Try our new research platform with insights from 80,000+ expert users

Secureworks Red Cloak Threat Detection and Response [EOL] vs Splunk SOAR comparison

The compared Sophos and Splunk solutions aren't in the same category. Splunk is ranked #2 in SOAR , with an average rating of 8.3, and holds a 7.8% mindshare. Additionally, 100% of Sophos users are willing to recommend the solution, compared to 87% of Splunk users who would recommend it.
Splunk SOAR
Read 51 Splunk SOAR reviews
  • 4,588 Views
  • 3,533 Comparison Views
87% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Secureworks Red Cloak Threat Detection and Response [EOL] and Splunk SOAR based on real PeerSpot user reviews.

Find out what your peers are saying about ServiceNow, Proofpoint, Trellix and others in Security Incident Response.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Security Incident Response Report (Updated: December 2025).
Buyer's Guide
Security Incident Response
December 2025
Download the complete report
Helped 879,455 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Secureworks Red Cloak Threa...
Average Rating
8.0
Number of Reviews
1
Ranking in other categories
No ranking in other categories
Splunk SOAR
Average Rating
8.2
Reviews Sentiment
6.6
Number of Reviews
51
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (2nd)
 

Featured Reviews

reviewer1646754 - PeerSpot reviewer
reviewer1646754
Solutions Architect at a computer software company with 51-200 employees
Simple deployment with good reports and dashboard
In terms of what could be improved, there are a lot of things identified and there is a lot of continuous improvement. A lot of the things are of a short time frame and a lot are way out. There was a tuning process but nothing specifically to call out. As for what could be included in the next release, we are working on the basic feature set. There are probably some things that, as we move through it, we'll come across that are deficient but right now we are not that far along to know. I don't want to say that they could not do certain advancement. For example, there are some automated network response portions that we want to turn up, but we're not ready for that. I don't even know what the capabilities are there, but that's something that, probably in the next 24 months, we will move forward on.
Read full review
SS
Shiboo Suren
Manager cybersecurity at Hexion Inc.
Automates threat response and reduces investigation time but needs better threat intelligence integration
One thing that we would like to see with Splunk SOAR is the expandability to the threat intelligence feed. Currently, we have limited ingestion to the threat intelligence feed for the correlation purpose. We would like to see it being integrated, with license cost or without license cost, to leading threat intelligence sources such as Recorded Future, Feedly, or Flare. That is something we would appreciate having integrated. The second thing on the improvement side is about exposed credential-related information. If we start ingesting those data to Splunk SOAR or SIEM with some sort of integration with threat intelligence feed, that will also improve our detection and prediction method or help us with the investigation.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy."
"The customizable playbook is the most valuable aspect of the solution."
"Splunk SOAR has made a huge impact across security operations and the business overall."
"The most valuable features of Splunk SOAR are the easy integration with other solutions, including other Splunk solutions. The most important playbooks we need on the market come already on the Frontend. However, nowadays, Splunk changed its name, it's not Frontend anymore, it's Splunk Store. This is a very strong point."
"In terms of deployment, there were no issues. It was pretty seamless."
"The customization of the playbook in Splunk SOAR is very beneficial."
"In Splunk SOAR, I find the playbooks valuable. We get to create multiple playbooks, and within each playbook, there is a different type of investigation attached to it, which helps out an analyst or new analysts coming on board."
"Its ability to integrate with other systems and applications in our environment is pretty easy. Sometimes if we see any complexity we try to involve a consultant to help us. Everything is through the built-in app. Splunk can connect to any assets through the built-in app. It could be in a platform, firewalls, or endpoints. It's easy if it's an app integration."
"It's pretty easy when it comes to setting up assets. If you want to fetch emails or call a REST API, you can set up an asset and grab that information."
More Splunk SOAR pros
 

