Mandiant Advantage Threat Intelligence vs. Splunk SOAR

Mandiant Advantage Threat Intelligence

Splunk SOAR

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
Mandiant Advantage Threat Intelligence	Score 8.8 out of 10	Enterprise companies (1,001+ employees)	Since 2004, Mandiant has been a partner to security-conscious organizations. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.	N/A
Splunk SOAR	Score 8.4 out of 10	N/A	Splunk now offers a security orchestration, automation, and response (SOAR) platform via its acquisition of Phantom. Splunk Security Orchestration and Automation (Splunk SOAR) provides playbook automation and is available as a standalone solution.	N/A

Pricing

Mandiant Advantage Threat Intelligence

Splunk SOAR

Editions & Modules

No answers on this topic

Offerings

Pricing Offerings
Mandiant Advantage Threat Intelligence	Splunk SOAR
Free Trial
Yes	No
Free/Freemium Version
Yes	No
Premium Consulting/Integration Services
Yes	No

Entry-level Setup Fee

Optional

No setup fee

Additional Details

Priced by company size

—

More Pricing Information

Pricing Info

Community Pulse
	Mandiant Advantage Threat Intelligence	Splunk SOAR
Considered Both Products	Mandiant Advantage Threat Intelligence No answer on this topic	Splunk SOAR Muhammed Ali CETİN senior Security Engineer Chose Splunk SOAR If you use Splunk SIEM, you might wanna use Splunk soar, too. one vendor for SIEM and SOAR, and you do not need to think about integration, etc. Easy to use if we compare to other SOARs, chat and war rooms are great, and almost every action that we need is already created in … Incentivized Helpful?

Features

Mandiant Advantage Threat Intelligence

Splunk SOAR

Endpoint Security

Comparison of Endpoint Security features of Product A and Product B
	Mandiant Advantage Threat Intelligence 7.2 6 Ratings 0% below category average	Splunk SOAR - Ratings
Infection Remediation	7.26 Ratings	00 Ratings

Threat Intelligence

Comparison of Threat Intelligence features of Product A and Product B
	Mandiant Advantage Threat Intelligence 7.8 10 Ratings 8% above category average	Splunk SOAR - Ratings
Network Analytics	7.79 Ratings	00 Ratings
Threat Recognition	7.89 Ratings	00 Ratings
Vulnerability Classification	7.510 Ratings	00 Ratings
Automated Alerts and Reporting	8.09 Ratings	00 Ratings
Threat Analysis	7.510 Ratings	00 Ratings
Threat Intelligence Reporting	8.210 Ratings	00 Ratings
Automated Threat Identification	7.99 Ratings	00 Ratings

Best Alternatives
	Mandiant Advantage Threat Intelligence	Splunk SOAR
Small Businesses	Egnyte Score 9.5 out of 10	No answers on this topic
Medium-sized Companies	CrowdStrike Falcon Score 9.1 out of 10	LogRhythm NextGen SIEM Platform Score 8.1 out of 10
Enterprises	CrowdStrike Falcon Score 9.1 out of 10	Palo Alto Networks Cortex XSOAR Score 7.1 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	Mandiant Advantage Threat Intelligence	Splunk SOAR
Likelihood to Recommend	7.8 (18 ratings)	7.0 (41 ratings)
Likelihood to Renew	- (0 ratings)	7.5 (3 ratings)
Usability	7.6 (18 ratings)	7.0 (2 ratings)
Performance	- (0 ratings)	8.2 (40 ratings)
Support Rating	- (0 ratings)	8.2 (1 ratings)
Online Training	- (0 ratings)	8.2 (1 ratings)
Implementation Rating	- (0 ratings)	8.2 (1 ratings)
Configurability	- (0 ratings)	8.2 (1 ratings)
Product Scalability	- (0 ratings)	8.2 (1 ratings)

