Cortex XSIAM vs Splunk SOAR comparison

Cancel
You must select at least 2 products to compare!
Palo Alto Networks Logo
156 views|106 comparisons
100% willing to recommend
Splunk Logo
6,537 views|3,915 comparisons
86% willing to recommend
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Cortex XSIAM and Splunk SOAR based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, CrowdStrike, Securonix Solutions and others in Identity Threat Detection and Response (ITDR).
To learn more, read our detailed Identity Threat Detection and Response (ITDR) Report (Updated: June 2024).
772,649 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency.""It is an effective solution in terms of performance and functionalities.""It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution.""Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."

More Cortex XSIAM Pros →

"I like the integration capabilities of Phantom. It has a lot of integrations with other products. Its searching methodologies are also good. It is also easy to understand and easy to create playbooks.""Workflow management is most valuable. It is easily customizable""The product’s integration with other Splunk products is valuable.""The most valuable feature of Splunk SOAR is the automated playbooks, which saves analysts time.""The most valuable feature is the risk-based access control.""The tool's most valuable feature is its searchability and ease of action on the logs. I can easily search within the logs and take action on them, and I can trace them back to my environment because the way the logs are written is very helpful for us.""The customizable playbook is the most valuable aspect of the solution.""It has definitely saved a decent amount of time for our analysts so they can focus on other tasks."

More Splunk SOAR Pros →

Cons
"The platform isn't very developer-friendly and it should provide more flexibility and ease.""The support could be a bit faster.""Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous.""The solution’s pricing and technical support could be improved."

More Cortex XSIAM Cons →

"And most of the challenges that I have faced with the solution can be found in the documentation itself.""We have playbooks written to extract these events and put them into the workflow since it wasn't structured as expected. It was a miss for us. We couldn't figure out why it broke or what actually happened there. It was something in this feed with legitimate and security events, so we tried to understand the names and what we would call them.""It would be ideal if we could automate processes even more.""We want to see improvements made to the APIs such that we can connect to many different systems and data sources.""Splunk SOAR can improve IoT/OT security-related case studies or your use cases. Their integration with identity and access management (IAM) solutions is a bit shaky. They don't have good integration with a lot of IAM solutions. They do have good capability in terms of user access management internally, but even with privileged user access, they have a good module. However, if they have to integrate with solutions, such as CyberArk or IBM IAM solutions they are lacking, the visibility of user access is not that much.""It could be easier to implement.""The number of playbooks on offer should be increased.""The technical support for the Splunk SIEM solution was average."

More Splunk SOAR Cons →

Pricing and Cost Advice
  • "In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate."
  • "The solution comes at a significant cost."
  • "The solution is expensive compared to its competitors."
  • "Since Palo Alto is trying to get as many new customers as possible, they're offering very competitive pricing."
  • More Cortex XSIAM Pricing and Cost Advice →

  • "I don't know the exact price, but for my region, it is very expensive."
  • "In my opinion, the price is high, but if you want good products, you have to be willing to pay for them."
  • "It's very overpriced because it is based on the number of users. There is no bulk licensing."
  • "Splunk SOAR is more expensive compared to other options for SOAR."
  • "The licensing cost is reasonable."
  • "When we first purchased our Splunk SOAR license, it was based on an event-count model. It was based on the number of events. I had strong opinions at the time that automation should not be stifled by the amount of automation you can accomplish, so the previous structure was not as beneficial for us. Later that year, we got told or saw at a conference that they announced user-based pricing. We are now in a renewal period, so we migrated to a user-based license model, which is more appropriate for us so that we no longer have to worry about stifling our automation based on the quantity."
  • "Splunk SOAR is an expensive solution for an organization of our size."
  • "The cost is high and the licensing is on an annual basis."
  • More Splunk SOAR Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Identity Threat Detection and Response (ITDR) solutions are best for your needs.
    772,649 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:It is an effective solution in terms of performance and functionalities.
    Top Answer:I would rate the solution's cost a six out of ten, where one is cheap, and ten is expensive.
    Top Answer:There is room for improvement in the support. It could be a bit faster.
    Top Answer:Splunk SOAR's quick response to incidents is the most valuable part.
    Top Answer:The cost is high and the licensing is on an annual basis.
    Top Answer:The cost of Splunk SOAR has room for improvement.
    Ranking
    Views
    156
    Comparisons
    106
    Reviews
    2
    Average Words per Review
    1,017
    Rating
    9.0
    Views
    6,537
    Comparisons
    3,915
    Reviews
    23
    Average Words per Review
    779
    Rating
    8.0
    Comparisons
    Also Known As
    Phantom
    Learn More
    Overview

    By design, XSIAM operates across both cloud and enterprise security operations, providing true end-to-end-management of threats, wherever they originate. While companies born in the cloud benefit from the scale and automation of XSIAM and the ease of integration with public cloud and SaaS telemetry, organizations with legacy SIEM deployments can seamlessly transition to XSIAM as the next-generation autonomous SOC platform.

    Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats. 

    Go from overwhelmed to in-control

    Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

    Force multiply your team

    Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

    From 30 minutes to 30 seconds

    Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

    End-to-end security operations made easy

    Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

    Sample Customers
    Information Not Available
    Recorded Future, Blackstone
    Top Industries
    VISITORS READING REVIEWS
    Manufacturing Company12%
    Computer Software Company11%
    Financial Services Firm9%
    Government7%
    REVIEWERS
    Financial Services Firm35%
    Computer Software Company18%
    University12%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Financial Services Firm14%
    Computer Software Company14%
    Government10%
    Manufacturing Company10%
    Company Size
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise17%
    Large Enterprise62%
    REVIEWERS
    Small Business29%
    Midsize Enterprise17%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise13%
    Large Enterprise69%
    Buyer's Guide
    Identity Threat Detection and Response (ITDR)
    June 2024
    Find out what your peers are saying about Microsoft, CrowdStrike, Securonix Solutions and others in Identity Threat Detection and Response (ITDR). Updated: June 2024.
    772,649 professionals have used our research since 2012.

    Cortex XSIAM is ranked 7th in Identity Threat Detection and Response (ITDR) with 4 reviews while Splunk SOAR is ranked 3rd in Security Orchestration Automation and Response (SOAR) with 32 reviews. Cortex XSIAM is rated 9.0, while Splunk SOAR is rated 8.0. The top reviewer of Cortex XSIAM writes "A robust security operation that ensures achieving automation, stability, and scalability". On the other hand, the top reviewer of Splunk SOAR writes "Takes most of the work away, but the time they take to implement new features is a little bit of concern". Cortex XSIAM is most compared with Palo Alto Networks Cortex XSOAR, Microsoft Sentinel, IBM Security QRadar, CrowdStrike Falcon and Exabeam Fusion SIEM, whereas Splunk SOAR is most compared with Palo Alto Networks Cortex XSOAR, ServiceNow Security Operations, Torq, Swimlane and Tines.

    We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.