TrustRadius

IBM Security QRadar SOAR vs. Splunk SOAR

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
IBM Security QRadar SOAR
Score 8.5 out of 10
N/A
IBM Security® QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks.N/A
Splunk SOAR
Score 8.3 out of 10
N/A
Splunk now offers a security orchestration, automation, and response (SOAR) platform via its acquisition of Phantom. Splunk Security Orchestration and Automation (Splunk SOAR) provides playbook automation and is available as a standalone solution.N/A
Pricing
IBM Security QRadar SOARSplunk SOAR
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
IBM Security QRadar SOARSplunk SOAR
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsUsage-based pricing: This simple, scalable option allows starting small with an initial users and capabilities and scaling up as more users are added, as well as capabilities and data. Enterprise-wide pricing: This option is based on either the size of the enterprise-wide IT infrastructure or the size and type of data sources being secured.
More Pricing Information
Community Pulse
IBM Security QRadar SOARSplunk SOAR
Considered Both Products
IBM Security QRadar SOAR
Verified User
Engineer
Chose IBM Security QRadar SOAR
Overall, IBM Security QRadar SOAR offered the same set of functionality that was needed by the organization as offered by Splunk SOAR, but the former is less expensive and solves all the purpose within budget. In addition, integration with other IBM products was easier and made …
Splunk SOAR
Muhammed Ali CETİN | TrustRadius Reviewer
Muhammed Ali CETİN
senior Security Engineer
Chose Splunk SOAR
If you use Splunk SIEM, you might wanna use Splunk soar, too. one vendor for SIEM and SOAR, and you do not need to think about integration, etc. Easy to use if we compare to other SOARs, chat and war rooms are great, and almost every action that we need is already created in …
Pavan sreevatsav Akula | TrustRadius Reviewer
Pavan sreevatsav Akula
Cybersecurity Analyst
Chose Splunk SOAR
Simple to utilize GUI, you'll have with you possess add-ons, Numerous integrations in existing arrangements and tools. It could be an extraordinary organizational tool that can be utilized for any kind of coordination, not as it were security.
Top Pros

