IBM Security QRadar SOAR vs. Palo Alto Networks Cortex XSOAR

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
IBM Security QRadar SOAR
Score 9.0 out of 10
N/A
IBM Security® QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks.N/A
Palo Alto Networks Cortex XSOAR
Score 7.2 out of 10
N/A
Cortex XSOAR, formerly Demisto and now from Palo Alto Networks since it was acquired in March 2019, provides orchestration to enable security teams to ingest alerts across sources and execute standardized, automatable playbooks for accelerated incident response. Its playbooks are powered by hundreds of integrations and thousands of security actions, striking the right balance between rapid machine execution and nuanced human oversight.N/A
Pricing
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsUsage-based pricing: This simple, scalable option allows starting small with an initial users and capabilities and scaling up as more users are added, as well as capabilities and data. Enterprise-wide pricing: This option is based on either the size of the enterprise-wide IT infrastructure or the size and type of data sources being secured.
More Pricing Information
Community Pulse
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Considered Both Products
IBM Security QRadar SOAR
Chose IBM Security QRadar SOAR
IBM QRadar SOAR integrates seamlessly with IBM’s QRadar SIEM, making it an excellent choice for organizations that already use IBM's security solutions. This tight integration offers an end-to-end experience in threat detection and response.

Cortex XSOAR integrates well with a …
Chose IBM Security QRadar SOAR
IBM QRadar SOAR is more suited for reliability and simpler integrations
Chose IBM Security QRadar SOAR
The elasticity of the IBM Security QRadar SOAR solution is what had driven us. We knew that the solution would require nurturing, training over the personnel but once the initial road blocks were destroyed, we went going faster. The other solutions lacked this elasticity, …
Palo Alto Networks Cortex XSOAR

No answer on this topic

Best Alternatives
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Small Businesses

