We performed a comparison between Cortex XSIAM and Splunk SOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, CrowdStrike, Securonix Solutions and others in Identity Threat Detection and Response (ITDR)."It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution."
"It is an effective solution in terms of performance and functionalities."
"The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency."
"Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."
"Before its use, analyzing each email would take at least 15 to 20 minutes, with some complex cases taking up to 30 minutes...With the automation provided by Splunk Phantom, we could significantly reduce the amount of time and human effort required to complete this task."
"Splunk SOAR's quick response to incidents is the most valuable part."
"Scalability is the best feature of the solution."
"The most valuable feature is the risk-based access control."
"Our customers find it easy to conduct searches and consider it an excellent content management system."
"The best feature is the integration and the custom Python code that we can write. Splunk SOAR provides us with both of these capabilities, allowing us to integrate different security solutions with Splunk SOAR and take remediation actions directly on those security tools."
"When you design a playbook, you can integrate multiple log sources and define rules... After that, the platform automatically compiles all these activities and, based on the results, the analyst only has to indicate whether the result is a true or false positive. That reduces the time and effort involved."
"It's pretty easy when it comes to setting up assets. If you want to fetch emails or call a REST API, you can set up an asset and grab that information."
"The solution’s pricing and technical support could be improved."
"The support could be a bit faster."
"The platform isn't very developer-friendly and it should provide more flexibility and ease."
"Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous."
"We've had trouble implementing the solution with Microsoft products. There seems to be an integration gap."
"The tool's response is slower because it has to search through a huge dataset, which can be improved for latency."
"The UI can be more customizable for the clients."
"The algorithm and machine learning have room for improvement and can be more user-friendly."
"Portability is one thing that is currently lacking. The open-source product that I evaluated had portability. It would require a lot of development effort, but it will save the cost of rewriting all the playbooks."
"Creating playbooks using the solution’s playbook editor, for me, is very cumbersome. There have been instances where I have said to myself that I just don't want to use this editor. I might just use a code block and write my own code within it... The functionality in the playbook editor is 80 percent there, but that 20 percent is still lacking. They could make it more efficient."
"The number of playbooks on offer should be increased."
"Splunk's support for integration is subpar and has room for improvement."
Cortex XSIAM is ranked 7th in Identity Threat Detection and Response (ITDR) with 4 reviews while Splunk SOAR is ranked 3rd in Security Orchestration Automation and Response (SOAR) with 32 reviews. Cortex XSIAM is rated 9.0, while Splunk SOAR is rated 8.0. The top reviewer of Cortex XSIAM writes "A robust security operation that ensures achieving automation, stability, and scalability". On the other hand, the top reviewer of Splunk SOAR writes "Takes most of the work away, but the time they take to implement new features is a little bit of concern". Cortex XSIAM is most compared with Palo Alto Networks Cortex XSOAR, Microsoft Sentinel, IBM Security QRadar, CrowdStrike Falcon and Exabeam Fusion SIEM, whereas Splunk SOAR is most compared with Palo Alto Networks Cortex XSOAR, ServiceNow Security Operations, Torq, Swimlane and Tines.
We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.