We performed a comparison between Cortex XSIAM and Splunk SOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, CrowdStrike, Securonix Solutions and others in Identity Threat Detection and Response (ITDR)."Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."
"It is an effective solution in terms of performance and functionalities."
"It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution."
"The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency."
"It helps increase efficiency and productivity."
"Technical support is helpful."
"Scalability is the best feature of the solution."
"So far, the interface is very easy to use."
"I like the integration capabilities of Phantom. It has a lot of integrations with other products. Its searching methodologies are also good. It is also easy to understand and easy to create playbooks."
"It's pretty easy when it comes to setting up assets. If you want to fetch emails or call a REST API, you can set up an asset and grab that information."
"I have found all the security automation platform features of Splunk SOAR to be good. The Automation playbook development is highly useful."
"Splunk SOAR's quick response to incidents is the most valuable part."
"Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous."
"The support could be a bit faster."
"The solution’s pricing and technical support could be improved."
"The platform isn't very developer-friendly and it should provide more flexibility and ease."
"The UI can be more customizable for the clients."
"The scalability could be better."
"We've had trouble implementing the solution with Microsoft products. There seems to be an integration gap."
"In my opinion, the focus should be on improving its simplicity, specifically the interface, and configuration."
"We've run into a few minor issues. Some of the playbook writing is a bit complicated. We've had a few hiccups with the source control. We'd really like to use GitHub deployment keys for a dedicated account. We haven't been able to do that. I think those are some of the major ones."
"It would be ideal if we could automate processes even more."
"The application does not work properly and does not pass the log-based configuration. I feel that some kind of review should happen in the application. This review should validate things so that we can get the right information. Splunk does not tell us where the IP address is associated with."
"Splunk SOAR should improve its ease of upgrade, which is a pain point for us right now."
Cortex XSIAM is ranked 7th in Identity Threat Detection and Response (ITDR) with 4 reviews while Splunk SOAR is ranked 3rd in Security Orchestration Automation and Response (SOAR) with 30 reviews. Cortex XSIAM is rated 9.0, while Splunk SOAR is rated 8.0. The top reviewer of Cortex XSIAM writes "A robust security operation that ensures achieving automation, stability, and scalability". On the other hand, the top reviewer of Splunk SOAR writes "Takes most of the work away, but the time they take to implement new features is a little bit of concern". Cortex XSIAM is most compared with Palo Alto Networks Cortex XSOAR, Microsoft Sentinel, IBM Security QRadar, CrowdStrike Falcon and Exabeam Fusion SIEM, whereas Splunk SOAR is most compared with Palo Alto Networks Cortex XSOAR, ServiceNow Security Operations, Torq, Swimlane and Tines.
We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
