Try our new research platform with insights from 80,000+ expert users

McAfee ePolicy Orchestrator vs Splunk SOAR comparison

McAfee and Splunk are both solutions in the Security Orchestration Automation and Response (SOAR) category. McAfee is ranked #10 with an average rating of 8.0, while Splunk is ranked #3 with an average rating of 8.1. McAfee holds a 0.7% mindshare in SOAR, compared to Splunk’s 8.8% mindshare. Additionally, 81% of McAfee users are willing to recommend the solution, compared to 87% of Splunk users who would recommend it.
McAfee ePolicy Orchestrator
Read 40 McAfee ePolicy Orchestrator reviews
  • 1,429 Views
  • 299 Comparison Views
81% willing to recommend
Splunk SOAR
Read 43 Splunk SOAR reviews
  • 5,505 Views
  • 3,291 Comparison Views
87% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 4, 2024

McAfee ePolicy Orchestrator and Splunk SOAR are both popular security management solutions. Splunk SOAR stands out as a superior product due to its extensive features, making it a worthwhile investment for many users.

Features: McAfee ePolicy Orchestrator users value its centralized management, comprehensive security policies, and favorable pricing. Splunk SOAR is praised for its automation, workflow capabilities, and extensive integrations.

Room for Improvement: McAfee ePolicy Orchestrator reviews suggest a need for better scalability, improved performance, and enhanced user interface. Splunk SOAR users desire enhanced documentation, quicker support responses, and improved user training.

Ease of Deployment and Customer Service: McAfee ePolicy Orchestrator has mixed reviews regarding its deployment, with users finding it complex but appreciating the customer support. Splunk SOAR is noted for a more straightforward deployment, but users think the support needs improvement.

Pricing and ROI: Users find McAfee ePolicy Orchestrator to have a favorable setup cost and ROI. Splunk SOAR, while more expensive, is seen as delivering good ROI due to its superior features.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed McAfee ePolicy Orchestrator vs. Splunk SOAR Report (Updated: October 2024).
Buyer's Guide
McAfee ePolicy Orchestrator vs. Splunk SOAR
October 2024
Download the complete report
Helped 816,562 peers since 2012
 

Categories and Ranking

McAfee ePolicy Orchestrator
Ranking in Security Orchestration Automation and Response (SOAR)
10th
Average Rating
8.0
Reviews Sentiment
7.5
Number of Reviews
40
Ranking in other categories
No ranking in other categories
Splunk SOAR
Ranking in Security Orchestration Automation and Response (SOAR)
3rd
Average Rating
8.2
Reviews Sentiment
7.4
Number of Reviews
43
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of McAfee ePolicy Orchestrator is 0.7%, down from 0.8% compared to the previous year. The mindshare of Splunk SOAR is 8.8%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

DavidJones7 - PeerSpot reviewer
Offers automation alert features with easy integrations and impressive scalability
I would rate the initial setup an eight out of ten. There are a few technical challenges with the deployment, but it can easily solved by an experienced professional but not by a beginner user of the tool. The complete implementation and migration to McAfee ePolicy Orchestrator will take around three months. If someone is using a software platform already with implemented use cases in their environment, it might be difficult to implement the same use cases when the customer is migrating to McAfee ePolicy Orchestrator. The conditions and prior alert settings needs to be accurate when migrating to McAfee ePolicy Orchestrator, otherwise false positive alerts might get generated.
Read full review
Ryan Plas - PeerSpot reviewer
Offers playbook automation that helps reduce the manual and tedious work for users
When it comes to Splunk SOAR's ability to provide end-to-end visibility into our company's cloud-native environment, I would say that we are not using the cloud portions of it. I don't know if that's super relevant to what we are doing in our organization. I am 100 percent sure that Splunk SOAR helped reduce your mean time to resolve, but I don't have any metrics on hand but I know it has dramatically decreased. The tool has helped with the business resilience part. I think having it as a platform has been a solid portion of the product that we offer to people. Spunk SOAR has definitely saved my time in alert triage. When some of the tedious enrichment and lookup stuff happens, the analyst doesn't have to deal with such areas, and they can just jump in and see relevant data all in one pane of glass, which has been super helpful for speeding things up. The unified platform helps consolidate networking, security, and IT observability tools. The consolidation of tools impacts our organization as it just helps focus the SOC analyst on a single unified place to find information. It helps keep things streamlined and regular so they know where to look for certain stuff they want. It really helps people with training. It is a really easy tool to onboard people into because everything is right there in the product itself. The product is really great. I would love to see more SOAR innovation going into the tool, especially the on-premises version since it is what we use in our company. I feel the tool needs to encourage continuous improvements, but as a product itself, my company is really happy with the solution. I rate the tool an eight out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The security is a key feature and the console is very user friendly."
"It is a highly scalable solution. Scalability-wise, I rate the solution a ten out of ten."
"The most valuable feature of the McAfee ePolicy Orchestrator is agent communication."
"The central management console is the solution's most valuable aspect."
"The initial setup is very easy."
"McAfee ePolicy Orchestrator's performance is good."
"It is a scalable solution...I rate its scalability a nine out of ten."
"The best part is management in McAfee ePolicy Orchestrator."
More McAfee ePolicy Orchestrator pros
"The customizable playbook is the most valuable aspect of the solution."
"So far, the interface is very easy to use."
"The playbooks are valuable. They are the core component. Being able to implement and build a code process to work through and scale out what we want to do is valuable."
"Scalability is the best feature of the solution."
"It helps increase efficiency and productivity."
"Before its use, analyzing each email would take at least 15 to 20 minutes, with some complex cases taking up to 30 minutes...With the automation provided by Splunk Phantom, we could significantly reduce the amount of time and human effort required to complete this task."
"The automation part of the product is great."
"In Splunk SOAR, I find the playbooks valuable. We get to create multiple playbooks, and within each playbook, there is a different type of investigation attached to it, which helps out an analyst or new analysts coming on board."
More Splunk SOAR pros
 

Cons

"We need to consolidate multiple features into one console. It would be beneficial to have all the important features on a single platform."
"The issues with the integration capabilities of the product, specifically the ones that are deployed on an on-premises model, need to be improved."
"There is a problem when it comes to agent communication and duplicate records, where the rebooting of a machine leads to the installation of a new agent and you get a lot of duplicate records that ultimately affect your compliance monitoring."
"The solution is difficult to tune to avoid false positives."
"The solution sometimes has some false positives on IP addresses, from the web control aspect of the product. This needs to be improved."
"The rollout to cover the online resources, such as SharePoint, One Drive, and Office 365 doesn't seem to have a very clear path."
"I would like to see McAfee reduce the amount of manual work required."
"McAfee ePolicy Orchestrator should improve its integration with other tools."
More McAfee ePolicy Orchestrator cons
"We have playbooks written to extract these events and put them into the workflow since it wasn't structured as expected. It was a miss for us. We couldn't figure out why it broke or what actually happened there. It was something in this feed with legitimate and security events, so we tried to understand the names and what we would call them."
"Creating playbooks using the solution’s playbook editor, for me, is very cumbersome. There have been instances where I have said to myself that I just don't want to use this editor. I might just use a code block and write my own code within it... The functionality in the playbook editor is 80 percent there, but that 20 percent is still lacking. They could make it more efficient."
"And most of the challenges that I have faced with the solution can be found in the documentation itself."
"The font used in the interface could be changed and made easier to read."
"I haven't used it fully, but based on my usage, I could not find simulation tools and features. It currently lacks simulation features, which are important for me for creating a playbook. It is also very expensive for my region."
"The number of playbooks on offer should be increased."
"It would be ideal for us if Splunk SOAR could integrate with Teams."
"Splunk's support for integration is subpar and has room for improvement."
More Splunk SOAR cons
 

