We performed a comparison between IBM Resilient and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The machine learning and artificial intelligence on offer are great."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The initial setup is very simple and straightforward."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The solution is simple to use and to integrate with IBM QRadar."
"This is a good solution that we recommend for customers."
"The solution is very easy to use."
"IBM Resilient is scalable."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"The most valuable thing about it is how easy it is to navigate the user interface."
"The solution is reliable in our usage."
"As a whole, the product is stable...Technical support is very good."
"The Palo Alto ecosystem has a marketplace offering integration with Sentinel or other products."
"The product can automate security tasks."
"The repository of playbooks and the integration between Palo Alto and IBM QRadar are some useful features"
"It was useful as a ticketing tool."
"It is quite scalable. I would rate it a ten out of ten."
"We use the solution to automate our SIEM tools and incidents."
"The pricing is very good."
"It is a scalable solution. I would rate scalability a ten out of ten."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The on-prem log sources still require a lot of development."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"The initial setup is complex."
"The tool needs to improve its documentation on license scripts."
"The integration could be improved so that it is easy to integrate with other solutions."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"IBM Resilient could integrate better with my tools."
"The implementation could be a bit simpler."
"The product must provide more integration with other tools."
"One thing to improve is how it handles data formats, which currently might require scripting for conversion to CSV before uploading."
"With Palo Alto Networks Cortex XSOAR, managing its setup phase can be a complicated task."
"I would love to see more flexibility on what we can display and design on the dashboards."
"It is been decommissioned by Palo Alto."
"Palo Alto Networks Cortex XSOAR lacks to offer SIEM functionalities currently."
"The solution should be made a bit cheaper."
"The solution's correlation rules and playbooks should be improved."
"The solution is complicated to learn."
"It's only one cloud right now. It might be helpful for some companies to have an on-premies option."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
IBM Resilient is ranked 7th in Security Orchestration Automation and Response (SOAR) with 17 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews. IBM Resilient is rated 7.6, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". IBM Resilient is most compared with Splunk SOAR, ServiceNow Security Operations, Fortinet FortiSOAR, IBM Security QRadar and IBM Cloud Pak for Security, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and ServiceNow Security Operations. See our IBM Resilient vs. Palo Alto Networks Cortex XSOAR report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
