We performed a comparison between Cortex XSIAM and Splunk SOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, CrowdStrike, Securonix Solutions and others in Identity Threat Detection and Response (ITDR)."The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency."
"It is an effective solution in terms of performance and functionalities."
"Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."
"It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution."
"Workflow management is most valuable. It is easily customizable"
"Before its use, analyzing each email would take at least 15 to 20 minutes, with some complex cases taking up to 30 minutes...With the automation provided by Splunk Phantom, we could significantly reduce the amount of time and human effort required to complete this task."
"I have found all the security automation platform features of Splunk SOAR to be good. The Automation playbook development is highly useful."
"The most valuable feature is the risk-based access control."
"So far, the interface is very easy to use."
"The customization continues to be excellent."
"Very flexible integration with other tools"
"The tool's most valuable feature is its searchability and ease of action on the logs. I can easily search within the logs and take action on them, and I can trace them back to my environment because the way the logs are written is very helpful for us."
"The support could be a bit faster."
"The solution’s pricing and technical support could be improved."
"Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous."
"The platform isn't very developer-friendly and it should provide more flexibility and ease."
"And most of the challenges that I have faced with the solution can be found in the documentation itself."
"Splunk SOAR should improve its ease of upgrade, which is a pain point for us right now."
"The pricing could be a bit more reasonable. It would be great if it were feasible for smaller organizations."
"Splunk's support for integration is subpar and has room for improvement."
"Portability is one thing that is currently lacking. The open-source product that I evaluated had portability. It would require a lot of development effort, but it will save the cost of rewriting all the playbooks."
"We've run into a few minor issues. Some of the playbook writing is a bit complicated. We've had a few hiccups with the source control. We'd really like to use GitHub deployment keys for a dedicated account. We haven't been able to do that. I think those are some of the major ones."
"The tool's response is slower because it has to search through a huge dataset, which can be improved for latency."
"The algorithm and machine learning have room for improvement and can be more user-friendly."
Cortex XSIAM is ranked 7th in Identity Threat Detection and Response (ITDR) with 4 reviews while Splunk SOAR is ranked 3rd in Security Orchestration Automation and Response (SOAR) with 32 reviews. Cortex XSIAM is rated 9.0, while Splunk SOAR is rated 8.0. The top reviewer of Cortex XSIAM writes "A robust security operation that ensures achieving automation, stability, and scalability". On the other hand, the top reviewer of Splunk SOAR writes "Takes most of the work away, but the time they take to implement new features is a little bit of concern". Cortex XSIAM is most compared with Palo Alto Networks Cortex XSOAR, Microsoft Sentinel, IBM Security QRadar, CrowdStrike Falcon and Exabeam Fusion SIEM, whereas Splunk SOAR is most compared with Palo Alto Networks Cortex XSOAR, ServiceNow Security Operations, Torq, Swimlane and Tines.
We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