No answers on this topic

No answers on this topic

Medium-sized Companies
Splunk SOAR
Splunk SOAR
Score 8.2 out of 10
Splunk SOAR
Splunk SOAR
Score 8.2 out of 10
Enterprises
Palo Alto Networks Cortex XSOAR
Palo Alto Networks Cortex XSOAR
Score 7.2 out of 10
Microsoft Sentinel
Microsoft Sentinel
Score 8.7 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Likelihood to Recommend
8.8
(18 ratings)
8.2
(8 ratings)
Likelihood to Renew
8.0
(1 ratings)
10.0
(1 ratings)
Usability
5.8
(3 ratings)
-
(0 ratings)
Support Rating
6.0
(1 ratings)
-
(0 ratings)
Implementation Rating
-
(0 ratings)
10.0
(1 ratings)
Vendor post-sale
7.3
(1 ratings)
-
(0 ratings)
Vendor pre-sale
8.2
(1 ratings)
-
(0 ratings)
User Testimonials
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Likelihood to Recommend
IBM
IBM Security QRadar SOAR is versatile. All the major players in SOAR field require the administrator to have coding experience but with IBM it is different. IBM's solution is a full-fledged automation solution, and not some threat-based or limited one. Meaning whatever comes to your mind, if you can write the code, you can do it. This goes from daily tasks from SOC to daily tasks of your network or security administrator or any other administrator. You can manage your ITSM solution if you want to, IBM is a playground and there is much to discover in its capabilities. If you do not have the knowledge or if you want a SOC/Threat Based SOAR solution, meaning you want automation but you want it to be limited to an area and out-of-box, you may choose other alternatives.
Read full review
Palo Alto Networks
XSOAR is well suited for phishing detection and response. Phishing alerts are as much of a
problem today as they were decades ago. This is because: ●Attackers Can leverage automation to launch high-quantity phishing attacks with the click
of a button.
●Spear Phishing attacks are sophisticated and sometimes indistinguishable from real
emails, resulting in compromise through human error.
●Security Teams aren’t able to follow set processes while responding to phishing alerts.
They must coordinate across email inboxes, threat intel, NGFW, ticketing, and
other tools. Each tool has different consoles, data conventions, and contexts,
making it difficult for security teams to fill in the gaps while minimizing
errors. XSOAR is less suited for analyzing traffic.
Read full review
Pros
IBM
  • QRadar's ability to collect, analyze and normalize vast amount of security data from various sources is remarkable.
  • QRadar allows us to define and automate incident response playbooks which have been amazing for streamlining the response to security incidents.
  • It offers and extensive library of pre-built connectors and support for common security standards facilitating seamless integration with a wide range of security tools.
Read full review
Palo Alto Networks
  • Automation with immediate security responses.
  • Comprehensive phishing protection and increased email protection.
  • Analysis and reporting feature.
  • Intuitive and easy-to-view panels.
  • Alerts by email and sms of incidents for the administration.
  • Centralized monitoring.
Read full review
Cons
IBM
  • You still have to generate reports manually. Reports are very limited and practically not useful.
  • The solution should not be SOAR class. Automations usually don't work. It's apparent that it's not designed for that.
  • Lack of flexibility.
  • Practically no support. The reported integration problems have not been resolved.
Read full review
Palo Alto Networks
  • The XSOAR bot creates a lot of noise on the summary page of any XSOAR incident. Although the filter is available to reduce the view, by default this should not be visible cluttering the whole scenario.
  • The interface has too much data on a single pane. I would love to have many buttons to just click and do stuff.
  • Also, I would love to have search areas more interactive and easier to navigate.
Read full review
Likelihood to Renew
IBM
I'd rate my likelihood of renewing the use of IBM Security QRadar SOAR as an 8 out of 10. Its strong automation, customization, and integration capabilities make it highly valuable for incident response and cybersecurity research. However, occasional complexity and the need for more streamlined usability prevent it from being a perfect score.
Read full review
Palo Alto Networks
It has proven to be far to valuable and effective to consider getting rid of it. Until something better comes along, this is staying in our product stack.
Read full review
Usability
IBM
I would rate IBM Security QRadar SOAR's overall usability a 7 out of 10. The interface is quite functional and offers a wide range of features, but it can be somewhat complex and intimidating for beginners. Additionally, the configuration and customization can require a significant learning curve, especially for those without prior experience with security orchestration and automation platforms.
Read full review
Palo Alto Networks
No answers on this topic
Reliability and Availability
IBM
I would rate IBM Security QRadar SOAR's availability as 9 out of 10. The platform is highly reliable, with minimal unplanned outages or application errors, ensuring it’s available when needed. However, occasional minor maintenance periods or rare connectivity issues prevent it from achieving a perfect score in terms of availability.
Read full review
Palo Alto Networks
No answers on this topic
Performance
IBM
I would rate IBM Security QRadar SOAR's performance as 8 out of 10. Pages generally load quickly, and reports complete in a reasonable time frame, even for complex data. While integration with other systems is smooth, there can be occasional slowdowns when handling very large datasets or during peak usage, which affects the perfect score.
Read full review
Palo Alto Networks
No answers on this topic
Support Rating
IBM
I would rate IBM Security QRadar SOAR's support an 8 out of 10. The support team is knowledgeable, responsive, and generally provides helpful solutions. However, there can be occasional delays when addressing more complex issues, which prevents it from being a perfect score. Overall, the support experience has been positive.
Read full review
Palo Alto Networks
No answers on this topic
Implementation Rating
IBM
I would rate my satisfaction with the implementation of IBM Security QRadar SOAR as 7 out of 10. The process was generally straightforward, supported by helpful documentation and responsive support. However, certain advanced configurations proved more challenging and required more technical effort than anticipated, making the overall experience less seamless.
Read full review
Palo Alto Networks
It was much easier than we all anticipated.
Read full review
Alternatives Considered
IBM
Overall, IBM Security QRadar SOAR offered the same set of functionality that was needed by the organization as offered by Splunk SOAR, but the former is less expensive and solves all the purpose within budget. In addition, integration with other IBM products was easier and made implementation of a SOAR solution much faster.
Read full review
Palo Alto Networks
The quantity of integrations with security solutions is highest in Palo Alto Solution. The capacity to identify anomalous events is much better in Palo Alto Networks Cortex XSOAR. The flexibility of increased storage area is better as well. The dashboard is very intuitive about showing the most important incidents and how to resolve them.
Read full review
Scalability
IBM
I would rate IBM Security QRadar SOAR's overall scalability as 9 out of 10. It effectively scales to handle large volumes of incidents and can be deployed across multiple departments or sites. Its architecture supports growing data and integration needs, but advanced configuration for larger deployments may require more effort, preventing a perfect score.
Read full review
Palo Alto Networks
No answers on this topic
Return on Investment
IBM
  • It provides comprehensive MTTD and MTTR metrics and we are aware of how secure our systems are at any given moment.
  • We use linux 7.7, therefore the integrations are smooth.
  • We've been able run our online shops securely for so long.
Read full review
Palo Alto Networks
  • Demisto has Eased malware analysis and threat hunting
  • With Demisto, it is simple to create playbooks and scripts
  • This is helped automate policy configurations on our PA firewalls through Panorama
Read full review
ScreenShots

IBM Security QRadar SOAR Screenshots

Screenshot of the IBM Security QRadar SOAR Breach Response solution. The software helps customers manage more than 180 global privacy reporting regulations including GDPR.Screenshot of the Playbooks Landing page, that shows all active playbooks in a single view, including how many are actively running, disabled, or are in draft.Screenshot of IBM Security QRadar SOAR’s Playbook Designer canvas, designed to lower the barrier to entry necessary to build automations through a graphical interface.Screenshot of the Tasks view shows all response tasks, organized by phase, that have either completed or are set to be executed.Screenshot of Threat Investigator automatically correlates incident information, curating an incident timeline from start to finish, including related artifacts and MITRE ATT&CK mappings.