No answers on this topic

Top Cons

No answers on this topic

Best Alternatives
IBM Security QRadar SOARSplunk SOAR
Small Businesses

No answers on this topic

No answers on this topic

Medium-sized Companies
Splunk SOAR
Splunk SOAR
Score 8.3 out of 10
Qualys TruRisk Platform
Qualys TruRisk Platform
Score 8.3 out of 10
Enterprises
Palo Alto Networks Cortex XSOAR
Palo Alto Networks Cortex XSOAR
Score 8.5 out of 10
Palo Alto Networks Cortex XSOAR
Palo Alto Networks Cortex XSOAR
Score 8.5 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
IBM Security QRadar SOARSplunk SOAR
Likelihood to Recommend
8.5
(13 ratings)
8.6
(40 ratings)
Likelihood to Renew
8.0
(1 ratings)
8.1
(3 ratings)
Usability
8.0
(1 ratings)
8.2
(1 ratings)
Performance
-
(0 ratings)
8.9
(40 ratings)
Support Rating
6.0
(1 ratings)
8.2
(1 ratings)
Online Training
-
(0 ratings)
8.2
(1 ratings)
Implementation Rating
-
(0 ratings)
8.2
(1 ratings)
Configurability
-
(0 ratings)
8.2
(1 ratings)
Product Scalability
-
(0 ratings)
8.2
(1 ratings)
User Testimonials
IBM Security QRadar SOARSplunk SOAR
Likelihood to Recommend
IBM
IBM Security QRadar SOAR is versatile. All the major players in SOAR field require the administrator to have coding experience but with IBM it is different. IBM's solution is a full-fledged automation solution, and not some threat-based or limited one. Meaning whatever comes to your mind, if you can write the code, you can do it. This goes from daily tasks from SOC to daily tasks of your network or security administrator or any other administrator. You can manage your ITSM solution if you want to, IBM is a playground and there is much to discover in its capabilities. If you do not have the knowledge or if you want a SOC/Threat Based SOAR solution, meaning you want automation but you want it to be limited to an area and out-of-box, you may choose other alternatives.
Verified User
Anonymous
Read full review
Splunk
Our company has very complex and dynamic security operations because of the large number of security tools and systems that we need to manage and coordinate. Moreover, it helps us to meet many regulatory and compliance requirements because it helps us to automate and document our security operations. We also use it to streamline our security operations and improve our response to potential threats.
PK
Priya Kumar
Security Engineer
Read full review
Pros
IBM
  • QRadar's ability to collect, analyze and normalize vast amount of security data from various sources is remarkable.
  • QRadar allows us to define and automate incident response playbooks which have been amazing for streamlining the response to security incidents.
  • It offers and extensive library of pre-built connectors and support for common security standards facilitating seamless integration with a wide range of security tools.
SJ
Sarah Jones
CMO (Chief Marketing Officer)
Read full review
Splunk
  • Its security orchestration and integration capability that supports multiple tools.
  • Easy coding that automates our security actions.
  • Enables us to easily collaborate and respond to security issues faster.
  • Splunk SOAR is a flexible product that is easy to deploy.
  • Efficient tracking and monitoring capability.
  • Excellent real-time reporting functionality.
Angelica Cavalli | TrustRadius Reviewer
Angelica Cavalli
Senior Software Engineer
Read full review
Cons
IBM
  • You still have to generate reports manually. Reports are very limited and practically not useful.
  • The solution should not be SOAR class. Automations usually don't work. It's apparent that it's not designed for that.
  • Lack of flexibility.
  • Practically no support. The reported integration problems have not been resolved.
DS
Dominik Siekierski
Applications Engineer
Read full review
Splunk
  • A lack of instruction It can be difficult to contact the support staff. Limited experience from current users.
  • It takes some effort to set up and learn new technology at first. More assistance is required from the support staff. The product's price needs to go down.
  • Cost of the larger version.
Pavan sreevatsav Akula | TrustRadius Reviewer
Pavan sreevatsav Akula
Cybersecurity Analyst
Read full review
Likelihood to Renew
IBM
It is beneficial to have a program that can run independently and be used without the supervision of a devoted employee
JS
june smith
Legal Secretary
Read full review
Splunk
As we already have a lot of clients being catered with Splunk SOAR and because Splunk SOAR is robust and efficient, we are already using it, and we have understood the product to a certain extent, I feel we are personally more enticed to use and scale it to a lot of business.
Gaurav S | TrustRadius Reviewer
Gaurav S
Senior Security Specialist
Read full review
Usability
IBM
It is very easy to navigate and run the parts that we have needed
JS
june smith
Legal Secretary
Read full review
Splunk
Not immediate: it always requires a training.
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
Performance
IBM
No answers on this topic
Splunk
We are able to automate almost every one of our use cases, even our threat-hunting, and threat intel procedures. We have 20+ playbooks and cover almost everything, even searching logs into Splunk, looking into TIP and external systems, enrichment, and collecting evidence for analysts; it can perform concurrent playbooks running.
Muhammed Ali CETİN | TrustRadius Reviewer
Muhammed Ali CETİN
senior Security Engineer
Read full review
Support Rating
IBM
I have never had to contact support
JS
june smith
Legal Secretary
Read full review
Splunk
Splunk Support is always great! In addition the Community is very efficient and active.
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
In-Person Training
IBM
No answers on this topic
Splunk
I never followed an in-person training, I gave my evaluation based on the online training
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
Online Training
IBM
No answers on this topic
Splunk
I followed training for Phantom admins and it opened a world for me
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
Implementation Rating
IBM
No answers on this topic
Splunk
I already said that the main key insight is the knowledge of Phantom, so a detailed training for all the people involeved.
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
Alternatives Considered
IBM
Overall, IBM Security QRadar SOAR offered the same set of functionality that was needed by the organization as offered by Splunk SOAR, but the former is less expensive and solves all the purpose within budget. In addition, integration with other IBM products was easier and made implementation of a SOAR solution much faster.
Verified User
Anonymous
Read full review
Splunk
Splunk Phantom integrates well with Splunk ES and has many integrations. One thing that I liked about XSOAR as compared to Phantom is that it has an "app-store" where you can download not only app integrations (similar to Phantom) but Playbooks and dashboards as well.
Verified User
Anonymous
Read full review
Scalability
IBM
No answers on this topic
Splunk
me and the customers I encountered found it flexible and scalable
Giuseppe Cusello | TrustRadius Reviewer
Giuseppe Cusello
GRC Director
Read full review
Return on Investment
IBM
  • It provides comprehensive MTTD and MTTR metrics and we are aware of how secure our systems are at any given moment.
  • We use linux 7.7, therefore the integrations are smooth.
  • We've been able run our online shops securely for so long.
Verified User
Anonymous
Read full review
Splunk
  • The playbooks are valuable. They are the core component. Being able to implement and build a code process to work through and scale out what we want to do is valuable
  • Before its use, analyzing each email would take at least 15 to 20 minutes, with some complex cases taking up to 30 minutes...With the automation provided by Splunk Phantom, we could significantly reduce the amount of time and human effort required to complete this task
Verified User
Anonymous
Read full review
ScreenShots

IBM Security QRadar SOAR Screenshots

Screenshot of the IBM Security QRadar SOAR Breach Response solution. The software helps customers manage more than 180 global privacy reporting regulations including GDPR.Screenshot of the Playbooks Landing page, that shows all active playbooks in a single view, including how many are actively running, disabled, or are in draft.Screenshot of IBM Security QRadar SOAR’s Playbook Designer canvas, designed to lower the barrier to entry necessary to build automations through a graphical interface.Screenshot of the Tasks view shows all response tasks, organized by phase, that have either completed or are set to be executed.Screenshot of Threat Investigator automatically correlates incident information, curating an incident timeline from start to finish, including related artifacts and MITRE ATT&CK mappings.