Skip to main content
TrustRadius
Splunk SOAR

Splunk SOAR
Formerly Phantom

Overview

What is Splunk SOAR?

Splunk now offers a security orchestration, automation, and response (SOAR) platform via its acquisition of Phantom. Splunk Security Orchestration and Automation (Splunk SOAR) provides playbook automation and is available as a standalone solution.

Read more

Learn from top reviewers

Awesome tool for Security Monitoring.

Rating: 9 out of 10
October 29, 2023
IncentivizedVetted ReviewVerified User
Splunk SOAR has helped us to monitor and manage the security alerts and notifications for our various applications. After setting up Splunk SOAR, investigation and resolution ...
Continue reading
Verified user
Engineer
Splunk SOAR1 year of experience

Splunk SOAR Robust and efficient.

Rating: 8 out of 10
September 12, 2023
IncentivizedVetted ReviewVerified User
We're using it for Automation to address different clients to help them reduce their working time on certain things, which helps them increase their efficiency and thereby hel...
Continue reading
Gaurav S
Consultant - Customer Service
Senior Security Specialist
Ernst and young
Splunk SOAR2 years of experience

Splunk SOAR Review

Rating: 9 out of 10
September 11, 2023
IncentivizedVetted ReviewVerified User
We are uing SOAR playbooks to automate the alerting mechanism for the Operations
Continue reading
Verified user
Employee
Splunk SOAR1 year of experience

A product that although has some qwirks, is one of the more flexible SOAR platforms to work with

Rating: 6 out of 10
September 4, 2023
IncentivizedVetted ReviewVerified User
As part of a security orchestration team, we build automations to help not only in our incident response capabilities, but we also utilize it for data movement and reporting p...
Continue reading
Verified user
Professional
Splunk SOAR1 year of experience

Exceptional threat reporting and efficient and robust algorithm based bug handling

Rating: 8 out of 10
May 31, 2023
IncentivizedVetted ReviewVerified User
We were largely depending on Splunk SOAR for active threat detection and alert monitoring .It has a good algorithm based signature handling which efficiently manages threats. ...
Continue reading
Ramu S R
Administrator - Information Technology
Junior Network Administrator
AMRITA VISHWA VIDYAPEETHAM
Splunk SOAR2 years of experience
Log in with LinkedIn to see content from your network

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Return to navigation

Pricing

View all pricing
Splunk SOAR

Splunk SOAR

N/A
Unavailable

What is Splunk SOAR?

Splunk now offers a security orchestration, automation, and response (SOAR) platform via its acquisition of Phantom. Splunk Security Orchestration and Automation (Splunk SOAR) provides playbook automation and is available as a standalone solution.

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.splunk.com/en_us/products/p…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

75 people also want pricing

Alternatives Pricing

KnowBe4 PhishER/PhishER Plus

KnowBe4 PhishER/PhishER Plus

$0.75
per month (billed annually) per seat
What is KnowBe4 PhishER/PhishER Plus?

PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security…

Trellix Helix

Trellix Helix

Free
What is Trellix Helix?

Trellix Helix (formerly FireEye Helix) is a SIEM solution providing a non-malware threat detection solution.

Return to navigation

Product Details

What is Splunk SOAR?

Splunk SOAR provides security orchestration, automation and response capabilities that allow security analysts to work smarter by automating repetitive tasks; respond to security incidents faster with automated detection, investigation, and response; increase productivity, efficiency and accuracy; and strengthen defenses by connecting and coordinating complex workflows across their team and tools. Splunk SOAR also supports a broad range of security operations center (SOC) functions including event and case management, integrated threat intelligence, collaboration tools and reporting.

Splunk SOAR Competitors

Splunk SOAR Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Splunk now offers a security orchestration, automation, and response (SOAR) platform via its acquisition of Phantom. Splunk Security Orchestration and Automation (Splunk SOAR) provides playbook automation and is available as a standalone solution.

Palo Alto Networks Cortex XSOAR and Google Security Operations are common alternatives for Splunk SOAR.

Reviewers rate Performance highest, with a score of 8.3.

The most common users of Splunk SOAR are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

View all reviews
(1-5 of 40)

Splunk SOAR Robust and efficient.

Rating: 8 out of 10
Incentivized
September 12, 2023
GS
Gaurav S
Senior Security Specialist
Ernst and young (Security & Investigations, 10,001+ employees)
Vetted Review
Verified User
Splunk SOAR
2 years of experience
View profile
Likelihood to Recommend
If anyone is from a consulting background catering to multiple clients they can monitor all the clients by developing certain custom playbook which helps them to keep track of all these clients, thereby helping the team to monitor without putting in a lot of effort But Splunk SOAR has to develop cross-platform capabilities.

Exceptional threat reporting and efficient and robust algorithm based bug handling

Rating: 8 out of 10
Incentivized
May 31, 2023
RS
Ramu S R
Junior Network Administrator
AMRITA VISHWA VIDYAPEETHAM (Higher Education, 5001-10,000 employees)
Vetted Review
Verified User
Splunk SOAR
2 years of experience
View profile
Likelihood to Recommend
Splunk SOAR is best fitted for research purposes detailed packet-based data is required, it is also best suited for students who are perusing higher education in cyber security. It is less suited for normal users or apps that demand less security.

Awesome tool for Security Monitoring.

Rating: 9 out of 10
Incentivized
October 29, 2023
Verified User
Engineer in Engineering
Computer Software Company, 201-500 employees
Vetted Review
Verified User
Splunk SOAR
1 year of experience
Likelihood to Recommend
Well Suited: Integration of Splunk with other internal tools has been really helpful, especially when we integrated Splunk with our internal support and incident management portal. Less suited: Some processes can be completed using small scripts; it is recommended not to use this as this can be confusing and time-consuming for small tasks.

Splunk SOAR Review

Rating: 9 out of 10
Incentivized
September 11, 2023
Verified User
Employee in Information Technology
Information Technology & Services Company, 5001-10,000 employees
Vetted Review
Verified User
Splunk SOAR
1 year of experience
Likelihood to Recommend
The ability to integrate Splunk with our ticketing system has been an immense help because we can maintain our workflow while blending Splunk with our support desk and other ways that we track work.

A product that although has some qwirks, is one of the more flexible SOAR platforms to work with

Rating: 6 out of 10
Incentivized
September 04, 2023
Verified User
Professional in Information Technology
Financial Services Company, 1001-5000 employees
Vetted Review
Verified User
Splunk SOAR
1 year of experience
Likelihood to Recommend
Well Suited: Splunk SOAR helps provide a accurate understanding of events that trigger different workflows. Although a bit confusing to navigate the UI in some situations, it can provide metrics based on the type of events it looks for when triggering automations. Less Appropriate: Recently, our teams have been working on orchestration efforts that utilize a lot of API calls that the apps in Splunk SOAR don't necessarily support right out of the box. some custom functions are needed to do whats necessary. The main objective for Splunk SOAR is to drag and drop and with little configuration build playbooks and workflows to get solutions up and running. However, it seems in these scenarios where we are manipulating data and working a lot with API's and other data streams, its better off to just build a python script, run it in a cronjob or something similar, and let python do the rest. Splunk SOAR in this case can become quite difficult to setup to do whats needed and a simple python script could fix it.
Return to navigation