We performed a comparison between IBM Resilient and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The UI-based analytics are excellent."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The analytic rule is the most valuable feature."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"This is a good solution that we recommend for customers."
"The most valuable thing about it is how easy it is to navigate the user interface."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"The product is very good at incident response."
"The solution is reliable in our usage."
"The solution is very easy to use."
"The solution is easy to use."
"It is a stable solution...It is a scalable solution."
"I chose Cortex XSOAR because the client also has Palo Alto firewalls. I can incorporate the data from the Palo Alto firewalls into Cortex and send it into the same data lake to manipulate that data. It lets me manage and monitor the data in one place."
"Many different playbooks are available and can be customized."
"I have found the solution very useful, it integrates well with other platforms."
"Its agility and scalability are valuable."
"The product’s stability is good."
"From the security team's standpoint, the solution has improved our organization's overall cybersecurity."
"We use the solution to automate our SIEM tools and incidents."
"The most valuable features of Palo Alto Networks Cortex XSOAR are its overall track record and features that fit our use case."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"The playbook is a bit difficult and could be improved."
"We'd like to see more connectors."
"Sentinel's reporting is complex and can be more user-friendly."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The product must provide more integration with other tools."
"The ability to analyze incidents needs to be improved in the solution."
"The implementation could be a bit simpler."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"The tool needs to improve its documentation on license scripts."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"The initial setup is complex."
"There is room for improvement in terms of the pricing model."
"They should provide integration with machine learning platforms."
"We need a little hands-on experience to install the solution."
"Palo Alto Networks Cortex XSOAR could improve the look, feel, and management of the cloud console. Additionally, the user could be more easily integrated."
"Palo Alto Networks Cortex XSOAR lacks to offer SIEM functionalities currently."
"The platform’s setup procedures could be streamlined compared to one of its competitors."
"In terms of improvement, it needs to be more modular. It's not. When you're working in layouts and you create specific apps within layouts, there's no portability right now in order to reuse that code across multiple layouts. I can't take a tab and say I want to use this tab on these other layouts. I have to physically go in there and recreate it from scratch, which is maddening."
"The tool’s multi-tenancy feature must be improved."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
IBM Resilient is ranked 7th in Security Orchestration Automation and Response (SOAR) with 17 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews. IBM Resilient is rated 7.6, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". IBM Resilient is most compared with Splunk SOAR, ServiceNow Security Operations, Fortinet FortiSOAR, IBM Security QRadar and IBM Cloud Pak for Security, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and ServiceNow Security Operations. See our IBM Resilient vs. Palo Alto Networks Cortex XSOAR report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.