We performed a comparison between IBM Resilient and ServiceNow Security Operations based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution offers a lot of data on events. It helps us create specific detection strategies."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"Sentinel pricing is good"
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"Stability-wise, I rate the solution a ten out of ten...Scalability-wise, I rate the solution a ten out of ten."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"The UBA, User Behavior Analytics, is very good."
"The most valuable thing about it is how easy it is to navigate the user interface."
"It is a stable solution...It is a scalable solution."
"The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."
"It's really simple and has a flexible interface."
"The solution is reliable in our usage."
"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."
"My favorite feature is the application vulnerability scanner."
"The solution is stable."
"The ease of use is great."
"The product has a very simple UI."
"It's stable."
"The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."
"Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"The only thing is sometimes you can have a false positive."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The solution could be more user-friendly; some query languages are required to operate it."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The integration could be improved so that it is easy to integrate with other solutions."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"The product needs a bit more development."
"IBM Resilient could integrate better with my tools."
"The implementation could be a bit simpler."
"The tool needs to improve its documentation on license scripts."
"IBM Resilient is quite complex, including its configuration."
"The initial setup is complex."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
"We'd like customization to be easier in terms of the UI and using the dashboards."
"It doesn't interact with things very well."
"The product is called SecOps, but it is not security operations in terms of SIEM solutions."
"The initial setup is difficult."
"The threat intelligence module needs a better dashboard."
"There is room for improvement in terms of developer support and documentation."
"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."
More ServiceNow Security Operations Pricing and Cost Advice →
IBM Resilient is ranked 4th in Security Incident Response with 17 reviews while ServiceNow Security Operations is ranked 3rd in Security Incident Response with 14 reviews. IBM Resilient is rated 7.6, while ServiceNow Security Operations is rated 8.0. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of ServiceNow Security Operations writes "Mature with nice UI and customizable workflows". IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Fortinet FortiSOAR, IBM Security QRadar and IBM Cloud Pak for Security, whereas ServiceNow Security Operations is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, Fortinet FortiSOAR and ThreatConnect Threat Intelligence Platform (TIP). See our IBM Resilient vs. ServiceNow Security Operations report.
See our list of best Security Incident Response vendors and best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
