Their Zero Trust Analytics Platform (ZTAP) engine, which is kind of their correlation engine, is by far and away one of the best in the business. We can filter and utilize different lists to build out different alerts, such as, what to alert on and when not to alert. This engine helps reduce our number of alerts and false positives.
Top 8 Security Orchestration Automation and Response (SOAR) Tools
CRITICALSTARTSplunk PhantomPalo Alto Networks Cortex XSOARExabeamMcAfee ePolicy OrchestratorServiceNow Security OperationsIBM ResilientThreatConnect
I like the integration capabilities of Phantom. It has a lot of integrations with other products. Its searching methodologies are also good. It is also easy to understand and easy to create playbooks.
The pricing is very good.
The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work.
It's a very user-friendly product and it's a very comprehensive technology.
Exabeam's easy to use.
The security is a key feature and the console is very user friendly.
The graphical interface of the solution is its most valuable aspect.
My favorite feature is the application vulnerability scanner.
The solution is available over the cloud and is easy to manage.
The solution is very easy to use.
It's really simple and has a flexible interface.
ThreatConnect has a highly user-friendly interface.
The most valuable features are ease of use and the ability to customize it.