Try our new research platform with insights from 80,000+ expert users

Splunk SOAR vs Tines comparison

Splunk and Tines are both solutions in the Security Orchestration Automation and Response (SOAR) category. Splunk is ranked #3 with an average rating of 8.1, while Tines is ranked #12 with an average rating of 9.0. Splunk holds a 8.3% mindshare in SOAR, compared to Tines’s 5.5% mindshare. Additionally, 87% of Splunk users are willing to recommend the solution, compared to 100% of Tines users who would recommend it.
Splunk SOAR
Read 43 Splunk SOAR reviews
  • 5,110 Views
  • 3,052 Comparison Views
87% willing to recommend
Tines
Read 4 Tines reviews
  • 1,740 Views
  • 1,513 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 8, 2024

Splunk SOAR and Tines are products in the security automation category. Splunk SOAR leads in feature richness, while Tines stands out for simplicity and cost efficiency.

Features: Splunk SOAR provides extensive security orchestration and automation capabilities suitable for complex environments. Tines offers ease of automation and the ability to perform advanced tasks without coding, focusing on quick deployment and minimal training. Splunk SOAR's comprehensive feature set supports detailed incident response workflows, while Tines emphasizes a user-friendly interface with flexible, low-code automation options.

Ease of Deployment and Customer Service: Splunk SOAR requires more substantial setup suitable for larger teams handling complexity, along with in-depth support options. Tines is recognized for a lightweight deployment model with straightforward customer service, enabling faster adaptation and less overhead.

Pricing and ROI: Splunk SOAR often involves higher initial costs with substantial ROI through long-term improvements in security posture. Tines offers a cost-effective upfront model delivering rapid ROI by minimizing deployment times and associated expenses, making it pragmatic for budget-constrained entities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Splunk SOAR vs. Tines Report (Updated: December 2024).
Buyer's Guide
Splunk SOAR vs. Tines
December 2024
Download the complete report
Helped 831,020 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Splunk SOAR
Ranking in Security Orchestration Automation and Response (SOAR)
3rd
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
43
Ranking in other categories
No ranking in other categories
Tines
Ranking in Security Orchestration Automation and Response (SOAR)
12th
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
4
Ranking in other categories
Vulnerability Management (33rd), Threat Intelligence Platforms (20th), Endpoint Detection and Response (EDR) (42nd)
 

Mindshare comparison

As of January 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Splunk SOAR is 8.3%, down from 9.8% compared to the previous year. The mindshare of Tines is 5.5%, up from 3.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Shubham Sinha. - PeerSpot reviewer
Helped eliminate repetitive and redundant tasks, but custom functions and reporting need a lot of work
The visibility of the solution’s playbook viewer depends on the right you assign to the analyst. SOAR has the flexibility to distinguish between the roles of analyst and owner. If the analyst's role is to just work on a ticket, they cannot view the playbook design platform. That is limited to the owner. That can be both a good and bad thing. A major problem I have faced in SOAR's rights distribution is roles and responsibilities. Suppose I am initially granted user rights or analyst rights, but later on, I also get admin rights. SOAR is unable to amend the limitations of my role. I raised a support ticket with Splunk about this. They said it's a bug in their 5.3.5 version. To fix this, I had to reinstall the entire platform from scratch, just to amend the rights and responsibilities of one role. This bug was not fixed. Also, the latest GUI is terrible. The previous one was better. Another point is that while using Splunk SOAR in an investigation is not difficult, there are some complex parameters. We have SOAR case management, but the licensing is going to put a big hole in your pocket. Also, there is an issue with investigation node addition. When you are doing node additions you cannot grant the entire environment to have SOAR visibility into the incident. So when you integrate it with an ITSM tool, like ServiceNow or Jira for ticketing purposes, there is a challenge. When you do nodes for investigation on a regular basis, sometimes it does not update our ServiceNow platform, which is terrible. It is a redundant activity for an analyst to update that in the case management as well as in the ITSM tool. Although SOAR provides integration, the functionality of investigation and nodes is terrible when it comes to integration. An additional area for improvement is custom function creation. It's terrible. A newbie cannot create custom functions right away. They would require a solid understanding first. Also, the reporting is really awful. If I want to do a report for a customized time period, such as the last three days or the last four days, or from the 10th to the 12th of June, that is not available in SOAR at all. That kind of feature is available in Cortex XSOAR. Reporting is a real challenge.
Read full review
VikramSingh8 - PeerSpot reviewer
Automation simplifies workflows with no code and excellent support
Reporting and dashboards could be more advanced for deeper analysis. Tines has its own dashboard, which displays information like how many stories have been created and how many automations have taken place. However, the reporting and dashboard are not advanced; they are quite basic, with fewer customizable options. The look and feel of the dashboard could be enhanced. Another area for improvement is in terms of documentation, as every tool and company has its own knowledge base.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Surprisingly, the mobile app is valuable because it is very convenient for our on-call analysts to respond and get alerted to security alerts and events wherever they are. We are able to harness the power of Splunk SOAR and everything that we are doing, and we are also able to alert our on-call analysts 24/7. From their mobile phone, they can respond to those alerts."
"Scalability is the best feature of the solution."
"So far, the interface is very easy to use."
"My understanding is the initial setup isn't too hard."
"The product’s integration with other Splunk products is valuable."
"Before its use, analyzing each email would take at least 15 to 20 minutes, with some complex cases taking up to 30 minutes...With the automation provided by Splunk Phantom, we could significantly reduce the amount of time and human effort required to complete this task."
"The most valuable feature is the risk-based access control."
"We are not a 24/7 SOC, so the most valuable feature of Splunk SOAR is the auto-response to threats when we are not in the office and the notifications that it sends to the on-call engineer."
More Splunk SOAR pros
"The best advantage is the no-code automation, excellent customer support services, and ease of integration with other tools."
"One of the most valuable features is that it’s a low-code solution."
"The best thing is that it's no code, so it doesn't require coding knowledge."
"The tool was vendor-neutral."
 