Pricing and Cost Advice

"It is attractively priced. It is a fraction of what we're going to pay for CrowdStrike or SentinelOne, but it only has a fraction of the capabilities as well."
"McAfee ePolicy Orchestrator is a cheaply priced product, meaning it is not expensive since McAfee provides a free version of ePO, which includes phone support as well."
"This solution is priced in the mid-range."
"On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing a three out of ten."
"There is a license required to use this solution. If we use the additional components, such as DLP encryption, there is an additional cost. However, it is similar to a separate product altogether. If you want to use that or not, it is optional, but when you use it, it will cost you additional pricing."
"It's an expensive solution"
"$The price of McAfee ePolicy Orchestrator is expensive, it is approximately $6,000 to $9,000 per license annually."
"For large enterprise companies, the price should be alright, but for small businesses, the uptake might be slow because, for these clients, the price doesn't look very attractive."
More McAfee ePolicy Orchestrator pricing and cost advice
"The tool is not cheap."
"I don't know the exact price, but for my region, it is very expensive."
"We renewed it this year. This year was the first time there was a dramatic increase in the price. It was kind of non-negotiable. It was just a high increase. We had internal communications, and it was definitely a surprise to us. In a short time frame, we renewed it this year. Prices are going up everywhere, but they are not always justifiable, at least not to our eyes. The pricing this year was definitely a big shock."
"Splunk SOAR is an expensive solution for an organization of our size."
"Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all the functions and tie together the data. It's the perfect tool for our needs."
"In my opinion, the price is high, but if you want good products, you have to be willing to pay for them."
"The cost is high and the licensing is on an annual basis."
"I found the price of Splunk SOAR to be good."
More Splunk SOAR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
See recommendations
816,562 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Government
15%
Computer Software Company
12%
Financial Services Firm
10%
Manufacturing Company
10%
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
12%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Mcafee's MVision ePO or ePolicy Orchestrator?
Our organization ran comparison tests to determine whether Mcafee's MVision ePO or ePolicy Orchestrator network security software was the better fit for us. We decided to go with Mcafee's ePolicy O...
See all answers
What do you like most about McAfee ePolicy Orchestrator?
I like the solution's feasibility. McAfee ePolicy Orchestrator is also better and easier to use than other ePOs.
See all answers
What is your experience regarding pricing and costs for McAfee ePolicy Orchestrator?
I do not have exact pricing details, however, I would rate the price at a four out of ten overall. There may be some extra costs for support if you get it from a partner.
See all answers
What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
See all answers
What is your experience regarding pricing and costs for Splunk Phantom?
I rate Splunk SOAR two out of 10 for affordability. Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all ...
See all answers
What needs improvement with Splunk Phantom?
The dashboard could be improved and some other features. SOAR should integrate network capabilities, allowing us to also monitor the WLAN network. Splunk is also expensive and difficult for beginne...
See all answers
 

Comparisons

Microsoft Sentinel vs McAfee ePolicy Orchestrator Logo
Microsoft Sentinel vs McAfee ePolicy Orchestrator
Compared 49% of the time
More McAfee ePolicy Orchestrator Competitors
Cortex XSIAM vs Splunk SOAR Logo
Cortex XSIAM vs Splunk SOAR
Compared 26% of the time
Palo Alto Networks Cortex XSOAR vs Splunk SOAR Logo
Palo Alto Networks Cortex XSOAR vs Splunk SOAR
Compared 20% of the time
ServiceNow Security Operations vs Splunk SOAR Logo
ServiceNow Security Operations vs Splunk SOAR
Compared 8% of the time
Tines vs Splunk SOAR Logo
Tines vs Splunk SOAR
Compared 7% of the time
VMware Carbon Black Cloud vs Splunk SOAR Logo
VMware Carbon Black Cloud vs Splunk SOAR
Compared 1% of the time
More Splunk SOAR Competitors
 

Product Reports

Buyer's Guide
McAfee ePolicy Orchestrator
November 2024
McAfee ePolicy Orchestrator reportDownload McAfee ePolicy Orchestrator product report
Buyer's Guide
Splunk SOAR
October 2024
Splunk SOAR reportDownload Splunk SOAR product report
 

Also Known As

McAfee ePO, ePolicy Orchestrator, Intel Security ePolicy Orchestrator, McAfee MVISION ePO
Phantom
 

Learn More

McAfee
Splunk
 

Overview

McAfee ePolicy Orchestrator (McAfee ePO) is the most advanced, extensible, and scalable centralized security management software in the industry. Unifying security management through an open platform, McAfee ePO makes risk and compliance management simpler and more successful for organizations of all sizes.

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats. 

Go from overwhelmed to in-control

Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

Force multiply your team

Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

From 30 minutes to 30 seconds

Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

End-to-end security operations made easy

Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

 

Sample Customers

Brelje & Race, Cognizant, Sutherland Global Services, Eagle Rock Energy, Arab National Bank, Bank Central Asia, Kleberg Bank, Leading Mexican Bank, SF Police Credit Union, Macquarie Telecom, Seagate Technology, Blackburn & Darwen Council, California Department of Corrections & Rehabilitation, IRCEP, Major U.S. State Government, State of Alaska, State of Colorado, Cemex, Deutsche Edelstahlwerke
Recorded Future, Blackstone
Buyer's Guide
McAfee ePolicy Orchestrator vs. Splunk SOAR
October 2024
Free Report: McAfee ePolicy Orchestrator vs. Splunk SOAR
Find out what your peers are saying about McAfee ePolicy Orchestrator vs. Splunk SOAR and other solutions. Updated: October 2024.
DOWNLOAD NOW
816,562 professionals have used our research since 2012.
See our McAfee ePolicy Orchestrator vs. Splunk SOAR report.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.