Splunk SOAR

Splunk SOAR
Formerly Phantom

Customer Verified
Top Rated
About TrustRadius Scoring
Score 8.3 out of 100
Top Rated
Splunk SOAR

Overview

Recent Reviews

IT SEC AT IT's BEST

10 out of 10
August 08, 2022
Splunk SOAR gives a very high-level overview of all digital activities and connections with different IT Sec tools. It also helps us …
Continue reading

Best Automation Tool

8 out of 10
April 25, 2022
Splunk SOAR is used in our project to automate alert triage. It does the manual repetitive tasks in a few seconds, which if performed …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of Splunk SOAR, and make your voice heard!

Pricing

View all pricing
N/A
Unavailable

What is Splunk SOAR?

Splunk now offers a security orchestration, automation, and response (SOAR) platform via its acquisition of Phantom. Splunk Security Orchestration and Automation (Splunk SOAR) provides playbook automation and is available as a standalone solution.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Would you like us to let the vendor know that you want pricing?

18 people want pricing too

Alternatives Pricing

What is TheHive?

TheHive is an open source and free cybersecurity incident response platform.

What is FireEye Helix?

FireEye Helix is a SIEM solution providing a non-malware threat detection solution.

Features Scorecard

No scorecards have been submitted for this product yet..

Product Details

What is Splunk SOAR?

Splunk SOAR provides security orchestration, automation and response capabilities that allow security analysts to work smarter by automating repetitive tasks; respond to security incidents faster with automated detection, investigation, and response; increase productivity, efficiency and accuracy; and strengthen defenses by connecting and coordinating complex workflows across their team and tools. Splunk SOAR also supports a broad range of security operations center (SOC) functions including event and case management, integrated threat intelligence, collaboration tools and reporting.

Splunk SOAR Competitors

Splunk SOAR Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Splunk now offers a security orchestration, automation, and response (SOAR) platform via its acquisition of Phantom. Splunk Security Orchestration and Automation (Splunk SOAR) provides playbook automation and is available as a standalone solution.

Palo Alto Networks Cortex XSOAR and Siemplify, now part of Google Cloud are common alternatives for Splunk SOAR.

Reviewers rate Performance highest, with a score of 8.3.

The most common users of Splunk SOAR are from Enterprises (1,001+ employees) and the Information Technology & Services industry.

Comparisons

View all alternatives

Reviews

(1-25 of 39)
Companies can't remove reviews or game the system. Here's why
August 08, 2022

IT SEC AT IT's BEST

Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk SOAR gives a very high-level overview of all digital activities and connections with different IT Sec tools. It also helps us generate reports and generates a visual ROI detail to see and understand where were are at in terms of Security and standards. Splunk SOAR is utilized to maintain Security Standards across the organization
  • Security Playbook dashboard
  • IT Security Event Monitoring
  • N/A
  • N/A
Splunk SOAR is the connection between all Web inputs and Splunk Apps. Through Splunk SOAR these Apps are routed to other active Security tools to perform Tasks like a BLOCK or Verification or Clean. It has easy integration options with more than 200 tools and can perform IT SEC tasks of about 1500
July 28, 2022

SPLUNK SOAR REVIEW.

