IBM Resilient could integrate better with my tools.
IT Specialist at a government with 501-1,000 employees
It's a scalable cloud-based solution
Pros and Cons
- "IBM Resilient is scalable."
- "IBM Resilient could integrate better with my tools."
What needs improvement?
For how long have I used the solution?
I have used IBM Resilient for about six months.
What do I think about the scalability of the solution?
IBM Resilient is scalable.
Which solution did I use previously and why did I switch?
The company previously used Palo Alto Cortex XSOAR, but I didn't use it.
Buyer's Guide
IBM Resilient
November 2024
Learn what your peers think about IBM Resilient. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,562 professionals have used our research since 2012.
What other advice do I have?
I rate IBM Resilient eight out of 10.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cybersecurity incident response team lead at Information Technology Solutions- ITS
Stable and cost-effective
Pros and Cons
- "The most valuable thing about it is how easy it is to navigate the user interface."
- "It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
What is our primary use case?
I mainly use it for automating and simplifying incident response workflows, focusing on basic tasks in security orchestration.
What is most valuable?
IBM Resilient is an okay tool overall, and the most valuable thing about it is how easy it is to navigate the user interface.
What needs improvement?
I have found IBM Resilient lacking in integration capabilities, which can be frustrating. It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration. Also, the custom security features need improvement. Currently, it doesn't work well with many vendors, and there are compatibility issues, like not working with group IP. Also, keeping the platform up-to-date with patches, firewalls, security, and upgrades is crucial to avoid problems with deployments and conversions.
For how long have I used the solution?
I have been using IBM Resilient for almost three years.
What do I think about the stability of the solution?
I would rate it a nine out of ten in terms of stability. IBM Resilient is stable, especially for on-premises deployments when set up correctly. It is reliable because it focuses on its core role as a source for incident response without too many extra functions.
What do I think about the scalability of the solution?
I would rate the scalability a seven out of ten because it has a scalable architecture, but there is room for improvement in terms of expanding its capabilities and solutions.
How are customer service and support?
I have had several issues that required contacting the support team. I have had a positive experience with the support team, except when dealing with telecommunications-related issues. The support for customer integrations is decent. I would rate the support a seven out of ten.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup of IBM Resilient is somewhat difficult, particularly in complex environments, as it involves multiple components. It took one day to deploy.
What's my experience with pricing, setup cost, and licensing?
IBM Resilient is relatively affordable. It typically offers a yearly subscription, and I have a three-year license, which is cost-effective.
What other advice do I have?
Overall, I would rate IBM Resilient a seven out of ten. My advice to people who are considering using it is that unless you specifically want to use IBM, there are better alternatives available.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
IBM Resilient
November 2024
Learn what your peers think about IBM Resilient. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,562 professionals have used our research since 2012.
CEO at a tech services company with 11-50 employees
Streamlined processes with automation and integration but needs device compatibility improvements
Pros and Cons
- "The integration with IBM SIM and the ability to block users during brute force attacks are particularly effective."
- "Integration with some devices, including Cisco PowerPower and certain antivirus products, has limitations."
What is our primary use case?
The primary use case is automation.
How has it helped my organization?
The solution allows for seamless integration with other IBM products, like IBM SIM, which helps manage alerts and incidents more efficiently. This automation has improved response times and streamlined processes.
What is most valuable?
The integration with IBM SIM and the ability to block users during brute force attacks are particularly effective.
What needs improvement?
Integration with some devices, including Cisco PowerPower and certain antivirus products, has limitations.
For how long have I used the solution?
I have been using IBM Resilient for the past two years.
How are customer service and support?
They provide limited technical support, which may be based on our license. The response time could improve, and sometimes they defer issues to third parties.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
This is the first solution of its kind that I have used.
How was the initial setup?
The initial setup took three months.
What about the implementation team?
The implementation involved four plumbing engineers and was completed with the assistance of a consultant or reseller.
What's my experience with pricing, setup cost, and licensing?
I am not the one in charge of pricing, so I am not sure about the costs.
What other advice do I have?
For smaller companies, I do not recommend using IBM Resilient.
I'd rate the solution six out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Oct 16, 2024
Flag as inappropriateAdministrator at a university with 1,001-5,000 employees
Helpful incident response monitoring but the pricing and integration could be better
Pros and Cons
- "It's really simple and has a flexible interface."
