We performed a comparison between Cyware Security Orchestration Layer and IBM Resilient based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The features that stand out are the detection engine and its integration with multiple data sources."
"Sentinel pricing is good"
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The technical support team is helpful."
"As a whole, the product is stable...Technical support is very good."
"The solution is reliable in our usage."
"The most valuable thing about it is how easy it is to navigate the user interface."
"The product is very good at incident response."
"The solution is simple to use and to integrate with IBM QRadar."
"Its flexibility is the most valuable."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"There is room for improvement in entity behavior and the integration site."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"The prices must be reduced."
"The response time of the support is an area of concern where improvements are required."
"The product needs a bit more development."
"The product must provide more integration with other tools."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"The ability to analyze incidents needs to be improved in the solution."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"The implementation could be a bit simpler."
"IBM Resilient could integrate better with my tools."
Cyware Security Orchestration Layer is ranked 21st in Security Orchestration Automation and Response (SOAR) with 1 review while IBM Resilient is ranked 7th in Security Orchestration Automation and Response (SOAR) with 17 reviews. Cyware Security Orchestration Layer is rated 9.0, while IBM Resilient is rated 7.6. The top reviewer of Cyware Security Orchestration Layer writes "A stable solution with excellent features and a helpful technical support team". On the other hand, the top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". Cyware Security Orchestration Layer is most compared with , whereas IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, Fortinet FortiSOAR and IBM Security QRadar.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.