TrustRadius

Cofense Triage vs. Splunk SOAR

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Cofense Triage
Score 9.4 out of 10
Enterprise companies (1,001+ employees)
Cofense Triage accelerates phishing qualification, investigation, and response by automating standard responses to suspicious emails to make analysts more efficient and driving out actionable intelligence, and providing incident response playbook.N/A
Splunk SOAR
Score 8.4 out of 10
N/A
Splunk now offers a security orchestration, automation, and response (SOAR) platform via its acquisition of Phantom. Splunk Security Orchestration and Automation (Splunk SOAR) provides playbook automation and is available as a standalone solution.N/A
Pricing
Cofense TriageSplunk SOAR
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cofense TriageSplunk SOAR
Free Trial
YesNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
YesNo
Entry-level Setup FeeOptionalNo setup fee
Additional Details
More Pricing Information
Community Pulse
Cofense TriageSplunk SOAR
Features
Cofense TriageSplunk SOAR
Incident Response Platforms
Comparison of Incident Response Platforms features of Product A and Product B
Cofense Triage
6.4
35 Ratings
33% below category average
Splunk SOAR
-
Ratings
Integration with Other Security Systems5.034 Ratings00 Ratings
Attack Chain Visualization6.127 Ratings00 Ratings
Centralized Dashboard7.735 Ratings00 Ratings
Live Response for Rapid Remediation6.731 Ratings00 Ratings
Best Alternatives
Cofense TriageSplunk SOAR
Small Businesses
ThreatDown, powered by Malwarebytes
ThreatDown, powered by Malwarebytes
Score 8.7 out of 10