- "The integration could be improved so that it is easy to integrate with other solutions."
What is our primary use case?
We are using this solution for research and to integrate it into security solutions on the platform.
What is most valuable?
It's really simple and has a flexible interface.
It has been helpful with incident response monitoring and has good security features.
What needs improvement?
The integration could be improved so that it is easy to integrate with other solutions.
We need better pricing. It is very expensive to facilitate the students for research purposes for one month.
For how long have I used the solution?
I have been using IBM Resilient for a few months.
We are using the latest version.
What do I think about the stability of the solution?
It's a stable solution.
What do I think about the scalability of the solution?
This product is scalable.
How are customer service and technical support?
We have not contacted technical support.
Which solution did I use previously and why did I switch?
We are using many other solutions for research purposes such as Red Connect, Rapid7, and Siemplify.
How was the initial setup?
The initial setup is straightforward.
It's simple to install and doesn't take very long to deploy.
What about the implementation team?
We researched the internet on how to install and use this solution. There is a lot of information available on the internet.
What's my experience with pricing, setup cost, and licensing?
It is very expensive.
I haven't purchased this solution yet, I downloaded the community version.
What other advice do I have?
This is a very useful tool, and I recommend it.
I would rate IBM Resilient a six out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
SOC Team Lead at IP Protocol INC
An easy-to-use and stable solution but needs to improve its documentation
Pros and Cons
- "The solution is easy to use."
- "The tool needs to improve its documentation on license scripts."
What is most valuable?
The solution is easy to use.
What needs improvement?
The tool needs to improve its documentation on license scripts.
For how long have I used the solution?
I have been working with the solution for two months.
What do I think about the stability of the solution?
The solution is stable. I would rate it a nine out of ten.
What do I think about the scalability of the solution?
The tool is scalable. I would rate the product’s scalability a nine out of ten.
How are customer service and support?
The tool’s support takes time to respond.
How would you rate customer service and support?
Positive
How was the initial setup?
The tool’s setup is easy. I would rate the solution’s setup a seven out of ten. The deployment took six months to complete. Our deployment team consisted of three engineers.
What's my experience with pricing, setup cost, and licensing?
I would rate the tool’s pricing a three out of ten. The tool’s pricing is on a yearly basis.
What other advice do I have?
I would rate the tool a seven out of ten. We have medium-based customers for the solution. You need to take the beginner’s course from IBM and follow the documentation to start using the tool.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
AGM, Enterprise Solutions at Omgea Exim Ltd
Easy to use with good stability but needs more documentation
Pros and Cons
- "The solution is very easy to use."
- "The product needs a bit more development."
What is our primary use case?
We have delivered a couple of Resilient solutions to our customers.
The product is primarily used for incident response automation and orchestration.
What is most valuable?
The solution is very easy to use.
It's a very stable product. The performance has been very good.
What needs improvement?
The product needs a bit more development.
We've had some compatibility issues that need to be resolved. There needs to be a bit more research done into that to figure out why it won't work. For example, my customer had some specific requirements, however, due to a lot of compatibility issues, some devices were not available to upgrade or add to the system. They say they are working on adding it to the solution, however, the compatibility still isn't available, and may not be for a while. They are unclear on the timelines.
We've had issues surrounding the deployment of the product.
The solution needs to try and develop more custom playbooks or documentation to help the customer with the initial setup.
Technical support is not pro-active enough and they take too long to provide solutions to problems.
The solution needs to have a physical deployment as well. It would be ideal if it wasn't just on the cloud.
For how long have I used the solution?
We have been selling the solution for the past three years at this point.
What do I think about the scalability of the solution?
There are some aspects of the solution that we can scale. There are certain things we can customize if we need to. We can also scale, for example, the number of actions per month. You can expand it if you need to.
Currently, we have six clients using the solution. These companies differ in size.
I personally have five team members in my organization who are supporting the customer in the support portal.
How are customer service and technical support?
We use the IBM support portal. The need to be much more proactive in supporting the customer. They don't necessarily ever say "this is not possible". Instead, they say "we are developing a solution". However, the process of developing a fix takes far too long. They need to be more aggressive in dealing with issues. Right now, sometimes it can take up to two to three months to resolve an issue, which is far too long.
