Exabeam Fusion vs. LogPoint

As a SIEM tool for investigations, Exabeam is the best in class. The AI assigns numeric values to observed logs them presents high scores to the analyst in a simple dashboard. We can see what is a real threat and ignore so many false positives. Exabeam is the best SIEM was used from an alert fatigue perspective. The simple interface allows other teams not just InfoSec to utilize the tool; helpdesk for asset diagnoses, HR for staffing questions, etc.

Incentivized

LogPoint is incredibly useful for pulling information from various log sources and combining them together to offer insights into suspicious or potentially malicious behaviour. It is not intuitive and can take some time to get used to. Once you're up and running though, it's easy to onboard new log sources. Search queries can again be tough to get used to, but LogPoint support is really helpful and can offer assistance with writing more complex searches.

Incentivized

• Simple graphical interface
• Plan text searching, no need to know another coding language
• Very very fast response
• All saved logs up to 7 years instantly searchable
• Not cold or frozen buckets for years old logs

Incentivized

• Technical support team is fast and competent
• License management and cost
• Log parsing
• New logs can be provided to the support team for parser creation
• High Availability architecture does not cost more

• Improvements on top of Lucene/KQL to add more search functions.
• Stability of the overall deployment.
• Ability to run version upgrades quicker and without data ingestion problems afterward.
• More documentation and examples about the API functionality available.

Incentivized

• Stability (weird issues)
• Transparency (hard to investigate issues)
• Search template should be improved

Incentivized

We are confident with the solution and we are using it daily

Incentivized

The system is set up to run out of the box. It has a simple easy to understand the graphical interface. Exabeam designed its SIEM from the ground up to be user-friendly and intuitive. They designed it to use plain text searches so no special training is needed. You do NOT have to learn another programming language and keep up with it daily to be proficient and productive with the tool, unlike all other SIEMs we have used before. Did I mention we love Exabeam?

Incentivized

LogPoint has quite a steep learning curve. The UI is not intuitive, with some bits of functionality being hidden in places you might not think to look. The search syntax is also quite difficult to master. However, once you overcome these obstacles, LogPoint is actually very easy to use.

Incentivized

The engineers working to support Exabeam are very professional and competent. They always arrive prepared for troubleshooting meetings and provide helpful input to resolve most issues without requiring excessive escalation whenever possible. Their support team is good at promptly providing parsers that can be used to enhance the product's functionality and ensure fields are all populated.

Incentivized

Support team is very fast to answer and very kind.

Really nice person with huge skills on LogPoint

Incentivized

LogPoint is easier to implement and less expensive.

Incentivized

• Reduced time to triage alerts.
• Reduced number of alerts which need escalation to senior tiers.
• The ability for analysts to quickly run playbooks for additional information and enrichment.
• Ability to retain data for longer periods for forensics purposes.
• Improved search performance compared with other SIEM solutions.

Incentivized

• Keep the same team to manage more IT resources
• Having a better logs visibility

Incentivized