We performed a comparison between IBM Resilient and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."
"Stability-wise, I rate the solution a ten out of ten...Scalability-wise, I rate the solution a ten out of ten."
"As a whole, the product is stable...Technical support is very good."
"The solution is easy to use."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"It's really simple and has a flexible interface."
"The solution is reliable in our usage."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"Sentinel pricing is good"
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"IBM Resilient is quite complex, including its configuration."
"The tool needs to improve its documentation on license scripts."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"The product needs a bit more development."
"Its price needs improvement."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"The ability to analyze incidents needs to be improved in the solution."
"One thing to improve is how it handles data formats, which currently might require scripting for conversion to CSV before uploading."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"I would like Microsoft Sentinel to enhance its SOAR capabilities."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
IBM Resilient is ranked 8th in Security Orchestration Automation and Response (SOAR) with 17 reviews while Microsoft Sentinel is ranked 1st in Security Orchestration Automation and Response (SOAR) with 86 reviews. IBM Resilient is rated 7.6, while Microsoft Sentinel is rated 8.2. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, IBM Security QRadar and IBM Cloud Pak for Security, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Wazuh, Microsoft Defender for Cloud and Elastic Security. See our IBM Resilient vs. Microsoft Sentinel report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.