Pavan sreevatsav Akula | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
In order to make SaaS deployment more inexpensive for small and medium-sized businesses, it can be further reinforced. Further refinement of pricing based on various deployment strategies can increase client retention. The technical team and customer service at Backhand should be more responsive to our requests and tickets.
  • Utilization simplicity and compatibility with the Windows environment.
  • Automation capabilities.
  • Playbooks are simple to use, integrate, and build.
  • A lack of instruction It can be difficult to contact the support staff. Limited experience from current users.
  • It takes some effort to set up and learn new technology at first. More assistance is required from the support staff. The product's price needs to go down.
  • Cost of the larger version.
Simple to send and speedier integration, Incredible client back, and cross-breed environment execution. The whole handle is computerized, and the reaction time is about a few seconds after the recognized dangers. Its consistent integration and arrangement with our existing framework, The capacity to quickly react to occurrences and alerts.
Sachin Vinay | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We are mostly using SPLUNK SOAR for all our cybersecurity research-oriented sectors, mainly for PhD scholars and pg. students who are doing projects in cybersecurity. Also we have a lot of production servers which require advanced threat monitoring and logging which could be easily satisfied with Splunk SOAR software.
  • precise handling of vulnerabilities with efficient algorithms
  • excellent alerting system with in-detail solutions
  • quality templates of reporting specific security events.
  • Require more advancement in real time threat monitoring
  • dashboards are less user-friendly, not fit for end users with basic networking knowledge.
  • Advanced features come with a high price, when compared to its competitors
Splunk can be suggested for research-oriented educational institutions, cyber research projects, Ph.D. scholars, etc. as it has scope for detailed information on the threat patterns, vulnerability checks, and advanced networking concepts. It is less suited for normal enterprises that are less concerned with data integrity and also for cloud-based solutions.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We were largely depending on Splunk SOAR for active threat detection and alert monitoring .It has a good algorithm based signature handling which efficiently manages threats. Also our cyber security researchers constantly use this software for advanced research based on their specialisations. Advanced penetration testing also helped us to enhance the security of our hosted applications
  • effective threat monitoring
  • Score based threat level detection for handling attacks that require priority.
  • highly effective reporting templates for vulnerability testing
  • Advanced features are not cost effective.
  • Live monitoring and threats require more clarity
  • Require professional and sound knowledge on networking to operate.
Splunk SOAR is best fitted for research purposes detailed packet-based data is required, it is also best suited for students who are perusing higher education in cyber security. It is less suited for normal users or apps that demand less security.
AMJITH LAL S | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk SOAR was being tested in our environment for security analysis and for cyber security research purposes. With quality automation, we could identify security concerns and act accordingly. We could also identify major security outbreaks with log analysis and reporting from SOAR. Our research team constantly checks the logs and addresses the team for executing the fixes.
  • In depth layer based network logging.
  • Accurate automation of threat handling.
  • Penetration testing with overall vulnerability management.
  • Missing a utility dashboard.
  • Automation features are not scalable.
  • Requires advanced knowledge on networking to operate.
Splunk as an overall security setup will be best suited for any kind of research purposes as we can get precise and detailed info on network packets with step-by-step troubleshooting procedures. It is less suitable for organisations that do not concentrate more on security and require less priority on threats and errors.
Score 10 out of 10
Vetted Review
Verified User
Review Source
We used Splunk SOAR as a log aggregating platform that connects our Splunk tool and connects all the application that provides ingress and egress connections inside and outside the organization. We use this part of our log onboarding platform, a company-wide program that is used to enable logging on all the applications that are being used with donor security metrics.
  • Security Orchestraction
  • Custom Playbooks
  • Integration to Cloud Applications
  • Access Control Issues
  • On-Prem Hosting Capabilities
The tool has some excellent capability sets the benchmark for log monitoring and orchestration standards. The tool is very easy to onboard, the training to give the security consultants very less and it's very easy to pick up due to its huge amount of documentation training program that provides. The support that team provides cease absolutely brilliant. There is a number of custom PlayBooks that would suit almost all your needs and that would master cloud conference and almost all the requirements and minimal effort to customize it based on your needs.
Ezekiel Mathew | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Our company supports geospatial organizations, and intelligence and defense communities in the state and beyond. We aim to deliver secure software services and that's why we engage Splunk SOAR to not only automate repetitive tasks but also improve the incident response capabilities. We use Splunk SOAR extensively while building log analytics to help turn data into outcomes with its top-notch automation.
  • All incident investigations can be automated
  • Generates reports easily and quickly after submitting the file to a malware sandbox
  • Provides detailed analysis of suspicious activity.
  • Some inaccuracies from their predictive models.
Splunk SOAR is absolutely incredible when it comes to automating actions saving our team plenty of hours per week. The deployment is quite flexible, supporting both on-premises and hybrid deployments. I'm intrigued by Splunk's capabilities in case management. I am the assistant team lead in our cybersecurity department and I constantly review and deploy solutions for these incident cases. With Splunk, this task is much easier as I create codified reusable templates for these repetitive procedures.
Score 8 out of 10
