detection and response. LogPoint's SIEM solution with UEBA provides…
N/A
ScienceLogic SL1
Score 8.8 out of 10
Enterprise companies (1,001+ employees)
ScienceLogic is a system and application monitoring and performance management platform. ScienceLogic collects and aggregates data across and IT ecosystems and contextualizes it for actionable insights with the SL1 product offering.
N/A
Securonix Next-Generation SIEM
Score 9.0 out of 10
N/A
Securonix headquartered in Addison offers the Securonix Next-Generation SIEM deployment, combining log management as well as user and entity behavior analytics (UEBA), for a complete SOC solution.
N/A
Pricing
LogPoint
ScienceLogic SL1
Securonix Next-Generation SIEM
Editions & Modules
No answers on this topic
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
LogPoint
ScienceLogic SL1
Securonix Next-Generation SIEM
Free Trial
Yes
No
No
Free/Freemium Version
No
No
No
Premium Consulting/Integration Services
Yes
Yes
No
Entry-level Setup Fee
No setup fee
Required
No setup fee
Additional Details
—
ScienceLogic SL1 offers four tiers:
SL1 Advanced – Application Health, Automated Troubleshooting and Remediation Workflows
SL1 Base – Infrastructure Monitoring, Topology & Event Correlation
SL1 Premium – AI/ML-driven Analytics, Low-Code Automated Workflow Authoring
SL1 Standard – Infrastructure Monitoring – with Agents, Business Services, Incident Automation, CMDB Synchronization, Behavioral Correlation
To get pricing for each tier, please contact the vendor.
LogPoint is incredibly useful for pulling information from various log sources and combining them together to offer insights into suspicious or potentially malicious behaviour. It is not intuitive and can take some time to get used to. Once you're up and running though, it's easy to onboard new log sources. Search queries can again be tough to get used to, but LogPoint support is really helpful and can offer assistance with writing more complex searches.
For Windows, the issue is in higher resource consumption related to WinRM monitoring, which provides better options then the SNMP monitoring, which on the other hand is less resource intensive. The problem is also with support for OS with other than English language.
The best part of Securonix is it's architecture which makes it scalable and allows it to add any new feature to match the requirement. Securonix is well suited for enterprises who are mid to large size and are looking for a quick time to value, do not want to put upfront capex and invest less on the service layer. It becomes little costly for a small sized organisation.
Dashboards are quite old and are of Iron age. Need to have AP2 dashboards only instead of AP1 and consistent new design across all functionalities.
Reporting is not improved since Y2020 and need to revamp completely. Need to integrate Dashboards and Reporting. PowerBI Like functionality to be given OOTB. Reports should be extracted in Excel, PDF, HTML and should be heavily automated.
Create and Open APIs for basic and advanced monitoring data extraction.
Topology based Event Correlation and Suppression should be improved drastically. Need to identify critical network interfaces based on Topology and monitor them. Basic customization of Dynamic App and/or Powerpack to exclude/include certain metrics/events to be permitted OOTB instead of customizations.
Integration with ServiceNow to be improved and to be taken to next level. Automation Powerpack should be made available OOTB as part of base product and to be priced attractively.
Take product to next level where we can monitor actual impacted IT or Business Service instead of metrics and events BSM and Topology map to be auto discovered and identify the network dependencies and alternate paths automatically instead of manual creation of BSM.
It is simply because of all the best possible autonomy solutions it is providing and getting better day by day. Using AI and Devops along with handy automation, The monitoring and Management of devices becomes much easier and the way it is growing in all the aspects is one the best reasons too. Evolution of the SL1 platform in the autonomy monitoring and management is quite appreciable.
The core functions are there. The complexity is due to the complexity of the space. The score is based on comfort (I no longer notice the legacy UI) and the promise that I see in the 8.12 Unified UI (a vast improvement). It is also based on the fact that with 8.12, you can now do everything in the new UI but you still have the legacy UI as a fallback (which should now be unnecessary for new installations)
Securonix Next-Generation SIEM provides loads of features that can be utilized as per business requirements. With the Securonix Jupyter update, the feature set is fine tuned for efficient implementation. The SOAR platform will complete the product for automated response on top of the alerting capabilities. The primary factor for selecting a SIEM will include the support model. While implementing and currently using Securonix Next-Generation SIEM in our environment, we have experienced the best support provided by the SIEM team in all aspects.
