Try our new research platform with insights from 80,000+ expert users

Splunk SOAR vs Tines comparison

Splunk and Tines are both solutions in the Security Orchestration Automation and Response (SOAR) category. Splunk is ranked #2 with an average rating of 8.4, while Tines is ranked #10 with an average rating of 9.0. Splunk holds a 7.5% mindshare in SOAR, compared to Tines’s 6.6% mindshare. Additionally, 87% of Splunk users are willing to recommend the solution, compared to 100% of Tines users who would recommend it.
Splunk SOAR
Read 51 Splunk SOAR reviews
  • 4,423 Views
  • 3,361 Comparison Views
87% willing to recommend
Tines
Read 4 Tines reviews
  • 2,444 Views
  • 2,004 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 28, 2025

Splunk SOAR and Tines are both products in the Security Orchestration, Automation, and Response category. Tines is favored for streamlined workflows and intuitive automation features, providing a competitive edge.

Features: Splunk SOAR stands out for its advanced integration capabilities, customizable playbooks, and its ability to support complex operations with robust analytics tools. Tines offers simplicity in creating automation workflows, a no-code interface making it accessible for users at different skill levels, and API integration for ease of connecting different tools and services.

Room for Improvement: Splunk SOAR could enhance user accessibility by simplifying its interface further and reducing the reliance on extensive coding for integrations. It could also improve the initial setup time for quicker deployment. Tines may benefit from expanding its feature set to support more complex automation scenarios and improving the documentation for better user understanding and implementation efficacy.

Ease of Deployment and Customer Service: Splunk SOAR typically requires a traditional enterprise deployment model demanding more upfront effort. It supports expansive data management through its integrations but needs more preparation time. Tines offers a flexible, cloud-native deployment with a user-friendly interface. While both provide good support, Tines is noted for proactive customer engagement and a responsive support team.

Pricing and ROI: Splunk SOAR involves higher initial costs due to its extensive integration options necessitating a considerable initial investment. Tines is more cost-effective, appealing to organizations that want a faster implementation and reduced costs. Tines frequently offers better value for money, with higher ROI relative to its cost through quicker time-to-value.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Splunk SOAR vs. Tines Report (Updated: December 2025).
Buyer's Guide
Splunk SOAR vs. Tines
December 2025
Download the complete report
Helped 879,371 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Splunk SOAR
Ranking in Security Orchestration Automation and Response (SOAR)
2nd
Average Rating
8.2
Reviews Sentiment
6.6
Number of Reviews
51
Ranking in other categories
No ranking in other categories
Tines
Ranking in Security Orchestration Automation and Response (SOAR)
10th
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
4
Ranking in other categories
Threat Intelligence Platforms (TIP) (18th), AI-Powered Security Automation (1st), AI IT Support (10th)
 

Mindshare comparison

As of December 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Splunk SOAR is 7.5%, up from 7.5% compared to the previous year. The mindshare of Tines is 6.6%, up from 4.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR) Market Share Distribution
ProductMarket Share (%)
Splunk SOAR7.5%
Tines6.6%
Other85.9%
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

