Try our new research platform with insights from 80,000+ expert users

IBM Resilient vs Splunk SOAR comparison

IBM and Splunk are both solutions in the Security Orchestration Automation and Response (SOAR) category. IBM is ranked #9 with an average rating of 7.5, while Splunk is ranked #3 with an average rating of 8.1. IBM holds a 2.9% mindshare in SOAR, compared to Splunk’s 8.8% mindshare. Additionally, 75% of IBM users are willing to recommend the solution, compared to 87% of Splunk users who would recommend it.
IBM Resilient
Read 18 IBM Resilient reviews
  • 1,650 Views
  • 1,036 Comparison Views
75% willing to recommend
Splunk SOAR
Read 43 Splunk SOAR reviews
  • 5,505 Views
  • 3,291 Comparison Views
87% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 4, 2024

IBM Resilient and Splunk SOAR are strong contenders in the SOAR market. IBM Resilient tends to excel in pricing and customer support, whereas Splunk SOAR is often seen as a more feature-rich platform, making it more attractive despite the higher cost.

Features: IBM Resilient is known for its incident response management and orchestration capabilities. Splunk SOAR offers comprehensive automation and advanced threat intelligence. Users generally find the feature set of Splunk SOAR to be more robust and versatile compared to IBM Resilient.

Room for Improvement: Users suggest IBM Resilient could benefit from enhanced reporting and analytics. Splunk SOAR could improve the complexity of its initial setup and its documentation. IBM Resilient's areas for growth are focused on augmenting analytical tools, while Splunk SOAR's challenges are more related to onboarding.

Ease of Deployment and Customer Service: IBM Resilient is often noted for its relatively straightforward deployment process and strong customer service. Splunk SOAR, while powerful, presents a steeper learning curve during deployment, and customer service experiences are more varied. Thus, IBM Resilient has the edge in deployment ease and support reliability.

Pricing and ROI: IBM Resilient is generally more affordable and presents a quicker ROI based on user feedback. Splunk SOAR's higher setup costs are offset by its advanced functionality, which justifies the price for many users in the long run. IBM Resilient is seen as cost-effective, but Splunk SOAR's long-term benefits may offer better overall value.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed IBM Resilient vs. Splunk SOAR Report (Updated: October 2024).
Buyer's Guide
IBM Resilient vs. Splunk SOAR
October 2024
Download the complete report
Helped 816,562 peers since 2012
 