Vetted Review
Verified User
Review Source
We utilize Splunk SOAR to automate mundane and repetitive security tasks to speed remediation and reduce manual effort. In our organization, our use case is centered around security operations and monitoring. Splunk SOAR facilitates our efforts to remediate and respond to threats within our environment at near-machine speed.
  • Automation of end user notification
  • Automation of ticket workflow
  • Automation of data enrichment
  • Automation of analyst alerting
  • Playbooks can be daunting to design
  • Playbooks are a compilation of python scripts and API calls with a nice GUI but can break as easily
  • Solid understanding of python scripting is required to troubleshoot issues
We use Splunk SOAR to automate notification of users of malicious links clicked and to pull malicious emails from mailboxes based on analyst determination. Beyond that, we use Splunk SOAR to automate the isolation of devices determined by EDR to be compromised while enriching the alert data and notifying analysts. In our implementation, we have experienced issues with troubleshooting when part of the python script would fail rather than the playbook or an entire function within the playbook.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We utilize SOAR to automate daily tasks and alerts in our environment for our analysts to make quick decisions and react to evolving threats. From phishing emails to suspicious VPN notifications from users connecting around the world. We automated contacting end-users we are protecting to be efficient and create responses that automate the ticketing and closure of events once they have been deemed resolved. This helps us have a more proactive approach and gives us time to develop blue team / red team scenarios that we would otherwise not have the bandwidth to achieve with the manual process of investigating alerts while also providing a starting point for new hire training. We are starting to train new analysts on SOAR by comparing the tedious manual process and comparing it to playbooks for the analyst to understand the efficiency, value, context, and solutions that SOAR provides while also keeping our analysts up-to-date on the procedures we should mimic within our playbooks when planning to enhance or create new parent playbooks from existing sub-playbooks. This creates a revolving approach to enhancing our services and responsiveness to the business while also keeping the analyst from burning out over repetitive alerts and allows for a more proactive approach to enabling analysts to create new methods for more complex processes and tasks.
  • Is able to be quick and get results
  • Can be simple in use while allowing endless complexity
  • Doesn't need a huge understanding of code, but is helpful.
  • Some aspects of SOAR can be more descriptive with examples and better information within the building areas to avoid disruption.
  • Drilling down within each step should provide automatic documentation of every step that is being performed in plain English for fast and easy documentation of playbooks that reach production for analysts to easily familiarize themselves or troubleshoot more complex issues.
  • Licensing per analyst is a bit cumbersome as teams can fluctuate rapidly to avoid cost fluctuations.
It's the next single pane of glass that I would love to utilize all features for, however, licensing for our group is holding us back from doing so while the justification to management on the cost seems to always meet a cost / ROI conversation that I am never a part of.
Score 7 out of 10
Vetted Review
Verified User
Review Source
Splunk SOAR is making renovation in automation. Splunk SOAR provides the best-automated response. It provides codeless automation. The Security provided by Splunk SOAR is very much helpful to us.
  • Automatic Response
  • Playbooks
  • Security
  • Ease of use
Splunk SOAR is providing the best support for the automation. The playbooks are very easy to use. Splunk SOAR is very much helpful in raising alerts.
Score 8 out of 10
Vetted Review
Verified User
Review Source
Implementing Splunk SOAR in our company placed us in a great position to have our systems secured with an automated system. We are using it to prevent cyber attacks on our networks either through quarantining devices or detonating malicious files. The automation feature is also used to send alert triages and it collects in-depth data from a pool of sources.
  • The playbook is simple to understand, actually makes life in technology easier.
  • It displays super intelligence in threat detection - it analyses the security ecosystem in its entirety and sends alerts as they happen instantly.
  • To be able to understand Splunk SOAR, you have to invest your quality time in understanding it.
  • It's highly priced for our budget but it has been worth every cent for the 14 months we've used.
Our customers trade and invest crypto and therefore they trust us to offer high order security. Embracing Splunk SOAR has been critical in attaining this through an advanced cyber security system. Splunk is fantastic in analytics of loads of data which generates resourceful insights. However in the beginning we experienced compatibility issues. The association rules in Splunk (the "arules") present a not-so-impressive machine learning curve.
Score 8 out of 10
Vetted Review
Verified User
Review Source
Due to a lack of human resources and time, numerous logs are produced and purged if too many devices and servers are added to the network. It got unpleasant, and the security breach went unnoticed. So I discovered Splunk SOAR and put it to the test before purchasing it. All event logs may be consolidated into a single-engine, which can then be examined to generate alerts. We employ security to detect server faults, account changes, and failed login attempts. Most significantly, it should be utilized to defend against viruses and hackers attempting to get access to it.
  • It's a flexible product with a lot of critical and helpful features that, when paired with excellent customer service, make it a winner.
  • From start to finish, this approach is extremely effective, and the outcomes are flawless.
  • It comes with a plethora of handy functions.
  • Nothing is difficult to use or lacks usefulness. Simple coding procedures.
  • Highly adaptable product with a variety of deployment possibilities.
It is advised for small teams with extensive security infrastructures to cope with a high number of false positives, which reduces team productivity. SOAR comes with a simple editor that allows you to construct templates without any technical knowledge by dragging and dropping the appropriate pieces into a stream.
The process took less time because of good support from the team.
April 25, 2022