I wouldn't say that we are satisfied with the level of service they provide.
How was the initial setup?
We've had issues with the setup process. We have Palo Alto, and for some reason, there isn't good compatibility.
That said, for the most part, the installation is fairly straightforward. It's not too complex.
We have five team members capable of handling implementations.
What about the implementation team?
We handle the implementation for our clients.
What's my experience with pricing, setup cost, and licensing?
The pricing is pretty good, however, the downside is that it is not a very mature product.
When a company needs a playbook, they have to create one, and then they have to pay someone for that service. However, it might be something that IBM could develop and template for others. They may be in the process of doing this already.
What other advice do I have?
I would rate the solution seven out of ten.
It's an okay product, however, it needs more maturity.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Country Manager at Magarah
Stable, but needs customization flexibility and better integration
Pros and Cons
- "This is a good solution that we recommend for customers."
- "This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility."
What is our primary use case?
Each customer will have different use cases for this solution. We develop use cases based on customer requirements and our technical team builds a playbook for the customer. Resilient is deployed on-premises.
What is most valuable?
This is a good solution that we recommend for customers.
What needs improvement?
This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility.
For how long have I used the solution?
I have been working with Resilient for over a year.
What do I think about the stability of the solution?
This solution is stable.
How are customer service and support?
The technical support is good.
How was the initial setup?
The installation is straightforward, but customization requires an understanding of programming as well as CTI integration. For implementation, I had a team of two engineers.
What about the implementation team?
I implemented through an in-house team.
What's my experience with pricing, setup cost, and licensing?
There is a license you need to pay for in order to use this product.
What other advice do I have?
I rate IBM Resilient a seven out of ten because the customization and integration could be improved. It needs more support metrics for integration and more flexibility in customizing the playbook. I recommend this product to others who are considering implementation.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Head - Global SOC at a tech services company with 201-500 employees
Stable, with good User Behaviour Analytics and has the ability to interlink offenses
Pros and Cons
- "The UBA, User Behavior Analytics, is very good."
- "The initial setup is complex."
What is our primary use case?
We basically use all of the basic functionality, including the entire MITRE ATT&CK tactics, et cetera.
What is most valuable?
The interlinking of the offenses is the most valuable aspect of the solution for us.
The UBA, User Behavior Analytics, is very good.
The solution has been stable so far. The performance is good.
The product can scale if you need it to. It's an easy process.
What needs improvement?
In terms of the whole analysis aspect, if we can get any additional information and ensure it's contextual information, that would be quite helpful to us.
The initial setup is complex.
For how long have I used the solution?
I've been using the solution for four years or so. It's been a while. I have a few years of experience with the product at this point.
What do I think about the stability of the solution?
The solution has been quite stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable and the performance is quite good.
What do I think about the scalability of the solution?
We have about 100 users on the solution right now. The solution is quite easy to scale. If a company needs to expand it, it can do so with relative ease.
How was the initial setup?
The initial setup is not straightforward or simple. It's quite complex. It can be difficult. The whole deployment, as well as the configuration, takes some work.
The deployment itself took about two months in total.
What about the implementation team?
We handled everything in-house. We didn't enlist the help of any consultants or integrators. Our team handled every aspect themselves.
What other advice do I have?
We have a business partnership with IBM.
I'm working with the latest version of the solution. I'm not sure which version number it is.
I'd recommend the product to other users and companies.
I'd rate the solution at a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free IBM Resilient Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
ServiceNow Security Operations
SECDO Platform
VMware Carbon Black Cloud
Buyer's Guide
Download our free IBM Resilient Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What are the pros and cons of internal SOC vs SOC-as-a-Service?
- What are the Top 5 cybersecurity trends in 2022?
- How do you decide about the alert severity in your Security Operations Center (SOC)?
- What is the difference between cyber resilience and business continuity?
- What is the difference between mitigation and remediation in incident response?
- What does the Log4j/Log4Shell vulnerability mean for your company?
- What is an incident response playbook and how is it used in SOAR?
- What tools and solutions do you use for automated incident response in an enterprise in 2022?
- What are the best practices for Security Operations Center (SOC)?
- What are the latest trends in Security Operations Center (SOC)?