TrustRadius

IBM Security QRadar SOAR vs. Palo Alto Networks Cortex XSOAR

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
IBM Security QRadar SOAR
Score 8.5 out of 10
N/A
IBM Security® QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks.N/A
Palo Alto Networks Cortex XSOAR
Score 8.5 out of 10
N/A
Cortex XSOAR, formerly Demisto and now from Palo Alto Networks since it was acquired in March 2019, provides orchestration to enable security teams to ingest alerts across sources and execute standardized, automatable playbooks for accelerated incident response. Its playbooks are powered by hundreds of integrations and thousands of security actions, striking the right balance between rapid machine execution and nuanced human oversight.N/A
Pricing
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsUsage-based pricing: This simple, scalable option allows starting small with an initial users and capabilities and scaling up as more users are added, as well as capabilities and data. Enterprise-wide pricing: This option is based on either the size of the enterprise-wide IT infrastructure or the size and type of data sources being secured.
More Pricing Information
Community Pulse
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Considered Both Products
IBM Security QRadar SOAR
Verified User
Engineer
Chose IBM Security QRadar SOAR
The elasticity of the IBM Security QRadar SOAR solution is what had driven us. We knew that the solution would require nurturing, training over the personnel but once the initial road blocks were destroyed, we went going faster. The other solutions lacked this elasticity, …
Palo Alto Networks Cortex XSOAR

No answer on this topic

Top Pros
Top Cons
Best Alternatives
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Small Businesses