User Testimonials
	Mandiant Advantage Threat Intelligence	Splunk SOAR
Likelihood to Recommend	Mandiant Usually SOC leverages Intel from mutiple sources. The scenarios are: 1.Suitable: In large scale SOC where more than 5000 devices are being monitored and the tech stack is wide, Mandiant will play an excellent role in that scenario. 2.Not Suitable: In small scale SOCs wherein limited devices belonging to the same tech stack is being used then the analysts can rely on OSINT and it is not useful to buy the solution. Incentivized Verified User Anonymous Read full review	Cisco Our company has very complex and dynamic security operations because of the large number of security tools and systems that we need to manage and coordinate. Moreover, it helps us to meet many regulatory and compliance requirements because it helps us to automate and document our security operations. We also use it to streamline our security operations and improve our response to potential threats. Incentivized PK Priya Kumar Security Engineer Read full review
Pros	Mandiant accelerated threat response feature, prioritizing threats according to requirement. Optimization of the threat intelligence , and can be integrated with 3rd party tools. Features like - Breach ,Adversary, Machine and Operational Intelligence. Mandiant dynamic host and the malware views along with indicators. Incentivized Verified User Anonymous Read full review	Cisco Its security orchestration and integration capability that supports multiple tools. Easy coding that automates our security actions. Enables us to easily collaborate and respond to security issues faster. Splunk SOAR is a flexible product that is easy to deploy. Efficient tracking and monitoring capability. Excellent real-time reporting functionality. Incentivized Angelica Cavalli Senior Software Engineer Read full review
Cons	Mandiant Paywalls exist throughout the data set and can halt an investigation without the right model Some data was incomplete or broken up between pay tiers Navigation through the data lacked a definitive trail or breadcrumbs to retrace steps during investigations Incentivized Verified User Anonymous Read full review	Cisco A lack of instruction It can be difficult to contact the support staff. Limited experience from current users. It takes some effort to set up and learn new technology at first. More assistance is required from the support staff. The product's price needs to go down. Cost of the larger version. Incentivized Pavan sreevatsav Akula Cybersecurity Analyst Read full review
Likelihood to Renew	Mandiant No answers on this topic	Cisco As we already have a lot of clients being catered with Splunk SOAR and because Splunk SOAR is robust and efficient, we are already using it, and we have understood the product to a certain extent, I feel we are personally more enticed to use and scale it to a lot of business. Incentivized Gaurav S Senior Security Specialist Read full review
Usability	Mandiant Mandiant Advantage Threat Intelligence has a very usable platform, with well-differentiated sections for the analyst, as well as the possibility of cross-searching to obtain the desired results. All this is presented with an interface that is easy on the eye and not very messy, which increases productivity and the speed with which work is done. Incentivized Verified User Anonymous Read full review	Cisco Honestly, it's a bit of a love-hate thing. On one hand it's insanely powerful but on the other, the workflows can be a real headache. You need multiple hours to get comfortable with it. Incentivized CB Cole Ballen Security Engineer Read full review
Performance	Mandiant No answers on this topic	Cisco We are able to automate almost every one of our use cases, even our threat-hunting, and threat intel procedures. We have 20+ playbooks and cover almost everything, even searching logs into Splunk, looking into TIP and external systems, enrichment, and collecting evidence for analysts; it can perform concurrent playbooks running. Incentivized Muhammed Ali CETİN senior Security Engineer Read full review
Support Rating	Mandiant No answers on this topic	Cisco Splunk Support is always great! In addition the Community is very efficient and active. Incentivized Giuseppe Cusello GRC Director Read full review
In-Person Training	Mandiant No answers on this topic	Cisco I never followed an in-person training, I gave my evaluation based on the online training Incentivized Giuseppe Cusello GRC Director Read full review
Online Training	Mandiant No answers on this topic	Cisco I followed training for Phantom admins and it opened a world for me Incentivized Giuseppe Cusello GRC Director Read full review
Implementation Rating	Mandiant No answers on this topic	Cisco I already said that the main key insight is the knowledge of Phantom, so a detailed training for all the people involeved. Incentivized Giuseppe Cusello GRC Director Read full review
Alternatives Considered	Mandiant It gives more ways to analyze threats and options to fixed it. This device gives more visibility on vulnerability detection and its analysis. It provides detailed reports to have more information of all malwares which help us to increase overall security of our current organization Incentivized Sunil Redekar Network Security Engineer Read full review	Cisco Splunk Phantom integrates well with Splunk ES and has many integrations. One thing that I liked about XSOAR as compared to Phantom is that it has an "app-store" where you can download not only app integrations (similar to Phantom) but Playbooks and dashboards as well. Incentivized Verified User Anonymous Read full review
Scalability	Mandiant No answers on this topic	Cisco me and the customers I encountered found it flexible and scalable Incentivized Giuseppe Cusello GRC Director Read full review
Return on Investment	Mandiant Improved incident response time Specific investigations that have reduced the attack surface Technical reports on threats not controlled by the bank's local team Incentivized IS Ivan Salguero Astete Cyber Intelligence Analyst Read full review	Cisco The playbooks are valuable. They are the core component. Being able to implement and build a code process to work through and scale out what we want to do is valuable Before its use, analyzing each email would take at least 15 to 20 minutes, with some complex cases taking up to 30 minutes...With the automation provided by Splunk Phantom, we could significantly reduce the amount of time and human effort required to complete this task Incentivized Verified User Anonymous Read full review
ScreenShots	Mandiant Advantage Threat Intelligence Screenshots