Categories and Ranking

IBM Resilient
Ranking in Security Orchestration Automation and Response (SOAR)
9th
Average Rating
7.4
Reviews Sentiment
7.0
Number of Reviews
18
Ranking in other categories
Security Incident Response (3rd)
Splunk SOAR
Ranking in Security Orchestration Automation and Response (SOAR)
3rd
Average Rating
8.2
Reviews Sentiment
7.4
Number of Reviews
43
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of IBM Resilient is 2.9%, down from 3.0% compared to the previous year. The mindshare of Splunk SOAR is 8.8%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Usman Bhatti - PeerSpot reviewer
Simple deployment, scalable, but lacking third-party solution compatibility
Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution. It's worth noting that many third-party add-on applications needed to be purchased separately to integrate with IBM Resilient. While there were built-in applications available for incident remediation, the selection was limited. Additionally, integrating third-party applications was often a difficult and time-consuming process due to the technical complexity involved.
Read full review
Ryan Plas - PeerSpot reviewer
Offers playbook automation that helps reduce the manual and tedious work for users
When it comes to Splunk SOAR's ability to provide end-to-end visibility into our company's cloud-native environment, I would say that we are not using the cloud portions of it. I don't know if that's super relevant to what we are doing in our organization. I am 100 percent sure that Splunk SOAR helped reduce your mean time to resolve, but I don't have any metrics on hand but I know it has dramatically decreased. The tool has helped with the business resilience part. I think having it as a platform has been a solid portion of the product that we offer to people. Spunk SOAR has definitely saved my time in alert triage. When some of the tedious enrichment and lookup stuff happens, the analyst doesn't have to deal with such areas, and they can just jump in and see relevant data all in one pane of glass, which has been super helpful for speeding things up. The unified platform helps consolidate networking, security, and IT observability tools. The consolidation of tools impacts our organization as it just helps focus the SOC analyst on a single unified place to find information. It helps keep things streamlined and regular so they know where to look for certain stuff they want. It really helps people with training. It is a really easy tool to onboard people into because everything is right there in the product itself. The product is really great. I would love to see more SOAR innovation going into the tool, especially the on-premises version since it is what we use in our company. I feel the tool needs to encourage continuous improvements, but as a product itself, my company is really happy with the solution. I rate the tool an eight out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is very easy to use."
"Stability-wise, I rate the solution a ten out of ten...Scalability-wise, I rate the solution a ten out of ten."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"The integration with IBM SIM and the ability to block users during brute force attacks are particularly effective."
"IBM Resilient is scalable."
"The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."
"It's really simple and has a flexible interface."
"Its flexibility is the most valuable."
More IBM Resilient pros
"So far, the interface is very easy to use."
"The ability to automate Splunk SOAR and customize the playbook use cases is the most valuable feature and is very exciting for me."
"The best feature is the integration and the custom Python code that we can write. Splunk SOAR provides us with both of these capabilities, allowing us to integrate different security solutions with Splunk SOAR and take remediation actions directly on those security tools."
"The most valuable feature is the API connector, depending on how it's formatted and who made the actual app offering for it. The REST API is my favorite component. It's very easy to use. The filters are also really valuable. Those are the two primary features but I enjoy using the rest of it."
"Its ability to integrate with other systems and applications in our environment is pretty easy. Sometimes if we see any complexity we try to involve a consultant to help us. Everything is through the built-in app. Splunk can connect to any assets through the built-in app. It could be in a platform, firewalls, or endpoints. It's easy if it's an app integration."
"I have found all the security automation platform features of Splunk SOAR to be good. The Automation playbook development is highly useful."
"Splunk integrates with so many products. It provides us with good information for us to be able to do our jobs."
"Surprisingly, the mobile app is valuable because it is very convenient for our on-call analysts to respond and get alerted to security alerts and events wherever they are. We are able to harness the power of Splunk SOAR and everything that we are doing, and we are also able to alert our on-call analysts 24/7. From their mobile phone, they can respond to those alerts."
More Splunk SOAR pros
 

Cons

"The implementation could be a bit simpler."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"The product needs a bit more development."
"IBM Resilient is quite complex, including its configuration."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"The integration could be improved so that it is easy to integrate with other solutions."
"The response time of the support is an area of concern where improvements are required."
"Integration with some devices, including Cisco PowerPower and certain antivirus products, has limitations."
More IBM Resilient cons
"Splunk SOAR should improve its ease of upgrade, which is a pain point for us right now."
"The number of playbooks on offer should be increased."
"And most of the challenges that I have faced with the solution can be found in the documentation itself."
"It would be ideal for us if Splunk SOAR could integrate with Teams."
"I haven't used it fully, but based on my usage, I could not find simulation tools and features. It currently lacks simulation features, which are important for me for creating a playbook. It is also very expensive for my region."
"It would be ideal if we could automate processes even more."
"The UI can be more customizable for the clients."
"have put a number of ideas on the ideas.splunk.com site for feature requests for the Splunk SOAR product. I posted one of them about three years ago, which finally got implemented in the latest release that just got announced, so the time to implement new features and things like that is a little bit concerning."
More Splunk SOAR cons
 