SL is always there and online when you need to get info from it. The only times when SL was not available in our own data center, was when network links from out side of the data center was down and those links were not in our controll. Having a central database and people accessing it all over the world, may put a bit of constarin on the performance of the dashboards when reports gets generated, but that is far and few n between.
SceinceLogic SL1 architecture helps the platform to give a top-notch performance in every respect, Data collection to reporting happens very smoothly. With the new user interface pages load much faster. Individual appliances carrying the individual task ensure things are working without lag. Integration with ticketing tool(SNOW) is well managed by the ScienceLogic, no issue or much delay has been observed while interacting with an external tool.
LogPoint support is outstanding. They are incredibly helpful, and on occasions have proactively identified issues with our setup, and logged cases on our behalf before we had even noticed there was a problem. If there is a search we need to write that is beyond our skills, LogPoint support can typically write it for us within a couple of days. They are always very responsive, and I am yet to have a bad support experience.
So far, it's good as part of my overall experience, except for a couple of use cases. The support team is well knowledgeable, has technical sound, and is efficient. When support escalates to engineering, the issue gets stuck and takes months to resolve.
Securonix acts with urgency to support day to day operational issues & queries and shows a real commitment to us as a partner. I rate this an 8 because there are still some bumps in the road, instances where communications can be sparse or unclear.
It was good, Do the online training first and understand it and you will get the most out of the in-person training that way. This also takes you to an advanced level which is very good and the training as been overhauled once again along with new product coming in such as Zebruim / Skylar, worth going through again if it a while back that you first did this.
There are a lot of educational materials and courses on the SL1 training site (Litmos university). However the recording quality is sometimes not very good - screen resolution is low. There is a lack of professional rather than user-oriented documents and there are mistakes in documentation and education is not well structured.
Implementation is smooth if we are to just support the out-of-the-box features available in ScienceLogic. For any custom requirement, having to go to SL1 Professional Services is the worst part of procuring this suite. And more often than not, SL1 Professional Services also ask to raise feature request. So, you subscribe to Professional Services to only hear back from them that "This feature is not supported and needs to have a separate feature request". At times frustrating.
Science logic SL1 is so user friendly and it's really easy to navigate between function. I would recommend Sciene logic SL1 to all of them who are looking for really useful monitoring tool and expecting easy way of managing it.
Our deployment model is vastly different from product expectations. Our global / internal monitoring foot print is 8 production stacks in dual data centers with 50% collection capacity allocated to each data center with minimal numbers of collection groups. General Collection is our default collection group. Special Collection is for monitoring our ASA and other hardware that cannot be polled by a large number of IP addresses, so this collection group is usually 2 collectors). Because most of our stacks are in different physical data centers, we cannot use the provided HA solution. We have to use the DR solution (DRBD + CNAMEs). We routinely test power in our data centers (yearly). Because we have to use DR, we have a hand-touch to flip nodes and change the DNS CNAME half of the times when there is an outage (by design). When the outage is planned, we do this ahead of the outage so that we don't care that the Secondary has dropped away from the Primary. Hopefully, we'll be able to find a way to meet our constraints and improve our resiliency and reduce our hand-touch in future releases. For now, this works for us and our complexity. (I hear that the HA option is sweet. I just can't consume that.)
Once a powerpack is developed and configured for a device for one customer, it is easy to deploy the same powerpack on a second customer estate and configure specifically for that customer without having to reinvent the powerpack. This saves time and therefore money.
Once the customer estate tuning is complete, the Operations team have come trust the alerts. This is especially true when transient or self-correcting alerts are automatically cleared without ops team involvement, but a record is still available for audit and debugging purposes. This saves time and therefore money.
When setup correctly, it provides good visibility into applications, devices and whole customer estates. This saves time and therefore money when issues arise.
