Try our new research platform with insights from 80,000+ expert users

Exabeam vs Splunk SOAR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 4, 2024
 

Categories and Ranking

Exabeam
Ranking in Security Orchestration Automation and Response (SOAR)
8th
Average Rating
7.8
Reviews Sentiment
6.0
Number of Reviews
17
Ranking in other categories
Security Information and Event Management (SIEM) (12th), User Entity Behavior Analytics (UEBA) (2nd), Security Incident Response (5th), Threat Intelligence Platforms (8th), AI-Powered Cybersecurity Platforms (5th)
Splunk SOAR
Ranking in Security Orchestration Automation and Response (SOAR)
3rd
Average Rating
8.2
Number of Reviews
43
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Exabeam is 1.9%, down from 3.1% compared to the previous year. The mindshare of Splunk SOAR is 8.8%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Stephen-Armstrong - PeerSpot reviewer
Sep 11, 2024
The SIEM provides a user-friendly UI experience
I use Exabeam for it's end-to-end detection and it's user event behavioural Analytics, i find it a useful SIEM for investigating unusual behaviour by clicking into an incident from the main dashboard. From here we can go into the details of the incident, which are shown by the individual risk…
Ryan Plas - PeerSpot reviewer
Jun 12, 2024
Offers playbook automation that helps reduce the manual and tedious work for users
When it comes to Splunk SOAR's ability to provide end-to-end visibility into our company's cloud-native environment, I would say that we are not using the cloud portions of it. I don't know if that's super relevant to what we are doing in our organization. I am 100 percent sure that Splunk SOAR helped reduce your mean time to resolve, but I don't have any metrics on hand but I know it has dramatically decreased. The tool has helped with the business resilience part. I think having it as a platform has been a solid portion of the product that we offer to people. Spunk SOAR has definitely saved my time in alert triage. When some of the tedious enrichment and lookup stuff happens, the analyst doesn't have to deal with such areas, and they can just jump in and see relevant data all in one pane of glass, which has been super helpful for speeding things up. The unified platform helps consolidate networking, security, and IT observability tools. The consolidation of tools impacts our organization as it just helps focus the SOC analyst on a single unified place to find information. It helps keep things streamlined and regular so they know where to look for certain stuff they want. It really helps people with training. It is a really easy tool to onboard people into because everything is right there in the product itself. The product is really great. I would love to see more SOAR innovation going into the tool, especially the on-premises version since it is what we use in our company. I feel the tool needs to encourage continuous improvements, but as a product itself, my company is really happy with the solution. I rate the tool an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The UI was very clean."
"The ThreatHunter in Advanced Analytics is the most valuable. It helps analyze compromised assets and provides analysis for any entity within my client's environment."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"The solution's initial setup process is easy."
"The Exabeam SIEM has a user friendly UI interface."
"The platform is not extremely expensive compared to its direct competitors; I would rate its pricing around six out of ten."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"The solution's automation capabilities are great."
"Technical support is helpful."
"The customization continues to be excellent."
"The most valuable features are the Splunk SOAR apps and playbooks."
"I'm just a beginner on the solution and it's pretty easy for me to use."
"Splunk SOAR's quick response to incidents is the most valuable part."
"Splunk SOAR's extensive library of pre-built integrations allows it to connect with a vast array of popular security and IT applications, streamlining workflows across our existing security stack."
"The product’s integration with other Splunk products is valuable."
"Scalability is the best feature of the solution."
 

Cons

"Exabeam lacks customizable dashboards, which might be a limitation if visualization is a key requirement."
"Exabeam should be a bit faster, especially in loading and vulnerability scanning."
"The solution's reporting and dashboarding could be improved."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"We still have questions surrounding hardware deployment."
"Exabeam's reporting dashboard could have included a filtering option to filter by the most recent detection."
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"Exabeam needs to improve its adaptive nature towards rules and its capability to understand the entire client environment faster."
"The scalability could be better."
"We've run into a few minor issues. Some of the playbook writing is a bit complicated. We've had a few hiccups with the source control. We'd really like to use GitHub deployment keys for a dedicated account. We haven't been able to do that. I think those are some of the major ones."
"The solution must provide more AIOps to improve predictability."
"Splunk SOAR should improve its ease of upgrade, which is a pain point for us right now."
"SOAR is probably the most unreliable product Splunk has and that's because most of it is content driven from what you put into it. There are certain parts of it that have a little bit of difficulty at volume too. It's always changing. There is new stuff coming out for it that's going to make it a little bit better, but it does have some drawbacks."
"I haven't had any issues with the solution so far."
"The UI can be more customizable for the clients."
"The pricing could be a bit more reasonable. It would be great if it were feasible for smaller organizations."
 

Pricing and Cost Advice

"There is an annual license required to use Exabeam Fusion SIEM. The price of the solution should be reduced."
"Exabeam Fusion SIEM's pricing is reasonable."
"They have a great model for pricing that can be based either on user count or gigabits per day."
"The platform is not extremely expensive compared to its direct competitors; I would rate its pricing around six out of ten."
"The solution is expensive."
"Exabeam is not a cheap solution."
"We renewed it this year. This year was the first time there was a dramatic increase in the price. It was kind of non-negotiable. It was just a high increase. We had internal communications, and it was definitely a surprise to us. In a short time frame, we renewed it this year. Prices are going up everywhere, but they are not always justifiable, at least not to our eyes. The pricing this year was definitely a big shock."
"The licensing cost is reasonable."
"While I can't confirm the exact pricing, some colleagues have mentioned that Splunk SOAR may be on the costlier side."
"Splunk SOAR is more expensive compared to other options for SOAR."
"In my opinion, the price is high, but if you want good products, you have to be willing to pay for them."
"Splunk SOAR is an expensive solution for an organization of our size."
"It's very overpriced because it is based on the number of users. There is no bulk licensing."
"When we first purchased our Splunk SOAR license, it was based on an event-count model. It was based on the number of events. I had strong opinions at the time that automation should not be stifled by the amount of automation you can accomplish, so the previous structure was not as beneficial for us. Later that year, we got told or saw at a conference that they announced user-based pricing. We are now in a renewal period, so we migrated to a user-based license model, which is more appropriate for us so that we no longer have to worry about stifling our automation based on the quantity."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
12%
Manufacturing Company
9%
Government
7%
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
11%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What do you like most about Exabeam Fusion SIEM?
The solution's initial setup process is easy.
What is your experience regarding pricing and costs for Exabeam Fusion SIEM?
I do not have much information about the pricing. However, I am aware that Exabeam is cheaper than Palo Alto based on discussions in meetings.
What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
What is your experience regarding pricing and costs for Splunk Phantom?
I rate Splunk SOAR two out of 10 for affordability. Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all ...
What needs improvement with Splunk Phantom?
The dashboard could be improved and some other features. SOAR should integrate network capabilities, allowing us to also monitor the WLAN network. Splunk is also expensive and difficult for beginne...
 

Also Known As

No data available
Phantom
 

Learn More

 

Overview

 

Sample Customers

Hulu, ADP, Safeway, BBCN Bank
Recorded Future, Blackstone
Find out what your peers are saying about Exabeam vs. Splunk SOAR and other solutions. Updated: October 2024.
814,763 professionals have used our research since 2012.