Cons

"Splunk SOAR should improve its ease of upgrade, which is a pain point for us right now."
"I haven't had any issues with the solution so far."
"The dashboard could be improved and some other features. SOAR should integrate network capabilities, allowing us to also monitor the WLAN network. Splunk is also expensive and difficult for beginners to learn. It's hard for a new user to figure out how to visualize old threat data. It took two to three months to learn with hands-on experience how to use the dashboard, visualize events, and analyze threats."
"It would be ideal if we could automate processes even more."
"We've run into a few minor issues. Some of the playbook writing is a bit complicated. We've had a few hiccups with the source control. We'd really like to use GitHub deployment keys for a dedicated account. We haven't been able to do that. I think those are some of the major ones."
"There is a lot of room for improvement with the UI."
"In my opinion, the focus should be on improving its simplicity, specifically the interface, and configuration."
"In the beginning, we couldn't find any specific documents for every function. It wasn't easy to navigate to what we needed."
More Splunk SOAR cons
"They started implementing some AI, and their AI is isolated."
"Reporting and dashboards could be more advanced for deeper analysis."
"Tines was a little bit more expensive than Torq."
"Maybe Tines can add more features and demonstrations, like videos on how to use the features within the tool."
 

Pricing and Cost Advice

"I found the price of Splunk SOAR to be good."
"I don't know the exact price, but for my region, it is very expensive."
"It's very overpriced because it is based on the number of users. There is no bulk licensing."
"The licensing cost is reasonable."
"Splunk SOAR is an expensive solution for an organization of our size."
"We renewed it this year. This year was the first time there was a dramatic increase in the price. It was kind of non-negotiable. It was just a high increase. We had internal communications, and it was definitely a surprise to us. In a short time frame, we renewed it this year. Prices are going up everywhere, but they are not always justifiable, at least not to our eyes. The pricing this year was definitely a big shock."
"Splunk SOAR is more expensive compared to other options for SOAR."
"Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all the functions and tie together the data. It's the perfect tool for our needs."
More Splunk SOAR pricing and cost advice
Information not available
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
See recommendations
831,020 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
14%
Manufacturing Company
11%
Government
10%
Computer Software Company
16%
Financial Services Firm
13%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
See all answers
What is your experience regarding pricing and costs for Splunk Phantom?
I rate Splunk SOAR two out of 10 for affordability. Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all ...
See all answers
What needs improvement with Splunk Phantom?
The dashboard could be improved and some other features. SOAR should integrate network capabilities, allowing us to also monitor the WLAN network. Splunk is also expensive and difficult for beginne...
See all answers
What needs improvement with Tines?
Maybe Tines can add more features and demonstrations, like videos on how to use the features within the tool. For example, when you click on a feature, it could show a video link explaining how to ...
See all answers
What is your primary use case for Tines?
We use it for automations on the enterprise security aspect.
See all answers
What advice do you have for others considering Tines?
If someone needs tasks performed daily that can be automated between different systems, and if there's a cybersecurity or SOC analyst team, they can also use it by creating various API calls, setti...
See all answers
 