Best Automation Tool

Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk SOAR is used in our project to automate alert triage. It does the manual repetitive tasks in a few seconds, which if performed manually would take hours if the task is performed manually. It connects with other threat intel apps and provides enriched data using the payload. Used by IT security departments to monitor security issues and the health of devices.
  • User friendly user interface.
  • Integration with other threat intel websites.
  • Need other association rules based on behavioral analysis.
It does real-time analysis and informs about recent threats in the environment. It detects phishing threats and sends alerts instantly about them. Other than providing security encryption, users don't need to code anything into the terminal to run its patches. It is a great tool that provides great results and easy-to-use programming features like PlayBooks.
Score 9 out of 10
Vetted Review
Verified User
Review Source
After too many devices and servers are introduced into the network, many logs are created and deleted due to inadequate human resources and time. It became unbearable and the security incident was overlooked. So I learned about Splunk SOAR and tested it before buying. All event logs can be merged into a single engine and analyzed to issue alerts. We use security to check for various server errors, account changes, and invalid login attempts. Most importantly, it should be used against various malware and hackers who want to access it.
  • It is a versatile product with many important and useful features that combined with great customer service make for a successful product.
  • It has wide range of useful features.
  • Time saving for coding.
  • The price is little high.
  • The user interface is not easy , it is bit complex.
  • Newsletter can be better.
It is recommended for small teams running large security infrastructures to deal with many false positives that reduce team productivity. SOAR is introduced with an intuitive editor that allows you to create templates simply by dragging and dropping the required elements into a stream without technical background.
Alpa Wali | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
We are embracing the Splunk SOAR application tool in all our incoming and outgoing connections as their primary log aggregating platform. It has helped us in achieving safe log onboarding of applications we use around the company. We also implement Splunk SOAR in monitoring our websites (front-end wise) that are being hosted by the company's servers.
  • It detects well phishing threats - and sends alerts instantly
  • I appreciate its ability to execute threat intelligence - we are always aware of all potential CTIs in our organization.
  • When you want to customize an investigation, there are so many rules to adhere to making it very complex
  • I've noticed latencies during page transitions (especially from homepage landing)
While using Splunk ROAR, I have realized a few things and the first is that if you want to properly handle threats on your system, let SPLUNK be your hand and you'll have few regrets in the end. Splunk is well suited to perform security threat responses and the generated reports are powerful insights to prompt you to make necessary adjustments. The End to End testing in SDLC with SPLUNK has been of major help in stimulating real user experiences.
Score 8 out of 10
Vetted Review
Verified User
Review Source
competition forces us to protect our sensitive details, inventories, and how we connect prototypes with end-users, we are an ideal target for espionage, SOAR has helped us to reduce system information breaches and leaks.
  • When coupled with excellent customer service, it takes the SOC environment to a whole new level of flexibility and usefulness.
  • Easy to write coding
  • Assortment of data
  • When a threat is discovered, it sends an alarm. As a whole, it helps to streamline the process of keeping things secure.
  • As a result of the improved security, a positive return is realized.
  • It has a steep learning curve because it is so difficult to grasp.
  • The support team sometimes does not know how to solve all of my difficulties, and it takes me weeks to figure them out on my own.
The automation of Splunk SOAR's security system protects it from the threats that are always out there. Every time we use it, we're astounded at how much better it becomes. In no time, we can see the results of our coding efforts. Security is a key answer for any organization, no matter how large or small.
Score 8 out of 10
Vetted Review
Verified User
Review Source
Complete set of security tools to keep hackers at bay in cloud computing systems with record and data maintenance. It was easier to install and integrate than some other packages like MISP, Sec Onion, and more.
  • The best technique to protect confidential information.
  • Simpleness of usage and compatibility with the Windows operating system.
  • When a threat is discovered, it sends an alarm. Automating security in general.
  • Complexity makes for a steep learning curve.
  • The customer service crew is excellent, yet there is room for improvement.
  • It allows us to process malware email alerts in a matter of seconds, and more importantly, to correct fake bank accounts and transactions.
Splunk SOAR provides the best system security. One of the many benefits I received from using it was the ability to automate reactions and recognize potential threats that could leave my systems vulnerable. The most effective solution for automating Splunk SOAR is now available. Because security is at the heart of everything, it's worth a shot for any size company.
Score 8 out of 10
Vetted Review
Verified User
Review Source
