We performed a comparison between IBM Resilient and Swimlane based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The automation feature is valuable."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The solution is easy to use."
"This is a good solution that we recommend for customers."
"The most valuable thing about it is how easy it is to navigate the user interface."
"Its flexibility is the most valuable."
"The solution is simple to use and to integrate with IBM QRadar."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"The solution is very easy to use."
"It's really simple and has a flexible interface."
"The most valuable feature of the solution is the support."
"It provides us with a single portal for our logs from different solutions."
"The technical support from Swimlane is very good."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The product must provide more integration with other tools."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility."
"IBM Resilient is quite complex, including its configuration."
"The initial setup is complex."
"The ability to analyze incidents needs to be improved in the solution."
"The implementation could be a bit simpler."
"The integration could be improved so that it is easy to integrate with other solutions."
"The initial setup and deployment are complex."
"We faced a lot of issues with the product’s stability."
"The stability of the solution has room for improvement."
IBM Resilient is ranked 7th in Security Orchestration Automation and Response (SOAR) with 17 reviews while Swimlane is ranked 17th in Security Orchestration Automation and Response (SOAR) with 3 reviews. IBM Resilient is rated 7.6, while Swimlane is rated 7.6. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of Swimlane writes "Great support, scalable, and easier to code". IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, Fortinet FortiSOAR and Siemplify, whereas Swimlane is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Fortinet FortiSOAR, Tines and Siemplify. See our IBM Resilient vs. Swimlane report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.