Cons

"There are some automated network response portions that we want to turn up."
"There are areas where Splunk SOAR can continue to improve, particularly regarding the synchronization of information, as sometimes it takes longer than other tools."
"Providing Splunk app developers and playbook developers Python Stub files so that way when they create custom code through their IDE, they can have IntelliCode suggestions."
"And most of the challenges that I have faced with the solution can be found in the documentation itself."
"The Splunk SOAR platform was not designed specifically for case management which is why this area needs improvement."
"We've had trouble implementing the solution with Microsoft products. There seems to be an integration gap."
"Creating playbooks using the solution’s playbook editor, for me, is very cumbersome. There have been instances where I have said to myself that I just don't want to use this editor. I might just use a code block and write my own code within it... The functionality in the playbook editor is 80 percent there, but that 20 percent is still lacking. They could make it more efficient."
"While there have been improvements to the investigation process, particularly with the playbook data, the current log review method is cumbersome."
"Unfortunately, not all of our analysts are iPhone users or iOS users. The mobile app is only supported on iOS. Our analysts who have Android do not have that benefit. That would be a nice thing to have so that we can have it across the board and not just for iOS."
More Splunk SOAR cons
 

Pricing and Cost Advice

Information not available
"Splunk SOAR is an expensive solution for an organization of our size."
"Splunk SOAR is more expensive compared to other options for SOAR."
"The licensing cost is reasonable."
"While I can't confirm the exact pricing, some colleagues have mentioned that Splunk SOAR may be on the costlier side."
"Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all the functions and tie together the data. It's the perfect tool for our needs."
"It's very overpriced because it is based on the number of users. There is no bulk licensing."
"I don't know the exact price, but for my region, it is very expensive."
"Splunk SOAR is moderately priced, neither cheap nor overly expensive."
More Splunk SOAR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
See recommendations
879,455 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
12%
Manufacturing Company
10%
Computer Software Company
10%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business12
Midsize Enterprise7
Large Enterprise31
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
See all answers
What is your experience regarding pricing and costs for Splunk Phantom?
I am familiar with the pricing aspect, setup cost, and licensing cost of Splunk SOAR, and it is pretty much similar to what industries are offering these days. We never had any issue when we had to...
See all answers
What needs improvement with Splunk Phantom?
The visibility of Splunk SOAR's playbook viewer is rather unclear to me; I wonder what the visibility is for. There are indeed some problems with integrating Splunk SOAR with other Splunk products ...
See all answers
 

Comparisons

No data available
Palo Alto Networks Cortex XSOAR vs Splunk SOAR Logo
Palo Alto Networks Cortex XSOAR vs Splunk SOAR
Compared 16% of the time
Fortinet FortiSOAR vs Splunk SOAR Logo
Fortinet FortiSOAR vs Splunk SOAR
Compared 11% of the time
ServiceNow Security Operations vs Splunk SOAR Logo
ServiceNow Security Operations vs Splunk SOAR
Compared 9% of the time
Tines vs Splunk SOAR Logo
Tines vs Splunk SOAR
Compared 8% of the time
Torq vs Splunk SOAR Logo
Torq vs Splunk SOAR
Compared 7% of the time
More Splunk SOAR Competitors
 

Product Reports

Buyer's Guide
Security Incident Response
December 2025
Secureworks Red Cloak Threat Detection and Response [EOL] reportDownload Secureworks Red Cloak Threat Detection and Response [EOL] product report
Buyer's Guide
Splunk SOAR
December 2025
Splunk SOAR reportDownload Splunk SOAR product report
 

Also Known As

Red Cloak Threat Detection and Response, Red Cloak TDR
Phantom
 

Overview

Dell is a part of the Dell Technologies family of brands. Dell Technologies is a unique family of businesses that provides the essential infrastructure for organizations to build their digital future, transform IT and protect their most important asset: information. The company services customers of all sizes across 180 countries – ranging from 98 percent of the Fortune 500 to individual consumers – with the industry's most comprehensive and innovative portfolio from the edge to the core to the cloud.

Sophos

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats. 

Go from overwhelmed to in-control

Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

Force multiply your team

Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

From 30 minutes to 30 seconds

Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

End-to-end security operations made easy

Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

Splunk
 

Sample Customers

Ricoh
Recorded Future, Blackstone
Buyer's Guide
Security Incident Response
December 2025
Download Free Report
Find out what your peers are saying about ServiceNow, Proofpoint, Trellix and others in Security Incident Response. Updated: December 2025.
DOWNLOAD NOW
879,455 professionals have used our research since 2012.

We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.