I use IBM Resilient in my company for incident response and management within our organization by temporarily integrating the tool with the firewall, considering the fact that it can block attacks after we automate many of the processes. IBM Resilient has helped streamline our company's cyber resilience and security operations, and it helps save time for our analysts. If someone else tries to take care of the aforementioned process manually and carry out investigations alone, then such a person may see that it is not an easy or simple task. The tool takes care of the tasks by itself, saving time for my company. The features of IBM Resilient that I found to be most effective for automating our company's security incident response processes stems from the ease of operations that the product provides ease of use in areas like workflows and playbooks, making it a product that ensures its users experience ease of development when using the tool. The product also offers a lot of integration capabilities, allowing users to use the tool in a customized manner, as everything can be integrated with the solution. The product's integration capabilities with other security tools have enhanced the incident response workflow since the integration part was easy to manage. Knowing the company's use cases and internal processes well enough can help its users identify what they want to protect and the projects they have, which in turn can make everything easy to handle in the tool. Our company has an engineer to take care of the maintenance of the product. In terms of the improvements I noticed in my organization's compliance or reporting since the implementation of IBM Resilient, we have complied with many standards, especially those related to our local controls. In terms of compliance, our organization was able to close many gaps. I recommend the tool to those who plan to use it. I rate the overall tool an eight out of ten.
Overall, I would rate IBM Resilient a seven out of ten. My advice to people who are considering using it is that unless you specifically want to use IBM, there are better alternatives available.
Senior ArcSight and IBM resileint (SOAR) administrator at a comms service provider with 1,001-5,000 employees
Real User
Top 5
2023-05-18T15:19:00Z
May 18, 2023
In general, we need to have some skills before working with IBM Resilient. You have to be aware of Python scripts, API and SOAR. Also, you have to be aware of instances and IR phases. If you are working for SOAR or IBM Resilient, you have to be aware of the skills, and if you are aware of the skills required, then it is easy to operate the tool. The simplicity of the tool is also attached to the tool's main functions. The vendor, the community, and the integration are things someone needs to compare between two vendors. If I compare IBM Resilient with FortiSOAR, then my opinion might change. It is good if I see a more powerful tool, even though I don't know the feature, as A SOAR tool. I rate the overall solution a seven out of ten.
I would rate the tool a seven out of ten. We have medium-based customers for the solution. You need to take the beginner’s course from IBM and follow the documentation to start using the tool.
As most solutions nowadays come with SOAR capabilities, I wouldn't recommend IBM Resilient. For example, when we were using IBM QRadar, it didn't have incident management features, so we had to integrate it with IBM SOAR to receive that functionality. It seemed as if IBM was trying to force customers to purchase another SIEM from them if they wanted to use SOAR. It would make more sense to have the SOAR and SIEM combined into a single solution like LogRhythm, Microsoft Sentinel, or Splunk. I rate IBM Resilient a six out of ten.
SOC Manager at a comms service provider with 5,001-10,000 employees
Real User
Top 10
2023-01-26T16:56:00Z
Jan 26, 2023
My company has not provided IBM Resilient to customers, but it proposed the solution to some. Right now, IBM Resilient is being implemented internally for the company. My company uses the latest product version. Based on its features and capabilities, my rating for IBM Resilient is a nine out of ten. Overall, as a solution, it's a nine. IBM Resilient requires enrollment from different teams in operations, implementation, etc., because the process involves more integrations and customizations. In the current environment, forty to fifty engineers enrolled part-time, with ten people full-time, and then another forty contribute from the operations side. I work in Telco, so the IBM Resilient project is enormous and requires a lot of infrastructure. It's been challenging resource-wise and time-wise. IBM Resilient, or any SOAR product, can be operated as a standalone product. Right now, my company hasn't observed any capacity limitations because it only has a limited number of users. Eventually, the company will add more users to IBM Resilient when it integrates the solution to the ticketing system that handles many people. My advice to anyone looking into using IBM Resilient is to find good resources to implement the solution, particularly one with experience in general IT, a product of the same type as IBM Resilient, and he should have some scripting and programming experience, mainly because IBM Resilient runs on Python programming. The implementer should have Python programming experience or at least general programming and scripting experience. My company is an end user of IBM.
I rate IBM Resilient a seven out of ten because the customization and integration could be improved. It needs more support metrics for integration and more flexibility in customizing the playbook. I recommend this product to others who are considering implementation.
Head - Global SOC at a tech services company with 201-500 employees
Real User
2021-06-29T09:18:51Z
Jun 29, 2021
We have a business partnership with IBM. I'm working with the latest version of the solution. I'm not sure which version number it is. I'd recommend the product to other users and companies. I'd rate the solution at a nine out of ten.
Cyber Security Consultant at a tech services company with 51-200 employees
Real User
2019-12-16T08:13:00Z
Dec 16, 2019
We use the on-premises deployment model. We are IBM resellers. The solution is limited, but it needs lots of development, especially when we talk about making actions with other security solutions. I'd recommend that users implement the solution with IBM Radar; otherwise, they'll face a lot of limitations. I'd rate the solution seven out of ten.
The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.
The Resilient IRP quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.
