Try our new research platform with insights from 80,000+ expert users

Splunk SOAR vs Tines comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 15, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Splunk SOAR
Ranking in Security Orchestration Automation and Response (SOAR)
3rd
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
47
Ranking in other categories
No ranking in other categories
Tines
Ranking in Security Orchestration Automation and Response (SOAR)
10th
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
4
Ranking in other categories
Threat Intelligence Platforms (TIP) (17th), AI-Powered Security Automation (1st)
 

Mindshare comparison

As of October 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Splunk SOAR is 7.7%, down from 8.0% compared to the previous year. The mindshare of Tines is 7.3%, up from 4.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR) Market Share Distribution
ProductMarket Share (%)
Splunk SOAR7.7%
Tines7.3%
Other85.0%
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Mack Scott - PeerSpot reviewer
Improves response time by consolidating tools and automating threat detection
I haven't gone too far into it to see anything that needs improvement yet. We can likely include some features related to the integration with on-premises resources, rather than focusing solely on the existing automation. These are the additional features that could be included in the future. Splunk's Unified Platform does help consolidate networking security and IT observability tools. They should integrate Splunk Enterprise Security better into Splunk Cloud.
VikramSingh8 - PeerSpot reviewer
Automation simplifies workflows with no code and excellent support
Reporting and dashboards could be more advanced for deeper analysis. Tines has its own dashboard, which displays information like how many stories have been created and how many automations have taken place. However, the reporting and dashboard are not advanced; they are quite basic, with fewer customizable options. The look and feel of the dashboard could be enhanced. Another area for improvement is in terms of documentation, as every tool and company has its own knowledge base.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of the solution is the playbook automation just because it allows us to reduce the manual actions that SOC has to handle."
"Surprisingly, the mobile app is valuable because it is very convenient for our on-call analysts to respond and get alerted to security alerts and events wherever they are. We are able to harness the power of Splunk SOAR and everything that we are doing, and we are also able to alert our on-call analysts 24/7. From their mobile phone, they can respond to those alerts."
"We are not a 24/7 SOC, so the most valuable feature of Splunk SOAR is the auto-response to threats when we are not in the office and the notifications that it sends to the on-call engineer."
"The most valuable feature is the risk-based access control."
"I like the integration capabilities of Phantom. It has a lot of integrations with other products. Its searching methodologies are also good. It is also easy to understand and easy to create playbooks."
"Splunk SOAR's extensive library of pre-built integrations allows it to connect with a vast array of popular security and IT applications, streamlining workflows across our existing security stack."
"The most valuable feature of Splunk SOAR is the automated playbooks, which saves analysts time."
"When you design a playbook, you can integrate multiple log sources and define rules... After that, the platform automatically compiles all these activities and, based on the results, the analyst only has to indicate whether the result is a true or false positive. That reduces the time and effort involved."
"The best advantage is the no-code automation, excellent customer support services, and ease of integration with other tools."
"The best thing is that it's no code, so it doesn't require coding knowledge."
"One of the most valuable features is that it’s a low-code solution."
"The tool was vendor-neutral."
 

Cons

"The UI can be more customizable for the clients."
"The scalability could be better."
"There are areas in Splunk SOAR that have room for improvement. To make Splunk SOAR a better solution, there could be better built-in debugging tools, smarter playbook suggestions, and enhanced lifecycle management."
"While support is available, the resources around Splunk SOAR are more homegrown by other users, and discovering different troubleshooting methods is harder to do with Splunk SOAR than with Enterprise Security or other Splunk services."
"While there have been improvements to the investigation process, particularly with the playbook data, the current log review method is cumbersome."
"The application does not work properly and does not pass the log-based configuration. I feel that some kind of review should happen in the application. This review should validate things so that we can get the right information. Splunk does not tell us where the IP address is associated with."
"I haven't had any issues with the solution so far."
"It could be easier to implement."
"Reporting and dashboards could be more advanced for deeper analysis."
"Tines was a little bit more expensive than Torq."
"Maybe Tines can add more features and demonstrations, like videos on how to use the features within the tool."
"They started implementing some AI, and their AI is isolated."
 

Pricing and Cost Advice

"I don't know the exact price, but for my region, it is very expensive."
"It's very overpriced because it is based on the number of users. There is no bulk licensing."
"I found the price of Splunk SOAR to be good."
"The cost is high and the licensing is on an annual basis."
"Splunk SOAR is an expensive solution for an organization of our size."
"Splunk SOAR is moderately priced, neither cheap nor overly expensive."
"Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all the functions and tie together the data. It's the perfect tool for our needs."
"The tool is not cheap."
Information not available
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
868,759 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Computer Software Company
11%
Manufacturing Company
10%
University
7%
Financial Services Firm
12%
Computer Software Company
9%
Manufacturing Company
8%
Healthcare Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise7
Large Enterprise28
No data available
 

Questions from the Community

What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
What is your experience regarding pricing and costs for Splunk Phantom?
I don't have experience with costs; management handles that aspect.
What needs improvement with Splunk Phantom?
I haven't gone too far into it to see anything that needs improvement yet. We can likely include some features related to the integration with on-premises resources, rather than focusing solely on ...
What needs improvement with Tines?
Reporting and dashboards could be more advanced for deeper analysis. Tines has its own dashboard, which displays information like how many stories have been created and how many automations have ta...
What is your primary use case for Tines?
I am Vikram Singh, I work for top service based multinational brand and I am responsible for delivering Tines services. Essentially, I am working on it, and I am leading one of the source services ...
What advice do you have for others considering Tines?
When you start working with Tines, ensure you pursue the Tines certifications. They offer these free certifications when they become your partner. Overall, I would rate Tines a nine out of ten.
 

Comparisons

 

Also Known As

Phantom
No data available
 

Overview

 

Sample Customers

Recorded Future, Blackstone
Information Not Available
Find out what your peers are saying about Splunk SOAR vs. Tines and other solutions. Updated: September 2025.
868,759 professionals have used our research since 2012.