We performed a comparison between IBM Resilient, Palo Alto Networks Cortex XSOAR, and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, IBM, ServiceNow and others in Security Incident Response."The solution is very easy to use."
"It's really simple and has a flexible interface."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"The most valuable thing about it is how easy it is to navigate the user interface."
"Stability-wise, I rate the solution a ten out of ten...Scalability-wise, I rate the solution a ten out of ten."
"As a whole, the product is stable...Technical support is very good."
"It is a stable solution...It is a scalable solution."
"I have found the solution very useful, it integrates well with other platforms."
"It has an extensive list of integrations that are available out of the box which makes it easy to start."
"For organizations that are stable with their security operations, like those with around 50 members in their security team running full-phased operations 24/7, Cortex is necessary."
"The most valuable feature is its capability to automate responses and collect information for any security event before you even delve into the details. It's a vast product with an active roadmap, so I'm satisfied with it for now. It's very efficient at data collection and correlation."
"It is quite scalable. I would rate it a ten out of ten."
"I chose Cortex XSOAR because the client also has Palo Alto firewalls. I can incorporate the data from the Palo Alto firewalls into Cortex and send it into the same data lake to manipulate that data. It lets me manage and monitor the data in one place."
"Its agility and scalability are valuable."
"It is a scalable solution."
"I found it very valuable as a whole. It is good at detecting anything and has kept us very safe. It is also very easy to use."
"It actually does some heuristics, and some behavioral analysis."
"You can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well."
"I rate Carbon Black CB Defense an eight out of ten for the ease of its initial setup."
"One of the most valuable features is that it will block vulnerable sites. If there was a connection between one of our devices to a known malware site, it will block it."
"It is a stable solution...The initial setup of VMware Carbon Black Endpoint was easy."
"The whole purpose of the product, like application control, is very good, and also if you need to update some policies, it works well and instantly."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"IBM Resilient is quite complex, including its configuration."
"The ability to analyze incidents needs to be improved in the solution."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"The integration could be improved so that it is easy to integrate with other solutions."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"Its price needs improvement."
"The initial setup is complex."
"There is room for improvement in support. The response time could be faster."
"The solution requires DV but does not support open-source DV elastic searches."
"The user interface could be a bit better."
"Palo Alto Networks Cortex XSOAR could improve the Panorama feature. We had to turn it off because it was not working properly."
"I would like to see Cortex become less dependent on Active Directory and group policies to manage the deployment. Maybe I need to update my understanding of how to deploy it, but that's the way I know how to use it."
"The price of the solution could be improved."
"Palo Alto Networks Cortex XSOAR could improve the look, feel, and management of the cloud console. Additionally, the user could be more easily integrated."
"Palo Alto Networks Cortex XSOAR lacks to offer SIEM functionalities currently."
"In our company, we also wanted to have network detection, like a host-based IDS on VMware Carbon Black Endpoint, but we did not get it."
"The product's reporting capabilities are an area of concern where improvements are required."
"The device control feature could also be compatible with the user’s profile as well."
"It would be nice to have additional forensic tools that you can build into the back end."
"In my company, we face issues sometimes when there is a need to write custom rules or we want to write for some rules that are different from the standard rules provided by the solution."
"Needs improvement in the area of infrastructure for on-premise installation."
"At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point."
"The pricing could be more reasonable."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →