We just raised a $30M Series A: Read our story

IBM Resilient OverviewUNIXBusinessApplication

IBM Resilient is #2 ranked solution in top Security Incident Response tools and #6 ranked solution in SOAR tools. IT Central Station users give IBM Resilient an average rating of 8 out of 10. IBM Resilient is most commonly compared to Palo Alto Networks Cortex XSOAR: IBM Resilient vs Palo Alto Networks Cortex XSOAR. The top industry researching this solution is Computer Software Company, accounting for 31% of all views.
What is IBM Resilient?

The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.

The Resilient IRP quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.

Buyer's Guide

Download the Security Incident Response Buyer's Guide including reviews and more. Updated: October 2021

IBM Resilient Customers

Golden Living, Health Equity, USA Funds

IBM Resilient Video

Pricing Advice

What users are saying about IBM Resilient pricing:
  • "It is very expensive."

IBM Resilient Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Md Saiful Hyder
AGM, Enterprise Solutions at Omgea Exim Ltd
MSP
Top 5Leaderboard
Easy to use with good stability but needs more documentation

Pros and Cons

  • "The solution is very easy to use."
  • "The product needs a bit more development."

What is our primary use case?

We have delivered a couple of Resilient solutions to our customers.

The product is primarily used for incident response automation and orchestration.

What is most valuable?

The solution is very easy to use.

It's a very stable product. The performance has been very good.

What needs improvement?

The product needs a bit more development.

We've had some compatibility issues that need to be resolved. There needs to be a bit more research done into that to figure out why it won't work. For example, my customer had some specific requirements, however, due to a lot of compatibility issues, some devices were not available to upgrade or add to the system. They say they are working on adding it to the solution, however, the compatibility still isn't available, and may not be for a while. They are unclear on the timelines.

We've had issues surrounding the deployment of the product.

The solution needs to try and develop more custom playbooks or documentation to help the customer with the initial setup.

Technical support is not pro-active enough and they take too long to provide solutions to problems.

The solution needs to have a physical deployment as well. It would be ideal if it wasn't just on the cloud.

For how long have I used the solution?

We have been selling the solution for the past three years at this point.

What do I think about the scalability of the solution?

There are some aspects of the solution that we can scale. There are certain things we can customize if we need to. We can also scale, for example, the number of actions per month. You can expand it if you need to.

Currently, we have six clients using the solution. These companies differ in size.

I personally have five team members in my organization who are supporting the customer in the support portal.

How are customer service and technical support?

We use the IBM support portal. The need to be much more proactive in supporting the customer. They don't necessarily ever say "this is not possible". Instead, they say "we are developing a solution". However, the process of developing a fix takes far too long. They need to be more aggressive in dealing with issues. Right now, sometimes it can take up to two to three months to resolve an issue, which is far too long.

I wouldn't say that we are satisfied with the level of service they provide. 

How was the initial setup?

We've had issues with the setup process. We have Palo Alto, and for some reason, there isn't good compatibility.

That said, for the most part, the installation is fairly straightforward. It's not too complex.

We have five team members capable of handling implementations.

What about the implementation team?

We handle the implementation for our clients.

What's my experience with pricing, setup cost, and licensing?

The pricing is pretty good, however, the downside is that it is not a very mature product.

When a company needs a playbook, they have to create one, and then they have to pay someone for that service. However, it might be something that IBM could develop and template for others. They may be in the process of doing this already.

What other advice do I have?

I would rate the solution seven out of ten.

It's an okay product, however, it needs more maturity.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
ITCS user
Cyber Security Consultant at a tech services company with 51-200 employees
Real User
Top 5Leaderboard
Simple to use and integrates with IBM QRadar, but the configuration Need lot of hard work

Pros and Cons

  • "The solution is simple to use and to integrate with IBM QRadar."
  • "The implementation could be a bit simpler."

What is our primary use case?

We've integrated the solution with IBM QRadar. We collect data and analyze it. We then send the results to IBM QRadar for action through IBM Resilience. It allows us to take action against attacks. 

How has it helped my organization?

As of right now, IBM Resilient helps our search analysts in making action against attacks and to manage the tickets.

What is most valuable?

The solution is simple to use and to integrate with IBM QRadar.

IBM QRadar sends alerts, and Resilient takes action.

What needs improvement?

IBM Resilient helps the company to automate responses against cyber-attacks using dynamic playbooks by sending actions to other IT solutions like firewalls, antivirus, Microsoft Teams, etc. The concept is to develop functions that you can find in IBM X-Force Exchange, and there are making lot of hard work to develop these functions, but for now, they need to add more functions to respond with other security solutions (Cisco ASA, ForcePoint, WAF...), so for now, all we can do is to wait for these functions, and I see that every month they add more functions.

For how long have I used the solution?

I've been using the solution for six months.

What do I think about the stability of the solution?

I can see that the solution is almost stable.

What do I think about the scalability of the solution?

The solution is scalable, and the best part is that IBM Resilient gives you the opportunity to develop your own scripts using the python language to make an action.

How are customer service and technical support?

We've been in contact with technical support. They're okay, but they sometimes take a lot of time to respond.

Which solution did I use previously and why did I switch?

We hadn't previously used a different solution. We chose IMB Resilient because it's the best SOAR solution if you are implementing IBM QRadar.

How was the initial setup?

The solution isn't hard to set up if you have a good understanding of IBM QRadar. It's also easy to integrate with it. Deployment takes about one hour. The configuration is a bit more complex; you'll need to understand how the unit works. Configuration usually takes about three days, but it can take up to one month. It depends on the network.

