Try our new research platform with insights from 80,000+ expert users

IBM Resilient vs Splunk SOAR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
8.7
IBM Resilient shows varied ROI, with some users seeing 80% time savings, while others need expertise or experience no return.
Sentiment score
6.6
Splunk SOAR offers ROI over time, with automation benefits, but challenges include setup time and measuring efficiency gains.
 

Customer Service

No sentiment score available
Sentiment score
7.1
Splunk SOAR's support is praised for responsiveness and resources, with improvements needed in telecom and IoT support areas.
 

Scalability Issues

Sentiment score
7.8
IBM Resilient is scalable and integrates easily with Python scripts, but onboarding challenges and expertise gaps can occur.
Sentiment score
7.1
Splunk SOAR is scalable and adaptable, performing well in various environments, despite some challenges with hardware and configuration.
 

Stability Issues

Sentiment score
8.2
IBM Resilient is praised for its high stability and effective management, with minor updates occasionally needed for optimal performance.
No sentiment score available
 

Room For Improvement

IBM Resilient needs improved integration, pricing, documentation, support, and advanced automation for better deployment and customization.
Splunk SOAR needs better integration, usability, documentation, and pricing, with limited customization, case management, and a missing Android app.
 

Setup Cost

IBM Resilient is often viewed as costly due to yearly licenses and additional support fees, averaging $120,000 annually.
Splunk SOAR uses a data-processed pricing model, offering volume discounts, with costs from $100,000 to $1 million.
 

Valuable Features

IBM Resilient offers user-friendly, scalable incident response with seamless QRadar integration, rich features, and dynamic playbooks for effective threat management.
Splunk SOAR enhances security operations with flexible integrations, efficient automation, customizable playbooks, robust analytics, and seamless third-party integration.
 

Categories and Ranking

IBM Resilient
Ranking in Security Orchestration Automation and Response (SOAR)
8th
Average Rating
7.4
Reviews Sentiment
6.9
Number of Reviews
18
Ranking in other categories
Security Incident Response (3rd)
Splunk SOAR
Ranking in Security Orchestration Automation and Response (SOAR)
3rd
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
43
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of December 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of IBM Resilient is 2.7%, down from 3.0% compared to the previous year. The mindshare of Splunk SOAR is 8.6%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Usman Bhatti - PeerSpot reviewer
Simple deployment, scalable, but lacking third-party solution compatibility
Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution. It's worth noting that many third-party add-on applications needed to be purchased separately to integrate with IBM Resilient. While there were built-in applications available for incident remediation, the selection was limited. Additionally, integrating third-party applications was often a difficult and time-consuming process due to the technical complexity involved.
Ryan Plas - PeerSpot reviewer
Offers playbook automation that helps reduce the manual and tedious work for users
When it comes to Splunk SOAR's ability to provide end-to-end visibility into our company's cloud-native environment, I would say that we are not using the cloud portions of it. I don't know if that's super relevant to what we are doing in our organization. I am 100 percent sure that Splunk SOAR helped reduce your mean time to resolve, but I don't have any metrics on hand but I know it has dramatically decreased. The tool has helped with the business resilience part. I think having it as a platform has been a solid portion of the product that we offer to people. Spunk SOAR has definitely saved my time in alert triage. When some of the tedious enrichment and lookup stuff happens, the analyst doesn't have to deal with such areas, and they can just jump in and see relevant data all in one pane of glass, which has been super helpful for speeding things up. The unified platform helps consolidate networking, security, and IT observability tools. The consolidation of tools impacts our organization as it just helps focus the SOC analyst on a single unified place to find information. It helps keep things streamlined and regular so they know where to look for certain stuff they want. It really helps people with training. It is a really easy tool to onboard people into because everything is right there in the product itself. The product is really great. I would love to see more SOAR innovation going into the tool, especially the on-premises version since it is what we use in our company. I feel the tool needs to encourage continuous improvements, but as a product itself, my company is really happy with the solution. I rate the tool an eight out of ten.
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
824,106 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
28%
Computer Software Company
13%
Government
11%
Manufacturing Company
9%
Computer Software Company
15%
Financial Services Firm
14%
Manufacturing Company
12%
Government
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about IBM Resilient?
It is a stable solution...It is a scalable solution.
What is your experience regarding pricing and costs for IBM Resilient?
I am not the one in charge of pricing, so I am not sure about the costs.
What needs improvement with IBM Resilient?
Integration with some devices, including Cisco PowerPower and certain antivirus products, has limitations.
What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
What is your experience regarding pricing and costs for Splunk Phantom?
I rate Splunk SOAR two out of 10 for affordability. Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all ...
What needs improvement with Splunk Phantom?
The dashboard could be improved and some other features. SOAR should integrate network capabilities, allowing us to also monitor the WLAN network. Splunk is also expensive and difficult for beginne...
 

Also Known As

No data available
Phantom
 

Learn More

Video not available
 

Overview

 

Sample Customers

Golden Living, Health Equity, USA Funds
Recorded Future, Blackstone
Find out what your peers are saying about IBM Resilient vs. Splunk SOAR and other solutions. Updated: December 2024.
824,106 professionals have used our research since 2012.