SS
Shiboo Suren
Manager cybersecurity at Hexion Inc.
Automates threat response and reduces investigation time but needs better threat intelligence integration
One thing that we would like to see with Splunk SOAR is the expandability to the threat intelligence feed. Currently, we have limited ingestion to the threat intelligence feed for the correlation purpose. We would like to see it being integrated, with license cost or without license cost, to leading threat intelligence sources such as Recorded Future, Feedly, or Flare. That is something we would appreciate having integrated. The second thing on the improvement side is about exposed credential-related information. If we start ingesting those data to Splunk SOAR or SIEM with some sort of integration with threat intelligence feed, that will also improve our detection and prediction method or help us with the investigation.
Read full review
VikramSingh8 - PeerSpot reviewer
VikramSingh8
Security Delivery Manager at Accenture
Automation simplifies workflows with no code and excellent support
Reporting and dashboards could be more advanced for deeper analysis. Tines has its own dashboard, which displays information like how many stories have been created and how many automations have taken place. However, the reporting and dashboard are not advanced; they are quite basic, with fewer customizable options. The look and feel of the dashboard could be enhanced. Another area for improvement is in terms of documentation, as every tool and company has its own knowledge base.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are not a 24/7 SOC, so the most valuable feature of Splunk SOAR is the auto-response to threats when we are not in the office and the notifications that it sends to the on-call engineer."
"The most valuable feature of Splunk SOAR that stands out is it has a great SOAR. The automation and orchestration module is highly mature. A lot of use cases are on user entity and behavioral analytics (UEBA), which is artificial intelligence and machine learning-based (AIML)."
"When you design a playbook, you can integrate multiple log sources and define rules... After that, the platform automatically compiles all these activities and, based on the results, the analyst only has to indicate whether the result is a true or false positive. That reduces the time and effort involved."
"In Splunk SOAR, I find the playbooks valuable. We get to create multiple playbooks, and within each playbook, there is a different type of investigation attached to it, which helps out an analyst or new analysts coming on board."
"Splunk integrates with so many products. It provides us with good information for us to be able to do our jobs."
"The customization of the playbook in Splunk SOAR is very beneficial."
"The ability to automate Splunk SOAR and customize the playbook use cases is the most valuable feature and is very exciting for me."
"SOAR allows custom code to be written and integrates with various technologies through pre-built apps like Windows Remote Management or custom apps we can build ourselves like a secret retrieval app from our vault."
More Splunk SOAR pros
"The tool was vendor-neutral."
"One of the most valuable features is that it’s a low-code solution."
"The best advantage is the no-code automation, excellent customer support services, and ease of integration with other tools."
"The best thing is that it's no code, so it doesn't require coding knowledge."
 

Cons

"Splunk SOAR has room to improve its offering for small-sized customers. The price is not fair for smaller-sized customers."
"I haven't had any issues with the solution so far."
"While there have been improvements to the investigation process, particularly with the playbook data, the current log review method is cumbersome."
"It would be ideal for us if Splunk SOAR could integrate with Teams."
"It would be nice if we could put it on other search heads, not just Enterprise Security."
"We have playbooks written to extract these events and put them into the workflow since it wasn't structured as expected. It was a miss for us. We couldn't figure out why it broke or what actually happened there. It was something in this feed with legitimate and security events, so we tried to understand the names and what we would call them."
"There are areas where Splunk SOAR can continue to improve, particularly regarding the synchronization of information, as sometimes it takes longer than other tools."
"The algorithm and machine learning have room for improvement and can be more user-friendly."
More Splunk SOAR cons
"Tines was a little bit more expensive than Torq."
"Maybe Tines can add more features and demonstrations, like videos on how to use the features within the tool."
"They started implementing some AI, and their AI is isolated."
"Reporting and dashboards could be more advanced for deeper analysis."
 

Pricing and Cost Advice

"I found the price of Splunk SOAR to be good."
"Splunk SOAR is an expensive solution for an organization of our size."
"Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all the functions and tie together the data. It's the perfect tool for our needs."
"While I can't confirm the exact pricing, some colleagues have mentioned that Splunk SOAR may be on the costlier side."
"In my opinion, the price is high, but if you want good products, you have to be willing to pay for them."
"It's very overpriced because it is based on the number of users. There is no bulk licensing."
"The cost is high and the licensing is on an annual basis."
"We renewed it this year. This year was the first time there was a dramatic increase in the price. It was kind of non-negotiable. It was just a high increase. We had internal communications, and it was definitely a surprise to us. In a short time frame, we renewed it this year. Prices are going up everywhere, but they are not always justifiable, at least not to our eyes. The pricing this year was definitely a big shock."
More Splunk SOAR pricing and cost advice
Information not available
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
See recommendations
879,371 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
12%
Manufacturing Company
10%
Computer Software Company
10%
University
7%
Financial Services Firm
13%
Computer Software Company
9%
Manufacturing Company
8%
Healthcare Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business12
Midsize Enterprise7
Large Enterprise31
No data available
 

