We performed a comparison between Cortex XSIAM and Splunk SOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, CrowdStrike, Securonix Solutions and others in Identity Threat Detection and Response (ITDR)."The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency."
"It is an effective solution in terms of performance and functionalities."
"It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution."
"Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."
"I like the integration capabilities of Phantom. It has a lot of integrations with other products. Its searching methodologies are also good. It is also easy to understand and easy to create playbooks."
"Workflow management is most valuable. It is easily customizable"
"The product’s integration with other Splunk products is valuable."
"The most valuable feature of Splunk SOAR is the automated playbooks, which saves analysts time."
"The most valuable feature is the risk-based access control."
"The tool's most valuable feature is its searchability and ease of action on the logs. I can easily search within the logs and take action on them, and I can trace them back to my environment because the way the logs are written is very helpful for us."
"The customizable playbook is the most valuable aspect of the solution."
"It has definitely saved a decent amount of time for our analysts so they can focus on other tasks."
"The platform isn't very developer-friendly and it should provide more flexibility and ease."
"The support could be a bit faster."
"Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous."
"The solution’s pricing and technical support could be improved."
"And most of the challenges that I have faced with the solution can be found in the documentation itself."
"We have playbooks written to extract these events and put them into the workflow since it wasn't structured as expected. It was a miss for us. We couldn't figure out why it broke or what actually happened there. It was something in this feed with legitimate and security events, so we tried to understand the names and what we would call them."
"It would be ideal if we could automate processes even more."
"We want to see improvements made to the APIs such that we can connect to many different systems and data sources."
"Splunk SOAR can improve IoT/OT security-related case studies or your use cases. Their integration with identity and access management (IAM) solutions is a bit shaky. They don't have good integration with a lot of IAM solutions. They do have good capability in terms of user access management internally, but even with privileged user access, they have a good module. However, if they have to integrate with solutions, such as CyberArk or IBM IAM solutions they are lacking, the visibility of user access is not that much."
"It could be easier to implement."
"The number of playbooks on offer should be increased."
"The technical support for the Splunk SIEM solution was average."
Cortex XSIAM is ranked 7th in Identity Threat Detection and Response (ITDR) with 4 reviews while Splunk SOAR is ranked 3rd in Security Orchestration Automation and Response (SOAR) with 32 reviews. Cortex XSIAM is rated 9.0, while Splunk SOAR is rated 8.0. The top reviewer of Cortex XSIAM writes "A robust security operation that ensures achieving automation, stability, and scalability". On the other hand, the top reviewer of Splunk SOAR writes "Takes most of the work away, but the time they take to implement new features is a little bit of concern". Cortex XSIAM is most compared with Palo Alto Networks Cortex XSOAR, Microsoft Sentinel, IBM Security QRadar, CrowdStrike Falcon and Exabeam Fusion SIEM, whereas Splunk SOAR is most compared with Palo Alto Networks Cortex XSOAR, ServiceNow Security Operations, Torq, Swimlane and Tines.
We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.