Comparisons

Cortex XSIAM vs Splunk SOAR Logo
Cortex XSIAM vs Splunk SOAR
Compared 27% of the time
Palo Alto Networks Cortex XSOAR vs Splunk SOAR Logo
Palo Alto Networks Cortex XSOAR vs Splunk SOAR
Compared 18% of the time
Fortinet FortiSOAR vs Splunk SOAR Logo
Fortinet FortiSOAR vs Splunk SOAR
Compared 8% of the time
Torq vs Splunk SOAR Logo
Torq vs Splunk SOAR
Compared 7% of the time
Swimlane vs Splunk SOAR Logo
Swimlane vs Splunk SOAR
Compared 7% of the time
More Splunk SOAR Competitors
Torq vs Tines Logo
Torq vs Tines
Compared 57% of the time
Palo Alto Networks Cortex XSOAR vs Tines Logo
Palo Alto Networks Cortex XSOAR vs Tines
Compared 8% of the time
Swimlane vs Tines Logo
Swimlane vs Tines
Compared 6% of the time
Blink Ops vs Tines Logo
Blink Ops vs Tines
Compared 5% of the time
ServiceNow Security Operations vs Tines Logo
ServiceNow Security Operations vs Tines
Compared 4% of the time
More Tines Competitors
 

Product Reports

Buyer's Guide
Splunk SOAR
December 2024
Splunk SOAR reportDownload Splunk SOAR product report
Buyer's Guide
Vulnerability Management
December 2024
Tines reportDownload Tines product report
 

Also Known As

Phantom
No data available
 

Learn More

Splunk
Tines
 

Overview

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats. 

Go from overwhelmed to in-control

Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

Force multiply your team

Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

From 30 minutes to 30 seconds

Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

End-to-end security operations made easy

Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

Tines automates manual security tasks, incident response workflows, and tool orchestration, enhancing efficiency by reducing repetitive processes and improving response times.

Users leverage Tines to automate complex security and incident response operations, integrating seamlessly with other platforms to streamline tasks. Its no-code automation capabilities and strong security features are particularly valued. While it enhances operational efficiency, users suggest improvements in customer support, documentation, and additional integration capabilities to overcome learning curve challenges. Some mention occasional latency issues and seek more customization, training resources, and clearer pricing structures. Enhanced scalability and detailed error logs are desired for smoother troubleshooting.

What are Tines' most important features?
  • Ease of Use: Intuitive workflows facilitate adoption without requiring coding knowledge.
  • Robust Integration: Supports integration with other platforms, boosting operational efficiency.
  • Security Features: Strong security measures ensure safe automation.
  • Detailed Documentation: Comprehensive guidelines help users adopt and operate effectively.
What benefits and ROI should users look for?
  • Increased Efficiency: Automates repetitive tasks, freeing up time for other activities.
  • Improved Response Times: Speeds up incident response workflows, minimizing downtime.
  • Simplified Operations: Streamlines complex processes without code, reducing operational overhead.
  • Enhanced Security: Maintains robust security while automating workflows.

In specific industries, Tines is implemented to automate security operations in sectors like finance, healthcare, and technology, where rapid incident response and integration with other platforms are crucial. Automating complex workflows without code is particularly beneficial in these fast-paced environments.

 

Sample Customers

Recorded Future, Blackstone
Information Not Available
Buyer's Guide
Splunk SOAR vs. Tines
December 2024
Free Report: Splunk SOAR vs. Tines
Find out what your peers are saying about Splunk SOAR vs. Tines and other solutions. Updated: December 2024.
DOWNLOAD NOW
831,020 professionals have used our research since 2012.
See our Splunk SOAR vs. Tines report.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.