IBM Resilient Reviews

Vendor: IBM

3.7 out of 5

18 reviews
75% willing to recommend

505 followers

What is IBM Resilient?

The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.

Get the IBM Resilient Buyer's Guide and find out what your peers are saying about IBM Resilient, ServiceNow Security Operations, SECDO Platform and more!

IBM Resilient is the #3 ranked solution in top Security Incident Response solutions and #13 ranked solution in SOAR tools. PeerSpot users give IBM Resilient an average rating of 7.4 out of 10. IBM Resilient is most commonly compared to ServiceNow Security Operations: IBM Resilient vs ServiceNow Security Operations. IBM Resilient is popular among the large enterprise segment, accounting for 63% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 32% of all views.

Helped 842,296 peers since 2012

Featured IBM Resilient reviews

Usman Bhatti

Senior Officer Security Operations Center at a financial services firm with 10,001+ employees

Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution. It's worth noting that many third-party add-on applications needed to be purchased separately to integrate with IBM Resilient. While there were built-in applications available for incident remediation, the selection was limited. Additionally, integrating third-party applications was often a difficult and time-consuming process due to the technical complexity involved.

Read full review

Jaliya Bandara

SOC Manager at a comms service provider with 5,001-10,000 employees

What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products. In a way, IBM Resilient is an orchestration platform, so it should allow you to orchestrate other OEMs or products from non-IBM vendors. If there were a pre-built function that lets you integrate third-party solutions with IBM Resilient, the initial setup for the solution would become easier and more flexible. Implementing or integrating other platforms with IBM Resilient would also take less time. After the solution is implemented, that's the time my company can give more recommendations on which features to add to improve IBM Resilient.

Read full review

AYOUB ECH-CHKAF

Security Operations Center Analyst (L2 at Thales

The ability to analyze incidents needs to be improved in the solution. It also needs to work on how to integrate installation, VMs, and other platforms. IBM Resilient needs to work on what basis one needs to anticipate an email. Though it is good and fixable, the solution also needs to consider working on how to make it possible to move to another solution for its users. In the future, I would like to see the integration of machine learning and AI in the solution.

Read full review

IBM Resilient mindshare

As of March 2025, the mindshare of IBM Resilient in the Security Incident Response category stands at 10.9%, up from 6.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Security Incident Response

PeerAnalyst reports based on IBM Resilient reviews

Type	Title	Date
Category	Security Incident Response	Mar 25, 2025	Download
Product	Reviews, tips, and advice from real users	Mar 25, 2025	Download
Comparison	IBM Resilient vs VMware Carbon Black Endpoint	Mar 25, 2025	Download
Comparison	IBM Resilient vs ServiceNow Security Operations	Mar 25, 2025	Download
Comparison	IBM Resilient vs Exabeam	Mar 25, 2025	Download

Title	Rating	Mindshare	Recommending
ServiceNow Security Operations	4.0	19.2%	94%	20 interviews Add to research
SECDO Platform	4.5	1.1%	75%	3 interviews Add to research

Valuable Features

IBM Resilient is valued for its simplicity and integration with IBM QRadar, offering flexibility and a user-friendly interface. It excels in incident response monitoring with robust security features. Users appreciate its comprehensive stack, mature architecture, and scalability. Dynamic playbooks, rapid action, and effective user behavior analytics enhance its appeal. Its incident response capabilities, threat intelligence, and container options are highly beneficial. Integration with IBM SIM and effective user blocking during attacks are key highlights.

"The integration with IBM SIM and the ability to block users during brute force attacks are particularly effective."
"It is a stable solution...It is a scalable solution."
"The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."

Room for Improvement

IBM Resilient requires enhanced integration with third-party tools and improved pricing and technical support. Users report complexity in initial setup and configuration, frequent compatibility issues, and limitations in device integration. More built-in automation and AI features would benefit users. The need for better documentation and user guidance, especially on custom playbooks and licensing, is evident. The lack of flexibility and challenges with data format handling suggest more development and research are necessary.

"Integration with some devices, including Cisco PowerPower and certain antivirus products, has limitations."
"The response time of the support is an area of concern where improvements are required."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."

ROI

Some companies found that IBM Resilient delivered significant value with a substantial time-saving impact, claiming up to 80 percent efficiency improvement. Others expressed difficulty in assessing the financial gains without adequate expertise in utilizing the platform. For certain organizations, it's still premature to gauge the return on investment, while others haven't experienced measurable financial benefits from its deployment yet.

Pricing

IBM Resilient's pricing is viewed as expensive by many, with costs determined by a yearly licensing fee based on user count. Some describe it as moderately expensive but note affordability compared to other SOAR options. Additional costs include initial platform investments and support services. User opinions vary on pricing satisfaction, with some rating it affordable or cost-effective and others rating it lower on the affordability scale. This solution primarily suits enterprise-level environments.

"There are no costs except for the support services that our company pays in addition to the licensing charges attached to the solution."
"I feel it is an expensive product when my company pays annually for renewal, support, and follow-up."
"The cost of the product is quite high."

Popular Use Cases

Organizations primarily use IBM Resilient for cybersecurity operations, focusing on incident response automation and orchestration. They integrate it with IBM QRadar for data analysis and action, manage security services, and perform SOC analysis. It supports incident logging, team communication, and documentation, while automating workflows in operation centers. Industries like finance and governance utilize it for flexible incident handling and integration with security controls, emphasizing ticketing and case management. Resilient's tools enhance security processes across various sectors.

Deployment

IBM Resilient's initial setup varies in complexity. Some find it straightforward and quick, especially with prior IBM QRadar knowledge, while others face challenges in complex environments. Deployment can range from a day to several months. On-premises installations are generally easy, but customization can be time-consuming. Organizations often rely on multiple people for deployment and maintenance. Issues such as compatibility, especially with Palo Alto, may arise, impacting the process for some teams.

Scalability

IBM Resilient is known for scalability, allowing script customization and integration with various apps. It accommodates varying company sizes and supports user expansion. Though some encounter challenges, particularly with expertise availability, many find it scalable, rating it as high as nine out of ten. Some experience onboarding issues that are resolved with support. It scales easily with infrastructure support, addressing the needs of both small businesses and large enterprises effectively.

Stability

IBM Resilient demonstrates high stability, consistently praised for its reliability, performance, and lack of bugs or crashes. Users appreciate its stability for load and user management, efficiently handling incidents with unlimited licenses. Some report past stability issues, resolved with updates. It requires occasional administrative oversight, particularly for updating playbooks. For on-premises deployments, stability is particularly noted when configured correctly. Most users rate its stability nine or ten out of ten.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our IBM Resilient Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

32%

Computer Software Company

11%

Manufacturing Company

Government

Marketing Services Firm

Energy/Utilities Company

Healthcare Company

Comms Service Provider

Real Estate/Law Firm

Educational Organization

Insurance Company

Retailer

Non Profit

University

Construction Company

Hospitality Company

Media Company

Wholesaler/Distributor

Consumer Goods Company

Aerospace/Defense Firm

Legal Firm

Mining And Metals Company

Transportation Company

Compare IBM Resilient with alternative products

Learn more about IBM Resilient

The Resilient IRP quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.