When it comes to automating and streamlining medical workflows, Phantom SOAR is the best tool we have.
  • Installation and Configuration
  • Because of the Phython customization options, Ansible is a highly dynamic tool.
  • No coding and easy playbook creation distinguish it from its competitors.
  • How Easy It Is to Get Started
  • Up-to-date information at all times
  • A lack of instructions or access to the Postgres database in the customer's installation impedes various customization options.
  • Python libraries have been updated.
  • Model of Pricing
  • There is potential for improvement in the integration of APIs and third-party applications.
It's simple to include navigation into security monitoring systems, and it's also simple to train others to use it. Quick and simple to use, with a little course that can assist a professional get started and performing at their peak. In addition to being able to be used for software orchestration, the tool is jam-packed with functionality. A wide range of organizations throughout the industry and sector use it as a standard for orchestration automation and response tooling because of its complexity.
Score 7 out of 10
Vetted Review
Verified User
Review Source
Since our network has always been vulnerable to online threats, our company relies on the services of Splunk SOAR to implement improvements in our internal system. During the installation process, we encountered some difficulties but were pleased to have technical support, and the implementation was completed in a short period of time. Because Spunk SOAR has an automated approach to eliminate any threat that even tries to appear in our firm, we lower the amount of manual analysis and increase our effectiveness.
  • You can manage a large number of services thanks to the API.
  • It's a versatile solution with a slew of beneficial features and top-notch customer service that elevates the SOC environment.
  • It is the nerve center of the security ecosystem, giving teams the ability to spot anomalies right away with the information it provides.
  • The rationale of the graphical user interface is confusing. You must first understand the logic before you can successfully apply it. There are times when the focus is too much on security terms.
  • Although the API is quite good, it is still missing a few endpoints and supporting documentation. Occasionally, I had to contact the vendor for assistance because the answer was not provided in the manual.
  • Because there are so many guidelines to follow when conducting a customized investigation, the process becomes extremely difficult.
I give it a 7 out of 10 with the possibility of bumping it up to 10 because it's a great tool for analyzing threats, but some members of my team didn't find it very simple. Splunk SOAR (Security Orchestration, Automation, and Response) has to be configured and customized to our desire before Phantom. Right now, I give it a 7 out of 10, but I think it might use some work on the user interface to make it more accessible to those with less experience.
Score 7 out of 10
Vetted Review
Verified User
Review Source
Simple coding-free automationSplunk SOAR is being used to automate the security infrastructure, which includes the hiring of hospital staff and the addition of additional applications for our clients. In the web application, we've been doing most of our work, and managing the security of all these applications is extremely difficult. SOAR aids us in keeping track of these programs and sends us notifications when any of them change. As a result, false positives are reduced, and IT teams and human resources benefit from an increase in productivity.
  • Templates can be written using a visual editor that even a non-technical person can use.
  • A good API makes it possible to manage a large number of services and resources from a single location.
  • An excellent product with a wide range of useful features and excellent customer support makes the SOC environment better.
  • It is simple to set up and use. It's great for us and I believe most of our customers because the license is per seat (user).
  • More information for new users can be included in the documentation.
  • mproved pricing is needed
  • There is room for improvement in API and third-party application integration.
  • Disaster recovery could be improved by this. There is a feature called warm standby for that, but the process of failover is still manual and prone to errors.
Yes! As technology continues to advance, automation and orchestration will be essential. In order to get there, using Phantom is a fantastic option.
Bernadette Johnsen | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
This software is very fast to protect our system, we require the services of Splunk SOAR to implement improvements in our internal system, since our network has always been a constant victim of the threats that abound on the web, in the installation process we had problems, but we loved having technical support, the implementation was completed in a short time, it is a complete system to automate alerts in advance, it has very good scans to neutralize threats and protect our information. We reduce manual analysis, and we are more effective because Spunk SOAR has an automated system to eliminate any threat that even tries to appear in our company.
  • Automated analyzes that eliminate manual work.
  • Order of priority in the analysis, determining greater efficiency in the detection of threats.
  • Great time savings and easy code writing, without being experts we achieve good cases of alerts.
  • We found no major flaws with Splunk SOAR, but it is slightly disadvantaged by the acquisition price, as it is high and some companies may think twice before buying it.