For smaller companies, I do not recommend using IBM Resilient. I'd rate the solution six out of ten.
I use IBM Resilient in my company for incident response and management within our organization by temporarily integrating the tool with the firewall, considering the fact that it can block attacks after we automate many of the processes. IBM Resilient has helped streamline our company's cyber resilience and security operations, and it helps save time for our analysts. If someone else tries to take care of the aforementioned process manually and carry out investigations alone, then such a person may see that it is not an easy or simple task. The tool takes care of the tasks by itself, saving time for my company. The features of IBM Resilient that I found to be most effective for automating our company's security incident response processes stems from the ease of operations that the product provides ease of use in areas like workflows and playbooks, making it a product that ensures its users experience ease of development when using the tool. The product also offers a lot of integration capabilities, allowing users to use the tool in a customized manner, as everything can be integrated with the solution. The product's integration capabilities with other security tools have enhanced the incident response workflow since the integration part was easy to manage. Knowing the company's use cases and internal processes well enough can help its users identify what they want to protect and the projects they have, which in turn can make everything easy to handle in the tool. Our company has an engineer to take care of the maintenance of the product. In terms of the improvements I noticed in my organization's compliance or reporting since the implementation of IBM Resilient, we have complied with many standards, especially those related to our local controls. In terms of compliance, our organization was able to close many gaps. I recommend the tool to those who plan to use it. I rate the overall tool an eight out of ten.
Overall, I would rate IBM Resilient a seven out of ten. My advice to people who are considering using it is that unless you specifically want to use IBM, there are better alternatives available.
After considering IBM QRadar, I rate IBM Resilient a seven out of ten.
I would definitely recommend IBM Resilient to others. Overall, I would rate it a nine out of ten.
I would definitely recommend the solution to those planning to use it. Overall, I rate the solution a ten out of ten.
In general, we need to have some skills before working with IBM Resilient. You have to be aware of Python scripts, API and SOAR. Also, you have to be aware of instances and IR phases. If you are working for SOAR or IBM Resilient, you have to be aware of the skills, and if you are aware of the skills required, then it is easy to operate the tool. The simplicity of the tool is also attached to the tool's main functions. The vendor, the community, and the integration are things someone needs to compare between two vendors. If I compare IBM Resilient with FortiSOAR, then my opinion might change. It is good if I see a more powerful tool, even though I don't know the feature, as A SOAR tool. I rate the overall solution a seven out of ten.
I would rate the tool a seven out of ten. We have medium-based customers for the solution. You need to take the beginner’s course from IBM and follow the documentation to start using the tool.
As most solutions nowadays come with SOAR capabilities, I wouldn't recommend IBM Resilient. For example, when we were using IBM QRadar, it didn't have incident management features, so we had to integrate it with IBM SOAR to receive that functionality. It seemed as if IBM was trying to force customers to purchase another SIEM from them if they wanted to use SOAR. It would make more sense to have the SOAR and SIEM combined into a single solution like LogRhythm, Microsoft Sentinel, or Splunk. I rate IBM Resilient a six out of ten.
I rate IBM Resilient eight out of 10.
My company has not provided IBM Resilient to customers, but it proposed the solution to some. Right now, IBM Resilient is being implemented internally for the company. My company uses the latest product version. Based on its features and capabilities, my rating for IBM Resilient is a nine out of ten. Overall, as a solution, it's a nine. IBM Resilient requires enrollment from different teams in operations, implementation, etc., because the process involves more integrations and customizations. In the current environment, forty to fifty engineers enrolled part-time, with ten people full-time, and then another forty contribute from the operations side. I work in Telco, so the IBM Resilient project is enormous and requires a lot of infrastructure. It's been challenging resource-wise and time-wise. IBM Resilient, or any SOAR product, can be operated as a standalone product. Right now, my company hasn't observed any capacity limitations because it only has a limited number of users. Eventually, the company will add more users to IBM Resilient when it integrates the solution to the ticketing system that handles many people. My advice to anyone looking into using IBM Resilient is to find good resources to implement the solution, particularly one with experience in general IT, a product of the same type as IBM Resilient, and he should have some scripting and programming experience, mainly because IBM Resilient runs on Python programming. The implementer should have Python programming experience or at least general programming and scripting experience. My company is an end user of IBM.
I rate IBM Resilient a seven out of ten because the customization and integration could be improved. It needs more support metrics for integration and more flexibility in customizing the playbook. I recommend this product to others who are considering implementation.
We have a business partnership with IBM. I'm working with the latest version of the solution. I'm not sure which version number it is. I'd recommend the product to other users and companies. I'd rate the solution at a nine out of ten.
I would rate the solution seven out of ten. It's an okay product, however, it needs more maturity.
This is a very useful tool, and I recommend it. I would rate IBM Resilient a six out of ten.
I would rate this solution an eight out of ten. Its price and technical support need improvement.
We use the on-premises deployment model. We are IBM resellers. The solution is limited, but it needs lots of development, especially when we talk about making actions with other security solutions. I'd recommend that users implement the solution with IBM Radar; otherwise, they'll face a lot of limitations. I'd rate the solution seven out of ten.