We performed a comparison between IBM Resilient and ThreatConnect Threat Intelligence Platform (TIP) based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The product is very good at incident response."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"The solution is very easy to use."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."
"It is a stable solution...It is a scalable solution."
"Its flexibility is the most valuable."
"This is a good solution that we recommend for customers."
"The product automatically generated a threat score based on the maliciousness of an IP."
"It's a solid platform and is stable enough. It is not complicated and is easy to use."
"ThreatConnect has a highly user-friendly interface."
"The most valuable features are ease of use and the ability to customize it."
More ThreatConnect Threat Intelligence Platform (TIP) Pros →
"The product can be improved by reducing the cost to use AI machine learning."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"One thing to improve is how it handles data formats, which currently might require scripting for conversion to CSV before uploading."
"The product needs a bit more development."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"The integration could be improved so that it is easy to integrate with other solutions."
"The implementation could be a bit simpler."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility."
"The response time of the support is an area of concern where improvements are required."
"It would be good to have more feeds and more integrated sources for enrichment."
"I couldn’t get any training videos online when I was working with the tool."
"Integration is an area that could use some improvement."
"They should make it a little bit easier to generate events and share them with the community"
More ThreatConnect Threat Intelligence Platform (TIP) Cons →
More ThreatConnect Threat Intelligence Platform (TIP) Pricing and Cost Advice →
IBM Resilient is ranked 8th in Security Orchestration Automation and Response (SOAR) with 17 reviews while ThreatConnect Threat Intelligence Platform (TIP) is ranked 20th in Security Orchestration Automation and Response (SOAR) with 4 reviews. IBM Resilient is rated 7.6, while ThreatConnect Threat Intelligence Platform (TIP) is rated 8.0. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of ThreatConnect Threat Intelligence Platform (TIP) writes "The tool could be integrated into any environment, but it was expensive, and the deployment process was complex". IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, IBM Security QRadar and DFLabs IncMan SOAR, whereas ThreatConnect Threat Intelligence Platform (TIP) is most compared with Anomali ThreatStream, Recorded Future, ThreatQ, Palo Alto Networks Cortex XSOAR and Anomali Match. See our IBM Resilient vs. ThreatConnect Threat Intelligence Platform (TIP) report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