Questions from the Community

What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
See all answers
What is your experience regarding pricing and costs for Splunk Phantom?
I am familiar with the pricing aspect, setup cost, and licensing cost of Splunk SOAR, and it is pretty much similar to what industries are offering these days. We never had any issue when we had to...
See all answers
What needs improvement with Splunk Phantom?
The visibility of Splunk SOAR's playbook viewer is rather unclear to me; I wonder what the visibility is for. There are indeed some problems with integrating Splunk SOAR with other Splunk products ...
See all answers
What needs improvement with Tines?
Reporting and dashboards could be more advanced for deeper analysis. Tines has its own dashboard, which displays information like how many stories have been created and how many automations have ta...
See all answers
What is your primary use case for Tines?
I am Vikram Singh, I work for top service based multinational brand and I am responsible for delivering Tines services. Essentially, I am working on it, and I am leading one of the source services ...
See all answers
What advice do you have for others considering Tines?
When you start working with Tines, ensure you pursue the Tines certifications. They offer these free certifications when they become your partner. Overall, I would rate Tines a nine out of ten.
See all answers
 

Comparisons

Palo Alto Networks Cortex XSOAR vs Splunk SOAR Logo
Palo Alto Networks Cortex XSOAR vs Splunk SOAR
Compared 16% of the time
Fortinet FortiSOAR vs Splunk SOAR Logo
Fortinet FortiSOAR vs Splunk SOAR
Compared 11% of the time
ServiceNow Security Operations vs Splunk SOAR Logo
ServiceNow Security Operations vs Splunk SOAR
Compared 9% of the time
Torq vs Splunk SOAR Logo
Torq vs Splunk SOAR
Compared 7% of the time
Cortex XSIAM vs Splunk SOAR Logo
Cortex XSIAM vs Splunk SOAR
Compared 6% of the time
More Splunk SOAR Competitors
Torq vs Tines Logo
Torq vs Tines
Compared 41% of the time
Palo Alto Networks Cortex XSOAR vs Tines Logo
Palo Alto Networks Cortex XSOAR vs Tines
Compared 10% of the time
Blink Ops vs Tines Logo
Blink Ops vs Tines
Compared 10% of the time
Swimlane vs Tines Logo
Swimlane vs Tines
Compared 9% of the time
ServiceNow Security Operations vs Tines Logo
ServiceNow Security Operations vs Tines
Compared 4% of the time
More Tines Competitors
 

Product Reports

Buyer's Guide
Splunk SOAR
December 2025
Splunk SOAR reportDownload Splunk SOAR product report
Buyer's Guide
Security Orchestration Automation and Response (SOAR)
December 2025
Tines reportDownload Tines product report
 

Also Known As

Phantom
No data available
 

Overview

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats. 

Go from overwhelmed to in-control

Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

Force multiply your team

Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

From 30 minutes to 30 seconds

Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

End-to-end security operations made easy

Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

Splunk

Tines offers no-code and low-code automation for users to automate tasks without coding expertise, integrating seamlessly with APIs to enhance incident management and security operations.

Known for a vendor-neutral approach, Tines provides detailed documentation and live chat support, allowing for effective integration with other tools, scheduling capabilities, and streamlined processes that save time and effort. Users find it intuitive for efficient task handling, making manual intervention unnecessary. Challenges include the need for more comprehensive documentation and instructional videos, as well as improvements in AI integration and reporting aesthetics. Pricing is also noted as higher compared to alternatives.

What are the most important features of Tines?
  • No-code and low-code automation: Enables task automation without coding knowledge.
  • API integration: Facilitates enhanced automation for security operations.
  • Vendor-neutral approach: Promotes unbiased integration across various tools.
  • Detailed documentation: Provides users with comprehensive guides and support.
  • Scheduling capabilities: Allows users to automate workflows efficiently.
What benefits and ROI can users expect from Tines?
  • Time savings: Automates tasks to reduce manual processes.
  • Improved efficiency: Streamlines security operations, enhancing productivity.
  • Comprehensive task handling: Offers intuitive tools for managing complex tasks easily.

Tines primarily serves organizations in the security sector, automating security operations such as alert detection and managed detection and response. It's utilized extensively in security operation centers for tasks like phishing email processing, ticket creation, IOC investigations, and ticket assignments within enterprise security frameworks, with multiple teams delivering Tines services to enhance task handling efficiency.

Tines
 

Sample Customers

Recorded Future, Blackstone
Information Not Available
Buyer's Guide
Splunk SOAR vs. Tines
December 2025
Free Report: Splunk SOAR vs. Tines
Find out what your peers are saying about Splunk SOAR vs. Tines and other solutions. Updated: December 2025.
DOWNLOAD NOW
879,371 professionals have used our research since 2012.
See our Splunk SOAR vs. Tines report.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.