Pricing and Cost Advice

"There is a license you need to pay for in order to use this product."
"There are no costs except for the support services that our company pays in addition to the licensing charges attached to the solution."
"We could create unlimited users using the license we had purchased."
"I feel it is an expensive product when my company pays annually for renewal, support, and follow-up."
"Pricing for the solution is good, in my opinion."
"It is very expensive."
"I would rate the tool’s pricing a three out of ten. The tool’s pricing is on a yearly basis."
"The cost of the product is quite high."
More IBM Resilient pricing and cost advice
"Splunk SOAR is more expensive compared to other options for SOAR."
"I don't know the exact price, but for my region, it is very expensive."
"It's very overpriced because it is based on the number of users. There is no bulk licensing."
"The licensing cost is reasonable."
"The cost is high and the licensing is on an annual basis."
"In my opinion, the price is high, but if you want good products, you have to be willing to pay for them."
"We renewed it this year. This year was the first time there was a dramatic increase in the price. It was kind of non-negotiable. It was just a high increase. We had internal communications, and it was definitely a surprise to us. In a short time frame, we renewed it this year. Prices are going up everywhere, but they are not always justifiable, at least not to our eyes. The pricing this year was definitely a big shock."
"Splunk SOAR is an expensive solution for an organization of our size."
More Splunk SOAR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
See recommendations
816,562 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
27%
Computer Software Company
13%
Government
10%
Manufacturing Company
9%
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
12%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about IBM Resilient?
It is a stable solution...It is a scalable solution.
See all answers
What is your experience regarding pricing and costs for IBM Resilient?
I am not the one in charge of pricing, so I am not sure about the costs.
See all answers
What needs improvement with IBM Resilient?
Integration with some devices, including Cisco PowerPower and certain antivirus products, has limitations.
See all answers
What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
See all answers
What is your experience regarding pricing and costs for Splunk Phantom?
I rate Splunk SOAR two out of 10 for affordability. Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all ...
See all answers
What needs improvement with Splunk Phantom?
The dashboard could be improved and some other features. SOAR should integrate network capabilities, allowing us to also monitor the WLAN network. Splunk is also expensive and difficult for beginne...
See all answers
 

Comparisons

Palo Alto Networks Cortex XSOAR vs IBM Resilient Logo
Palo Alto Networks Cortex XSOAR vs IBM Resilient
Compared 38% of the time
IBM Security QRadar vs IBM Resilient Logo
IBM Security QRadar vs IBM Resilient
Compared 15% of the time
ServiceNow Security Operations vs IBM Resilient Logo
ServiceNow Security Operations vs IBM Resilient
Compared 15% of the time
Fortinet FortiSOAR vs IBM Resilient Logo
Fortinet FortiSOAR vs IBM Resilient
Compared 7% of the time
Microsoft Sentinel vs IBM Resilient Logo
Microsoft Sentinel vs IBM Resilient
Compared 6% of the time
More IBM Resilient Competitors
Cortex XSIAM vs Splunk SOAR Logo
Cortex XSIAM vs Splunk SOAR
Compared 26% of the time
Palo Alto Networks Cortex XSOAR vs Splunk SOAR Logo
Palo Alto Networks Cortex XSOAR vs Splunk SOAR
Compared 20% of the time
ServiceNow Security Operations vs Splunk SOAR Logo
ServiceNow Security Operations vs Splunk SOAR
Compared 8% of the time
Tines vs Splunk SOAR Logo
Tines vs Splunk SOAR
Compared 7% of the time
Google Security Operations vs Splunk SOAR Logo
Google Security Operations vs Splunk SOAR
Compared 3% of the time
More Splunk SOAR Competitors
 

Product Reports

Buyer's Guide
IBM Resilient
November 2024
IBM Resilient reportDownload IBM Resilient product report
Buyer's Guide
Splunk SOAR
October 2024
Splunk SOAR reportDownload Splunk SOAR product report
 

Also Known As

No data available
Phantom
 

Learn More

Video not available
IBM
Splunk
 

Overview

The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.

The Resilient IRP quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats. 

Go from overwhelmed to in-control

Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

Force multiply your team

Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

From 30 minutes to 30 seconds

Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

End-to-end security operations made easy

Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

 

Sample Customers

Golden Living, Health Equity, USA Funds
Recorded Future, Blackstone
Buyer's Guide
IBM Resilient vs. Splunk SOAR
October 2024
Free Report: IBM Resilient vs. Splunk SOAR
Find out what your peers are saying about IBM Resilient vs. Splunk SOAR and other solutions. Updated: October 2024.
DOWNLOAD NOW
816,562 professionals have used our research since 2012.
See our IBM Resilient vs. Splunk SOAR report.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.