What do you like most about Splunk Phantom?

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats.  Go from overwhelmed to in-control Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business. Force multiply your team Orchestrate and automate repetitive tasks, investigation and response to...

Download Splunk SOAR Report Read more

Related Q&As

Apr 16, 2021

What are the main differences between Splunk Phantom and FireEye SOAR solutions

Sep 4, 2024

What is your experience regarding pricing and costs for Splunk Phantom?

Volodymyr-Savov Splunk BDM at Clicko · Answer 1 · 2024-02-02T09:23:00Z

Volodymyr-Savov

Splunk BDM at Clicko

Real User

Top 10

Feb 2, 2024

Splunk SOAR's quick response to incidents is the most valuable part.

score 0 · Answer 2 · 2023-12-01T10:42:00Z

Nagendra Nekkala.

Senior Manager ICT & at Bangalore International Airport Limited

Real User

Top 5Leaderboard

Dec 1, 2023

It helps increase efficiency and productivity.

reviewer2241480 SOAR PS Consultant at a tech vendor with 11-50 employees · Answer 3 · 2023-07-21T15:28:00Z

The ability to automate Splunk SOAR and customize the playbook use cases is the most valuable feature and is very exciting for me.

score 0 · Answer 4 · 2023-07-20T01:11:00Z

reviewer2239854

Cyber Security Architect at a financial services firm with 201-500 employees

Real User

Top 20

Jul 20, 2023

The most valuable feature of Splunk SOAR is the automated playbooks, which saves analysts time.

score 0 · Answer 5 · 2023-07-20T00:30:00Z

The most valuable feature is the API connector, depending on how it's formatted and who made the actual app offering for it. The REST API is my favorite component. It's very easy to use. The filters are also really valuable. Those are the two primary features but I enjoy using the rest of it.

score 0 · Answer 6 · 2023-07-19T01:32:00Z

reviewer2238954

Cybersecurity Analyst at a energy/utilities company with 10,001+ employees

Real User

Top 20

Jul 19, 2023

The product’s integration with other Splunk products is valuable.

Shubham Sinha. Sr. Principal Info Sec Analyst at Veritas Technologies LLC · Answer 7 · 2023-06-09T20:06:00Z

When you design a playbook, you can integrate multiple log sources and define rules... After that, the platform automatically compiles all these activities and, based on the results, the analyst only has to indicate whether the result is a true or false positive. That reduces the time and effort involved.

score 0 · Answer 8 · 2023-05-12T16:14:00Z

I like the way Splunk interacts with various systems via the API. The ability to integrate Splunk with our ticketing system has been an immense help because we can maintain our workflow while blending Splunk with our support desk and other ways that we track work.

Pulkit Thakur Data Engineering Sr Analyst at Accenture · Answer 9 · 2023-03-17T18:58:00Z

Pulkit Thakur

Data Engineering Sr Analyst at Accenture

Real User

Top 5

Mar 17, 2023

The solution’s dashboard is really good and customizable. It also has a good UI.

Adrian Mache Solution Architect at Vodafone · Answer 10 · 2023-02-23T15:24:00Z

AM

Adrian Mache

Solution Architect at Vodafone

Real User

Top 20

Feb 23, 2023

My understanding is the initial setup isn't too hard.

Srikanth Nuthalapati Software Engineering Manager at Deloitte · Answer 11 · 2023-01-30T10:43:04Z

The solution allows us to customize playbooks and incorporate custom code, allowing us to drag and drop elements while still writing code to build the integrations we need.

score 0 · Answer 12 · 2023-01-27T17:23:28Z

Siddharth Matalia

Senior Technical Specialist at a manufacturing company with 10,001+ employees

Real User

Top 5Leaderboard

Jan 27, 2023

The customizable playbook is the most valuable aspect of the solution.

Norman Freitag Account-Manager at Consist ITU Environmental Software GmbH · Answer 13 · 2022-08-12T12:06:36Z

NF

Norman Freitag

Account-Manager at Consist ITU Environmental Software GmbH

Real User

Aug 12, 2022

Technical support is helpful.

Tarun Singh Deputy Manager at HCL Technologies · Answer 14 · 2022-06-02T08:01:54Z

The most valuable feature of Splunk Phantom that stands out is it has a great SOAR. The automation and orchestration module is highly mature. A lot of use cases are on user entity and behavioral analytics (UEBA), which is artificial intelligence and machine learning-based (AIML).

score 0 · Answer 15 · 2022-04-11T12:26:57Z

I have found all the security automation platform features of Splunk Phantom to be good. The Automation playbook development is highly useful.

score 0 · Answer 16 · 2021-04-26T15:04:26Z

I like the integration capabilities of Phantom. It has a lot of integrations with other products.

Its searching methodologies are also good. It is also easy to understand and easy to create playbooks.

Hari Haran. Technical Associate at Positka · Answer 17 · 2021-01-22T22:52:15Z

Hari Haran.

Technical Associate at Positka

Real User

Top 5

Jan 22, 2021

The customization continues to be excellent.

score 0 · Answer 18 · 2020-08-23T08:17:28Z

it_user1404753

Senior Data Analyst at a financial services firm with 10,001+ employees

Real User

Aug 23, 2020

So far, the interface is very easy to use.

SubramanyaAM Technical Lead at Paladion Networks · Answer 19 · 2020-04-30T10:58:00Z

SA

SubramanyaAM

Technical Lead at Paladion Networks

Real User

Apr 30, 2020

Very flexible integration with other tools

Al Sedghi Chief Technology Officer at Globalnet Research Corporation · Answer 20 · 2020-02-12T17:16:43Z

AS

Al Sedghi

Chief Technology Officer at Globalnet Research Corporation

Reseller

Feb 12, 2020

The most valuable feature is the risk-based access control.