Compare Palo Alto Network Cortex XSOAR vs. Splunk Phantom

Cancel
You must select at least 2 products to compare!
Find out what your peers are saying about Critical Start, Splunk, McAfee and others in Security Orchestration Automation and Response (SOAR). Updated: November 2020.
447,846 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"The most valuable features are simplicity and ease of integration.""The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."

More Palo Alto Network Cortex XSOAR Pros »

"The most valuable feature is the risk-based access control.""Very flexible integration with other tools""So far, the interface is very easy to use."

More Splunk Phantom Pros »

Cons
"Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners.""For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."

More Palo Alto Network Cortex XSOAR Cons »

"We want to see improvements made to the APIs such that we can connect to many different systems and data sources.""And most of the challenges that I have faced with the solution can be found in the documentation itself.""It would be ideal if we could automate processes even more."

More Splunk Phantom Cons »

Pricing and Cost Advice
"There is a perception that it is priced very high compared to other solutions.""From the cost perspective, I have heard that its price is a bit high as compared to other similar products."

More Palo Alto Network Cortex XSOAR Pricing and Cost Advice »

Information Not Available
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
447,846 professionals have used our research since 2012.
Questions from the Community
Top Answer: The most valuable features are simplicity and ease of integration.
Top Answer: There is a perception that it is priced very high compared to other solutions.
Top Answer: Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners. It has to be richer with respect to IoT. I expect that in future versions… more »
Top Answer: Very flexible integration with other tools
Top Answer: The solution is for our clients so we don't deal with the licensing aspect.
Top Answer: Phantom was only recently acquired by Splunk so it is not fully integrated yet. Our area of concern is that Splunk Phantom works with the other Splunk products. At this point, there are certain things… more »
Ranking
Views
10,442
Comparisons
8,926
Reviews
0
Average Words per Review
270
Avg. Rating
N/A
Views
8,918
Comparisons
7,585
Reviews
3
Average Words per Review
637
Avg. Rating
7.3
Popular Comparisons
Compared 12% of the time.
Compared 4% of the time.
Compared 3% of the time.
Also Known As
Demisto Enterprise, Cortex XSOAR, DemistoPhantom
Learn
Palo Alto Networks
Splunk
Overview

Demisto Enterprise delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence. More than 100+ integrations enable security orchestration workflows for incident management and other critical security operation tasks.

Phantom enables teams to work smarter by executing automated actions across their security infrastructure in seconds, versus hours or more if performed manually. Teams can codify workflows into Phantom’s automated playbooks using the visual editor (no coding required) or the integrated Python development environment. By offloading these repetitive tasks, teams can focus their attention on making the most mission-critical decisions.
Orchestration
Phantom is the connective tissue that lets existing security tools work better together. By connecting and coordinating complex workflows across the SOC’s team and tools, Phantom ensures that each part of the SOC’s layered defense is actively participating in a unified defense strategy. Powerful abstraction allows teams to focus on what they need to accomplish, while the platform translates that into tool-specific actions.
Incident Response
Phantom helps security teams investigate and respond to threats faster. Using Phantom’s automated detection, investigation, and response capabilities, teams can execute response actions at machine speed, reduce malware dwell time and lower their overall mean time to resolve (MTTR). And now with Phantom on Splunk Mobile, analysts can use their mobile device to respond to security incidents while on-the-go. Phantom’s event and case management functionality can further streamline security operations. Case-related data and activity are easily accessible from one central repository. It’s easy to chat with other team members about an event or case, and assign events and tasks to the appropriate team member.

Offer
Learn more about Palo Alto Network Cortex XSOAR
Learn more about Splunk Phantom
Sample Customers
Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT CybersecurityRecorded Future, Blackstone
Top Industries
VISITORS READING REVIEWS
Computer Software Company35%
Comms Service Provider18%
Media Company8%
Government6%
VISITORS READING REVIEWS
Computer Software Company37%
Comms Service Provider15%
Government7%
Media Company6%
Find out what your peers are saying about Critical Start, Splunk, McAfee and others in Security Orchestration Automation and Response (SOAR). Updated: November 2020.
447,846 professionals have used our research since 2012.

Palo Alto Network Cortex XSOAR is ranked 5th in Security Orchestration Automation and Response (SOAR) with 2 reviews while Splunk Phantom is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 3 reviews. Palo Alto Network Cortex XSOAR is rated 8.0, while Splunk Phantom is rated 7.4. The top reviewer of Palo Alto Network Cortex XSOAR writes "Very scalable, awesome automation, and awesome technical support". On the other hand, the top reviewer of Splunk Phantom writes "Good protocol flexibility and team collaboration for threat detection, but the API integration needs to be expanded". Palo Alto Network Cortex XSOAR is most compared with Fortinet FortiSOAR, ServiceNow Security Operations, IBM Resilient, Siemplify and Swimlane, whereas Splunk Phantom is most compared with IBM Resilient, ServiceNow Security Operations, Fortinet FortiSOAR, Swimlane and Siemplify.

See our list of best Security Orchestration Automation and Response (SOAR) vendors.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.