We performed a comparison between IBM Resilient and Siemplify based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The UI of Sentinel is very good and easy to use, even for beginners."
"It has a lot of great features."
"It has basic out-of-the-box integrations with multiple log sources."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The solution is reliable in our usage."
"The most valuable thing about it is how easy it is to navigate the user interface."
"It's really simple and has a flexible interface."
"As a whole, the product is stable...Technical support is very good."
"It is a stable solution...It is a scalable solution."
"The solution is very easy to use."
"The solution is easy to use."
"The solution is simple to use and to integrate with IBM QRadar."
"The most valuable feature of Siemplify is the playbooks that can be created."
"The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user interface is generally straightforward, although recent changes may require some adjustment and Siemplify's integrations and capabilities offer potential support for various compliance requirements."
"Without hyperbole, I have never, in my entire career, encountered a vendor or a vendor community as awesome as Siemplify. Siemplify and the Siemplify Community quite literally made it possible for our SOC to increase almost five-fold in our number of clients and number of analysts and to go from a Monday to Friday 9-5 shop to a 24/7 shop all in the span of under a year and a half and all while continually adding capabilities and improving the services we offer to our clients."
"I think the number one area of improvement for Sentinel would be the cost."
"The on-prem log sources still require a lot of development."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility."
"IBM Resilient could integrate better with my tools."
"The product needs a bit more development."
"IBM Resilient is quite complex, including its configuration."
"Its price needs improvement."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"The initial setup is complex."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"I'm inclined to say that I'd love to see some Machine Learning capabilities integrated into the platform, however, I just attended a demo this morning where Siemplify gave a sneak peek into some Machine Learning capabilities that they are currently developing and have roadmapped for release soon."
"Building the playbooks could be easier and the integration could improve. It is a difficult process, such as what API connections need to be made."
"We often encounter minor issues that could be improved, but we maintain communication with the developers and submit feature requests. Recently, I requested enhancements such as improved search functionality within playbooks and expanded options for exporting case data."
IBM Resilient is ranked 7th in Security Orchestration Automation and Response (SOAR) with 17 reviews while Siemplify is ranked 16th in Security Orchestration Automation and Response (SOAR) with 3 reviews. IBM Resilient is rated 7.6, while Siemplify is rated 8.6. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of Siemplify writes "Great for reporting and ticketing for SOC MxDR client environments and has a great, supportive community". IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, Fortinet FortiSOAR and Swimlane, whereas Siemplify is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, Swimlane and Fortinet FortiSOAR. See our IBM Resilient vs. Siemplify report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.