We performed a comparison between Secureworks Red Cloak Threat Detection and Response [EOL] and Splunk SOAR based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy."
More Secureworks Red Cloak Threat Detection and Response [EOL] Pros →
"The most valuable features of Splunk SOAR are the easy integration with other solutions, including other Splunk solutions. The most important playbooks we need on the market come already on the Frontend. However, nowadays, Splunk changed its name, it's not Frontend anymore, it's Splunk Store. This is a very strong point."
"The automation part of the product is great."
"The most valuable feature is the API connector, depending on how it's formatted and who made the actual app offering for it. The REST API is my favorite component. It's very easy to use. The filters are also really valuable. Those are the two primary features but I enjoy using the rest of it."
"Technical support is helpful."
"Scalability is the best feature of the solution."
"The ability to automate Splunk SOAR and customize the playbook use cases is the most valuable feature and is very exciting for me."
"Splunk SOAR's quick response to incidents is the most valuable part."
"The tool's most valuable feature is its searchability and ease of action on the logs. I can easily search within the logs and take action on them, and I can trace them back to my environment because the way the logs are written is very helpful for us."
"There are some automated network response portions that we want to turn up."
More Secureworks Red Cloak Threat Detection and Response [EOL] Cons →
"SOAR is probably the most unreliable product Splunk has and that's because most of it is content driven from what you put into it. There are certain parts of it that have a little bit of difficulty at volume too. It's always changing. There is new stuff coming out for it that's going to make it a little bit better, but it does have some drawbacks."
"have put a number of ideas on the ideas.splunk.com site for feature requests for the Splunk SOAR product. I posted one of them about three years ago, which finally got implemented in the latest release that just got announced, so the time to implement new features and things like that is a little bit concerning."
"What we have seen is if the workflow gets halted or if we want to halt a workflow, it cannot be resumed."
"The UI can be more customizable for the clients."
"The number of playbooks on offer should be increased."
"Splunk's support for integration is subpar and has room for improvement."
"In the beginning, we couldn't find any specific documents for every function. It wasn't easy to navigate to what we needed."
"Portability is one thing that is currently lacking. The open-source product that I evaluated had portability. It would require a lot of development effort, but it will save the cost of rewriting all the playbooks."
Earn 20 points
Secureworks Red Cloak Threat Detection and Response [EOL] doesn't meet the minimum requirements to be ranked in Security Incident Response while Splunk SOAR is ranked 3rd in Security Orchestration Automation and Response (SOAR) with 32 reviews. Secureworks Red Cloak Threat Detection and Response [EOL] is rated 8.0, while Splunk SOAR is rated 8.0. The top reviewer of Secureworks Red Cloak Threat Detection and Response [EOL] writes "Simple deployment with good reports and dashboard". On the other hand, the top reviewer of Splunk SOAR writes "Takes most of the work away, but the time they take to implement new features is a little bit of concern". Secureworks Red Cloak Threat Detection and Response [EOL] is most compared with VMware Carbon Black Endpoint and Cisco SecureX, whereas Splunk SOAR is most compared with Palo Alto Networks Cortex XSOAR, Cortex XSIAM, ServiceNow Security Operations, Torq and Swimlane.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.