No answers on this topic

No answers on this topic

Medium-sized Companies
Splunk SOAR
Splunk SOAR
Score 8.3 out of 10
Splunk SOAR
Splunk SOAR
Score 8.3 out of 10
Enterprises
Palo Alto Networks Cortex XSOAR
Palo Alto Networks Cortex XSOAR
Score 8.5 out of 10
Microsoft Sentinel
Microsoft Sentinel
Score 8.4 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Likelihood to Recommend
8.5
(13 ratings)
8.4
(8 ratings)
Likelihood to Renew
8.0
(1 ratings)
10.0
(1 ratings)
Usability
8.0
(1 ratings)
-
(0 ratings)
Support Rating
6.0
(1 ratings)
-
(0 ratings)
Implementation Rating
-
(0 ratings)
10.0
(1 ratings)
User Testimonials
IBM Security QRadar SOARPalo Alto Networks Cortex XSOAR
Likelihood to Recommend
IBM
IBM Security QRadar SOAR is versatile. All the major players in SOAR field require the administrator to have coding experience but with IBM it is different. IBM's solution is a full-fledged automation solution, and not some threat-based or limited one. Meaning whatever comes to your mind, if you can write the code, you can do it. This goes from daily tasks from SOC to daily tasks of your network or security administrator or any other administrator. You can manage your ITSM solution if you want to, IBM is a playground and there is much to discover in its capabilities. If you do not have the knowledge or if you want a SOC/Threat Based SOAR solution, meaning you want automation but you want it to be limited to an area and out-of-box, you may choose other alternatives.
Verified User
Anonymous
Read full review
Palo Alto Networks
XSOAR is well suited for phishing detection and response. Phishing alerts are as much of a
problem today as they were decades ago. This is because: ●Attackers Can leverage automation to launch high-quantity phishing attacks with the click
of a button.
●Spear Phishing attacks are sophisticated and sometimes indistinguishable from real
emails, resulting in compromise through human error.
●Security Teams aren’t able to follow set processes while responding to phishing alerts.
They must coordinate across email inboxes, threat intel, NGFW, ticketing, and
other tools. Each tool has different consoles, data conventions, and contexts,
making it difficult for security teams to fill in the gaps while minimizing
errors. XSOAR is less suited for analyzing traffic.
Verified User
Anonymous
Read full review
Pros
IBM
  • QRadar's ability to collect, analyze and normalize vast amount of security data from various sources is remarkable.
  • QRadar allows us to define and automate incident response playbooks which have been amazing for streamlining the response to security incidents.
  • It offers and extensive library of pre-built connectors and support for common security standards facilitating seamless integration with a wide range of security tools.
SJ
Sarah Jones
CMO (Chief Marketing Officer)
Read full review
Palo Alto Networks
  • Automation with immediate security responses.
  • Comprehensive phishing protection and increased email protection.
  • Analysis and reporting feature.
  • Intuitive and easy-to-view panels.
  • Alerts by email and sms of incidents for the administration.
  • Centralized monitoring.
Verified User
Anonymous
Read full review
Cons
IBM
  • You still have to generate reports manually. Reports are very limited and practically not useful.
  • The solution should not be SOAR class. Automations usually don't work. It's apparent that it's not designed for that.
  • Lack of flexibility.
  • Practically no support. The reported integration problems have not been resolved.
DS
Dominik Siekierski
Applications Engineer
Read full review
Palo Alto Networks
  • The XSOAR bot creates a lot of noise on the summary page of any XSOAR incident. Although the filter is available to reduce the view, by default this should not be visible cluttering the whole scenario.
  • The interface has too much data on a single pane. I would love to have many buttons to just click and do stuff.
  • Also, I would love to have search areas more interactive and easier to navigate.
SC
Sarthak Chand
Information Security Manager
Read full review
Likelihood to Renew
IBM
It is beneficial to have a program that can run independently and be used without the supervision of a devoted employee
JS
june smith
Legal Secretary
Read full review
Palo Alto Networks
It has proven to be far to valuable and effective to consider getting rid of it. Until something better comes along, this is staying in our product stack.
Verified User
Anonymous
Read full review
Usability
IBM
It is very easy to navigate and run the parts that we have needed
JS
june smith
Legal Secretary
Read full review
Palo Alto Networks
No answers on this topic
Support Rating
IBM
I have never had to contact support
JS
june smith
Legal Secretary
Read full review
Palo Alto Networks
No answers on this topic
Implementation Rating
IBM
No answers on this topic
Palo Alto Networks
It was much easier than we all anticipated.
Verified User
Anonymous
Read full review
Alternatives Considered
IBM
Overall, IBM Security QRadar SOAR offered the same set of functionality that was needed by the organization as offered by Splunk SOAR, but the former is less expensive and solves all the purpose within budget. In addition, integration with other IBM products was easier and made implementation of a SOAR solution much faster.
Verified User
Anonymous
Read full review
Palo Alto Networks
The quantity of integrations with security solutions is highest in Palo Alto Solution. The capacity to identify anomalous events is much better in Palo Alto Networks Cortex XSOAR. The flexibility of increased storage area is better as well. The dashboard is very intuitive about showing the most important incidents and how to resolve them.
RS
Raphael Soares
CTO (Chief Technical Officer)
Read full review
Return on Investment
IBM
  • It provides comprehensive MTTD and MTTR metrics and we are aware of how secure our systems are at any given moment.
  • We use linux 7.7, therefore the integrations are smooth.
  • We've been able run our online shops securely for so long.
Verified User
Anonymous
Read full review
Palo Alto Networks
  • Demisto has Eased malware analysis and threat hunting
  • With Demisto, it is simple to create playbooks and scripts
  • This is helped automate policy configurations on our PA firewalls through Panorama
DS
Read full review
ScreenShots

IBM Security QRadar SOAR Screenshots

Screenshot of the IBM Security QRadar SOAR Breach Response solution. The software helps customers manage more than 180 global privacy reporting regulations including GDPR.Screenshot of the Playbooks Landing page, that shows all active playbooks in a single view, including how many are actively running, disabled, or are in draft.Screenshot of IBM Security QRadar SOAR’s Playbook Designer canvas, designed to lower the barrier to entry necessary to build automations through a graphical interface.Screenshot of the Tasks view shows all response tasks, organized by phase, that have either completed or are set to be executed.Screenshot of Threat Investigator automatically correlates incident information, curating an incident timeline from start to finish, including related artifacts and MITRE ATT&CK mappings.