To all the community that is still hesitating to buy Splunk SOAR, I must say that this is the most scalable system on the market to prevent threats from penetrating the enterprise system. I rate them with 10 points because it is a very dynamic software, it generates productivity and a lot of confidence among employees, it is not slow, the alerts detected prevent future inconveniences, and you do not have to know much about writing code, because it is structured in Python, which generates a quick configuration.
Angelica Cavalli | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
With its security orchestration and integration capability, Splunk SOAR enables us to connect and use other security tools easily, which is incredible and helps strengthen our defense. A powerful product that helps to automate our security actions with easy coding of workflows and also it enables us to collaborate easily and respond to security issues quickly.
  • Its security orchestration and integration capability that supports multiple tools.
  • Easy coding that automates our security actions.
  • Enables us to easily collaborate and respond to security issues faster.
  • Splunk SOAR is a flexible product that is easy to deploy.
  • Efficient tracking and monitoring capability.
  • Excellent real-time reporting functionality.
Splunk SOAR orchestrates all security infrastructure into one and its integration capability with other tools helps to strengthen your defense and automate your security actions with easy code products. Great product that enables effective communication with your team members and quick response to security issues to take action quickly before causing any damage.
Christine Bergen | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
I am from the finance department, and therefore we need to have our system highly protected because we have valuable information that cannot be damaged by threats that exist on the network. With Splunk SOAR we know that we are calm, we do not have to be always glued to the screen, because it is a simplified and automated system. The installation and implementation were complex, but it didn't take long as the support was very descriptive and helpful in light of our inexperience. We are currently living a good experience, we adapt the analyzes as we want and we know that the information is protected.
  • Good scanning customization, scheduling is very easy and prevents threat ingress disasters.
  • Much needed playbook, productivity and agility is what it reflects.
  • A SOAR tool that has features that similar ones don't have, I like the protection it gives us without lifting a finger.
  • The only barrier that we have noticed is its high price, for small companies, it is an excess, but for large companies, it is software that cannot be missing.
I qualify it with 10 points, it is very good to be able to speed up code writing, it has good automation, you don't have to know much to use it, because the training time is short. Information protection is the best, threats are stopped immediately, it has a great visual editor, editing is great, quick profits, and it keeps the system protected from web dangers.
Adrian Rodriguez | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
This detection system was introduced in the company to implement greater security in threat detections, the incorporation of Splunk SOAR has been very surprising since it detects threats that are not detected manually. SOAR has a very good speed to scan the system for invisible flaws. We have been working with Splunk SOAR for 2 years and we feel very comfortable since we do not have to program much, it is very automatic and the playbook is very easy, it is a product that works very effectively for us.
  • Superior intelligence to detect threats in seconds.
  • Systematic steps to program the detection of threats, it is a system with interesting customization functions.
  • Fast updates and a very complete system for threat analysis.
  • Complex user interface, not everyone has the ability to use Splunk SOAR.
I rate it with a score of 9 with the probability of increasing it to 10, since it is perfect for threat analysis, I can say that personally, I understood its operation, but part of my work team did not find it so easy. We had to do constant training to be able to configure and customize Splunk SOAR (Security Orchestration, Automation, and Response), before Phantom to our liking. Currently, I recommend it and I rate it a 9 but it needs to improve the user interface to make it more understandable for people with little knowledge.
Sweety Elizabeth Jerome | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
The Splunk SOAR is that all that is being used by our security operations Centre by the center cyber security team and the blue team to monitor the endpoints and websites that have been hosted onto the system. This includes modem, web applications emails, client systems, and provides a wide variety of use cases that helps in threat intelligence, including detection and mitigation of threats involving, phishing campaigns, ransomware, malicious websites, and denial of service attacks.
  • Ease of Setup
  • Quality of Support and Assistance by the team
  • Feature rollout
  • Timely updates
  • Pricing Model
  • Simplified Integration
Navigation is easy to integrate and very easy to teach people and get into the process of security monitoring. Easy to use and rather can be an easy instructor with a small course would help a professional to get in and you start or at its best. The tool is packed with a lot of features that allow it to be used internally at the same time can be used for software orchestration. Due to its complexity, it has been widely and adapted across the industry and sector benchmark insecurity orchestration automation and response tooling