No answers on this topic

Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
LogRhythm NextGen SIEM Platform
LogRhythm NextGen SIEM Platform
Score 8.1 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Palo Alto Networks Cortex XSOAR
Palo Alto Networks Cortex XSOAR
Score 7.2 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Cofense TriageSplunk SOAR
Likelihood to Recommend
7.5
(38 ratings)
7.0
(41 ratings)
Likelihood to Renew
10.0
(1 ratings)
7.5
(3 ratings)
Usability
10.0
(1 ratings)
7.0
(2 ratings)
Availability
10.0
(1 ratings)
-
(0 ratings)
Performance
10.0
(1 ratings)
8.2
(40 ratings)
Support Rating
-
(0 ratings)
8.2
(1 ratings)
In-Person Training
10.0
(1 ratings)
-
(0 ratings)
Online Training
-
(0 ratings)
8.2
(1 ratings)
Implementation Rating
10.0
(1 ratings)
8.2
(1 ratings)
Configurability
10.0
(1 ratings)
8.2
(1 ratings)
Product Scalability
10.0
(1 ratings)
8.2
(1 ratings)
Vendor post-sale
10.0
(1 ratings)
-
(0 ratings)
Vendor pre-sale
10.0
(1 ratings)
-
(0 ratings)
User Testimonials
Cofense TriageSplunk SOAR
Likelihood to Recommend
Cofense
The tool is very helpful in improving Phishing detection capabilities as it streamlines the process of analyzing user reports a lot. Besides it has a built-in mechanism of rating reporters(end-users) based on their historical performance. Downside - tool requires continuous resource investment to deliver best result. Tool is not helping too much in improving user-education, because automated response process is not immediate and is prone to errors
Verified User
Anonymous
Read full review
Cisco
Our company has very complex and dynamic security operations because of the large number of security tools and systems that we need to manage and coordinate. Moreover, it helps us to meet many regulatory and compliance requirements because it helps us to automate and document our security operations. We also use it to streamline our security operations and improve our response to potential threats.
PK
Priya Kumar
Security Engineer
Read full review
Pros
Cofense
  • Separating links and attachments contained in the email, and checking to see if they are known malicious.
  • Clustering like emails to save time when responding.
  • Providing risks scores with each cluster to give an estimate on which clusters should be addressed first.
Verified User
Anonymous
Read full review
Cisco
  • Its security orchestration and integration capability that supports multiple tools.
  • Easy coding that automates our security actions.
  • Enables us to easily collaborate and respond to security issues faster.
  • Splunk SOAR is a flexible product that is easy to deploy.
  • Efficient tracking and monitoring capability.
  • Excellent real-time reporting functionality.
Angelica Cavalli | TrustRadius Reviewer
Angelica Cavalli
Senior Software Engineer
Read full review
Cons
Cofense
  • There are too many interdependent pieces which you have to acquire separately.
  • I think Cofense has a lot of capabilities and usefulness, but I think it's too a la carte.
  • We own Cofense and PhishMe currently and there are some gaping holes that require additional licensing to close.
Verified User
Anonymous
Read full review
Cisco
  • A lack of instruction It can be difficult to contact the support staff. Limited experience from current users.
  • It takes some effort to set up and learn new technology at first. More assistance is required from the support staff. The product's price needs to go down.
  • Cost of the larger version.
Pavan sreevatsav Akula | TrustRadius Reviewer
Pavan sreevatsav Akula
Cybersecurity Analyst
Read full review
Likelihood to Renew
Cofense
Cofense is stable and provides easy to use solution to aid the investigation of emails as well as managing simulated phishing campaigns.
MB
Mike Burch
IT Security Team Lead
Read full review
Cisco
As we already have a lot of clients being catered with Splunk SOAR and because Splunk SOAR is robust and efficient, we are already using it, and we have understood the product to a certain extent, I feel we are personally more enticed to use and scale it to a lot of business.
Gaurav S | TrustRadius Reviewer
Gaurav S
Senior Security Specialist
Read full review
Usability
Cofense
The interface is easy and intuitive.
MB
Mike Burch
IT Security Team Lead
Read full review
Cisco
Honestly, it's a bit of a love-hate thing. On one hand it's insanely powerful but on the other, the workflows can be a real headache. You need multiple hours to get comfortable with it.
CB
Cole Ballen
Security Engineer
Read full review
Reliability and Availability
Cofense
We've experienced zero downtime.
MB
Mike Burch
IT Security Team Lead
Read full review
Cisco
No answers on this topic
Performance
Cofense
No slowness seen.
MB
Mike Burch
IT Security Team Lead
Read full review
Cisco
We are able to automate almost every one of our use cases, even our threat-hunting, and threat intel procedures. We have 20+ playbooks and cover almost everything, even searching logs into Splunk, looking into TIP and external systems, enrichment, and collecting evidence for analysts; it can perform concurrent playbooks running.
Muhammed Ali CETİN | TrustRadius Reviewer
Muhammed Ali CETİN
senior Security Engineer
Read full review
Support Rating
Cofense
No answers on this topic
Cisco
Splunk Support is always great! In addition the Community is very efficient and active.
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
In-Person Training
Cofense
Training was through, relevant and easy to follow.
MB
Mike Burch
IT Security Team Lead
Read full review
Cisco
I never followed an in-person training, I gave my evaluation based on the online training
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
Online Training
Cofense
No answers on this topic
Cisco
I followed training for Phantom admins and it opened a world for me
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
Implementation Rating
Cofense
No answers on this topic
Cisco
I already said that the main key insight is the knowledge of Phantom, so a detailed training for all the people involeved.
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
Alternatives Considered
Cofense
The other product had a lot of fails on the auto-processing and did not integrate well with our current environment. One issue had to do with the way it sends the submissions to its processing engine—our email gateway configuration would have blocked this traffic. I also did not like the user interface.
Verified User
Anonymous
Read full review
Cisco
Splunk Phantom integrates well with Splunk ES and has many integrations. One thing that I liked about XSOAR as compared to Phantom is that it has an "app-store" where you can download not only app integrations (similar to Phantom) but Playbooks and dashboards as well.
Verified User
Anonymous
Read full review
Scalability
Cofense
We've experienced zero downtime
MB
Mike Burch
IT Security Team Lead
Read full review
Cisco
me and the customers I encountered found it flexible and scalable
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
Return on Investment
Cofense
  • Due to the integration potential, large amounts of time are saved on a daily basis.
  • Incident response time has dropped due to the increased information available by having access to phishing emails directly.
  • Staff are able to effectively learn how multiple tools in our environment are used by mastering Triage. This has decreased training time greatly and increased the effectiveness of each associate.
Verified User
Anonymous
Read full review
Cisco
  • The playbooks are valuable. They are the core component. Being able to implement and build a code process to work through and scale out what we want to do is valuable
  • Before its use, analyzing each email would take at least 15 to 20 minutes, with some complex cases taking up to 30 minutes...With the automation provided by Splunk Phantom, we could significantly reduce the amount of time and human effort required to complete this task
Verified User
Anonymous
Read full review
ScreenShots

Cofense Triage Screenshots

Screenshot of Triage DashboardScreenshot of Triage Dashboard Cluster DetailsScreenshot of Triage Cluster DetailsScreenshot of Triage Cluster Malicious AttachmentScreenshot of Triage Cluster HeadersScreenshot of Triage Reporter Details