Typically, you just need one person to handle the deployment process, but it depends on the network. We have a team of ten people who handle the maintenance. They work on all of the solutions, not just Resilient.

What about the implementation team?

We handled the implementation ourselves. 

What was our ROI?

We haven't seen any ROI by using this solution.

What's my experience with pricing, setup cost, and licensing?

Talk to our pre-sales consultants.

Which other solutions did I evaluate?

We didn't evaluate other options. We were already using IBM QRadar and the best solution to implement with it was IBM Resilient.

What other advice do I have?

We use the on-premises deployment model. We are IBM resellers.

The solution is limited, but it needs lots of development, especially when we talk about making actions with other security solutions.

I'd recommend that users implement the solution with IBM Radar; otherwise, they'll face a lot of limitations.

I'd rate the solution seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Find out what your peers are saying about IBM, Palo Alto Networks, RSA and others in Security Incident Response. Updated: October 2021.
543,424 professionals have used our research since 2012.
Nilesh Burghate
Head - Global SOC at a tech services company with 201-500 employees
Real User
Top 20
Stable, with good User Behaviour Analytics and has the ability to interlink offenses

Pros and Cons

  • "The UBA, User Behavior Analytics, is very good."
  • "The initial setup is complex."

What is our primary use case?

We basically use all of the basic functionality, including the entire MITRE ATT&CK tactics, et cetera.

What is most valuable?

The interlinking of the offenses is the most valuable aspect of the solution for us.

The UBA, User Behavior Analytics, is very good.

The solution has been stable so far. The performance is good.

The product can scale if you need it to. It's an easy process. 

What needs improvement?

In terms of the whole analysis aspect, if we can get any additional information and ensure it's contextual information, that would be quite helpful to us.

The initial setup is complex. 

For how long have I used the solution?

I've been using the solution for four years or so. It's been a while. I have a few years of experience with the product at this point. 

What do I think about the stability of the solution?

The solution has been quite stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable and the performance is quite good.

What do I think about the scalability of the solution?

We have about 100 users on the solution right now. The solution is quite easy to scale. If a company needs to expand it, it can do so with relative ease. 

How was the initial setup?

The initial setup is not straightforward or simple. It's quite complex. It can be difficult. The whole deployment, as well as the configuration, takes some work.

The deployment itself took about two months in total. 

What about the implementation team?

We handled everything in-house. We didn't enlist the help of any consultants or integrators. Our team handled every aspect themselves.

What other advice do I have?

We have a business partnership with IBM.

I'm working with the latest version of the solution. I'm not sure which version number it is.

I'd recommend the product to other users and companies. 

I'd rate the solution at a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
NJ
Administrator at a university with 1,001-5,000 employees
Real User
Top 5Leaderboard
Helpful incident response monitoring but the pricing and integration could be better

Pros and Cons

  • "It's really simple and has a flexible interface."
  • "The integration could be improved so that it is easy to integrate with other solutions."

What is our primary use case?

We are using this solution for research and to integrate it into security solutions on the platform.

What is most valuable?

It's really simple and has a flexible interface.

It has been helpful with incident response monitoring and has good security features.

What needs improvement?

The integration could be improved so that it is easy to integrate with other solutions.

We need better pricing. It is very expensive to facilitate the students for research purposes for one month.

For how long have I used the solution?

I have been using IBM Resilient for a few months.

We are using the latest version.

What do I think about the stability of the solution?

It's a stable solution.

What do I think about the scalability of the solution?

This product is scalable.

How are customer service and technical support?

We have not contacted technical support.

Which solution did I use previously and why did I switch?

We are using many other solutions for research purposes such as Red Connect, Rapid7, and Siemplify.

How was the initial setup?

The initial setup is straightforward.

It's simple to install and doesn't take very long to deploy.

What about the implementation team?

We researched the internet on how to install and use this solution. There is a lot of information available on the internet.

What's my experience with pricing, setup cost, and licensing?

It is very expensive. 

I haven't purchased this solution yet, I downloaded the community version.

What other advice do I have?

This is a very useful tool, and I recommend it.

I would rate IBM Resilient a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
WH
Director, Commercial at a tech services company with 51-200 employees
MSP
Top 20
It is easy to set up and flexible

What is our primary use case?

We use it to manage security services.

What is most valuable?

Its flexibility is the most valuable. 

What needs improvement?

Its price needs improvement.

For how long have I used the solution?

I have been using IBM Resilient for five years.

How are customer service and technical support?

We have contacted their technical support. I would rate them as average.

How was the initial setup?

The initial setup was straightforward. It took us a month to deploy.

What about the implementation team?

We have our own team.

What other advice do I have?

I would rate this solution an eight out of ten. Its price and technical support need improvement.

Which deployment model are you using for this solution?

Hybrid Cloud

What is our primary use case?

We use it to manage security services.

What is most valuable?

Its flexibility is the most valuable. 

What needs improvement?

Its price needs improvement.

For how long have I used the solution?

I have been using IBM Resilient for five years.

How are customer service and technical support?

We have contacted their technical support. I would rate them as average.

How was the initial setup?

The initial setup was straightforward. It took us a month to deploy.

What about the implementation team?

We have our own team.

What other advice do I have?

I would rate this solution an eight out of ten. Its price and technical support need improvement.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Security Incident Response Report and find out what your peers are saying about IBM, Palo Alto Networks, RSA, and more!