Try our new research platform with insights from 80,000+ expert users

IBM Resilient vs Palo Alto Networks Cortex XSOAR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Resilient
Ranking in Security Orchestration Automation and Response (SOAR)
13th
Average Rating
7.4
Reviews Sentiment
6.6
Number of Reviews
18
Ranking in other categories
Security Incident Response (3rd)
Palo Alto Networks Cortex X...
Ranking in Security Orchestration Automation and Response (SOAR)
2nd
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
46
Ranking in other categories
SOC as a Service (2nd)
 

Mindshare comparison

As of April 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of IBM Resilient is 2.1%, down from 2.7% compared to the previous year. The mindshare of Palo Alto Networks Cortex XSOAR is 11.0%, down from 12.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Usman Bhatti - PeerSpot reviewer
Simple deployment, scalable, but lacking third-party solution compatibility
Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution. It's worth noting that many third-party add-on applications needed to be purchased separately to integrate with IBM Resilient. While there were built-in applications available for incident remediation, the selection was limited. Additionally, integrating third-party applications was often a difficult and time-consuming process due to the technical complexity involved.
NikhilSharma2 - PeerSpot reviewer
Ability to multiple playbooks to fetch data from multiple firewalls and utomated several tasks, including vulnerability scans and SOCL (Security Orchestration, Automation
Recently, they started implementing microservices in XSOAR, which has improved quality and addressed previous issues. However, they should focus more on licensing costs. The user licensing fees are quite high. For example, I received a quote for XSOAR, and it was $12,000 per user per year. If you have a SOC team of 30 members/analysts, you're looking at a substantial expense. They should consider reducing these costs since this high pricing seems to be more about profit. So, there is room for improvement in the pricing. Moreover, the reporting and dashboard features are decent but could be improved. The user interface (UI) is quite heavy and takes time to load, which is a major drawback.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is simple to use and to integrate with IBM QRadar."
"IBM Resilient is scalable."
"The solution is easy to use."
"It's really simple and has a flexible interface."
"The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."
"It is a stable solution...It is a scalable solution."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"Its flexibility is the most valuable."
"I have found the solution very useful, it integrates well with other platforms."
"The product is quite easy to use."
"Cortex XSOAR's most valuable features are the playbooks, custom integration, the machine-learning model, and the layout, classifier, and mapper."
"The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
"The solution provides threat intelligence with EDR."
"The pricing is very good."
"The solution is easy to deploy."
"The most valuable feature is its capability to automate responses and collect information for any security event before you even delve into the details. It's a vast product with an active roadmap, so I'm satisfied with it for now. It's very efficient at data collection and correlation."
 

Cons

"The implementation could be a bit simpler."
"The integration could be improved so that it is easy to integrate with other solutions."
"IBM Resilient is quite complex, including its configuration."
"Integration with some devices, including Cisco PowerPower and certain antivirus products, has limitations."
"Its price needs improvement."
"The product must provide more integration with other tools."
"One thing to improve is how it handles data formats, which currently might require scripting for conversion to CSV before uploading."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"The dashboard performance could be improved."
"XSOAR could have more integration options."
"There should be an on-premise version available for customers to have different choices."
"The dashboard could be better."
"Palo Alto Networks Cortex XSOAR lacks to offer SIEM functionalities currently."
"The tool’s multi-tenancy feature must be improved."
"The complexity of Cortex XSOAR has a trade-off with its versatility. The deployment requires integration and the development of integration modules."
"The solution is very expensive."
 

Pricing and Cost Advice

"We could create unlimited users using the license we had purchased."
"There are no costs except for the support services that our company pays in addition to the licensing charges attached to the solution."
"Pricing for the solution is good, in my opinion."
"The cost of the product is quite high."
"There is a license you need to pay for in order to use this product."
"I feel it is an expensive product when my company pays annually for renewal, support, and follow-up."
"I would rate the tool’s pricing a three out of ten. The tool’s pricing is on a yearly basis."
"It is very expensive."
"When I first looked at Demisto, it had a price tag of $250,000 but when we finally purchased it, it was $345,000."
"Palo Alto offers significant discounts to customers who purchase the products repeatedly."
"There is a perception that it is priced very high compared to other solutions."
"The price of Palo Alto Networks Cortex XSOAR could be reduced. We are always looking for a discount. There is an annual license needed to use this solution."
"The solution's cost is high."
"The solution is based on an annual licensing model that is expensive."
"On a scale of one to ten, where one is a low price, and ten is a high price, I rate the pricing a nine."
"The solution is expensive."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
33%
Computer Software Company
11%
Manufacturing Company
9%
Government
8%
Financial Services Firm
15%
Computer Software Company
12%
Manufacturing Company
9%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about IBM Resilient?
It is a stable solution...It is a scalable solution.
What is your experience regarding pricing and costs for IBM Resilient?
I am not the one in charge of pricing, so I am not sure about the costs.
What needs improvement with IBM Resilient?
Integration with some devices, including Cisco PowerPower and certain antivirus products, has limitations.
What is your experience regarding pricing and costs for Palo Alto Networks Cortex XSOAR?
Even though customers often comment on the price, the potential savings come from managing a large number of security events with a limited number of analysts. This leads to economic advantages des...
What needs improvement with Palo Alto Networks Cortex XSOAR?
The complexity of Cortex XSOAR has a trade-off with its versatility. The product can be tailored for each deployment to respond to specific customer needs, and this complexity may be seen as a down...
 

Also Known As

No data available
Demisto Enterprise, Cortex XSOAR, Demisto
 

Overview

 

Sample Customers

Golden Living, Health Equity, USA Funds
Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT Cybersecurity
Find out what your peers are saying about IBM Resilient vs. Palo Alto Networks Cortex XSOAR and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.