Security Orchestration, Automation, and Response (SOAR) Features

Read what people say are the most valuable features of the solutions they use.
SubramanyaAM says in a Splunk Phantom review
Technical Lead at Paladion Networks
The most valuable feature of Splunk is a very flexible integration with other tools. Compared to other products in the market, Splunk is very user friendly, and not very complicated. It integrates with most of the endpoints and that's a very positive side of the solution. There's no need to remember a lot of things and documentation is great. I really appreciate that aspect. Since it is cloud-based there is a lot of flexibility. And most of the challenges that I have faced with the solution can be found in the documentation itself. At this point, I'm very happy with the solution. There's nothing there that disturbs me. Security orchestration is a new emerging issue in the market. If I have to compare with other security orchestration tools, Splunk is a good solution. Many vendors have opted for Splunk because of easy usability and connectivity to radius devices. View full review »
reviewer1041465 says in an Exabeam review
Program Coordinator at a financial services firm with 10,001+ employees
The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it. It's good at security logging in our infrastructure but not really application logging. View full review »
Vineet Srivastava says in a Demisto Enterprise review
Director at Technosrpout
The most valuable features are simplicity and ease of integration. The documentation is fantastic. View full review »
reviewer1325718 says in an Exabeam review
Co-Founder, Director - Technology & Consulting at a tech services company with 11-50 employees
Valuable features are its timeline based analysis and that it's user friendly. Response from the platform itself is good which makes it easy to manage. The UI is also a good feature. View full review »
Sanjit Achary says in a McAfee ePolicy Orchestrator review
Senior Manager at a tech services company with 1,001-5,000 employees
I don't use the solution in a technical way, so the technical aspects of the solution I'm not clear on. The central management console is the solution's most valuable aspect. View full review »
reviewer1281699 says in a McAfee ePolicy Orchestrator review
Senior Consultant at a financial services firm with 10,001+ employees
The most valuable feature is the centralized management. From a single dashboard, I can take a look at several things including the endpoint protection, the file integrity section, the data activity monitor, and more. The dashboard is simple to use. View full review »
Al Sedghi says in a Splunk Phantom review
Chief Technology Officer at a tech consulting company with 51-200 employees
The most valuable feature is the risk-based access control. The team collaboration when it comes to detecting a threat is helpful. I like the fact that we can leverage the API to be able to establish a connection and share information across different repositories. The flexibility that it has when using different protocols, like TLP, for communicating, is fairly good. This solution supports the automated handling of phishing attempts through the collection of potentially malicious emails from end-users. It analyzes them, identifies threats, and assesses risk. View full review »
reviewer1247235 says in an IBM Resilient review
Cyber Security Consultant at a tech services company with 51-200 employees
The solution is simple to use and to integrate with IBM QRadar. IBM QRadar sends alerts, and Resilient takes action. View full review »
Technical Consultant / IT Architect at Alpha Data
The solution is available over the cloud and is easy to manage. A customer doesn't require much hardware infrastructure. There's virtual infrastructure on the cloud. Compared to in-house solutions and the maintenance required, it's quite good. View full review »
reviewer900120 says in an Exabeam review
IT Specialist at a tech services company with 51-200 employees
With E8, the advanced analytics has a really great overview of user behavior. I like the timeline feature the most. View full review »
reviewer1237686 says in a McAfee ePolicy Orchestrator review
Information System Security Coordinator at a comms service provider with 501-1,000 employees
The central manager policy is valuable. It means we have almost all client modules in one solution, which is great. Having firewall web control adapted for protection, and a very easy management console to monitor an infection is important. View full review »
Oliver Rodrigues says in a McAfee ePolicy Orchestrator review
Senior Network Security Planning at Ooredoo Kuwait
The most valuable features of this solution are the antivirus and the DLP. The interface, dashboard, and reporting are all very good. View full review »
JonathanChawatama says in a McAfee ePolicy Orchestrator review
IT Security Consultant at ZOL Zimbabwe
The most valuable feature of this solution is the ability to configure and deploy everything from a single, web-based interface. View full review »
Security Specialist at Perth Airport
Once you understand how to use it, it becomes easy to use. View full review »
informat758226 says in a McAfee ePolicy Orchestrator review
Information Security Analyst at a tech services company
We use McAfee Threat Prevention and McAfee Adaptive Threat Prevention for protection against viruses. There is also exploit-prevention support. The McAfee Web Control module is one of the best solutions to protect users from online threats. The features we use are: * DXL (Data Exchanger Layer) * Threat prevention * ATP (Adaptive Threat Protection) * Web Control * Firewall View full review »
Amman Khan Mohammed says in a McAfee ePolicy Orchestrator review
Senior System Engineer at a tech services company with 201-500 employees
It is protecting us from USB-based hazards like viruses. Previously it was only for blocking USBs. They have added more features, like network protection. Originally, we were only using it as a security platform to block USBs and as an antivirus product. But in the last six or seven months, we've been trying to enhance things and use more of the features in it. In that time we implemented data transfer protection, which allows transfer in one direction only. Users can copy from the PC to the USB but not from the USB to the PC. That way, if someone is carrying a virus on a USB, it will not be transferred to the PC. We also implemented read-only access to the secondary drives, the D drive, C drive, and E drive. View full review »
Umor Siddique says in a McAfee ePolicy Orchestrator review
System Engineer at Inbox Business Technologies
The DLP feature is great to have for our users. View full review »