A product that although has some qwirks, is one of the more flexible SOAR platforms to work with
September 04, 2023
A product that although has some qwirks, is one of the more flexible SOAR platforms to work with
Score 6 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk SOAR
As part of a security orchestration team, we build automations to help not only in our incident response capabilities, but we also utilize it for data movement and reporting purposes. This helps streamline our business objectives to keep a consistent and actively tracked means to assets, vulnerability management, our cloud environment monitoring, SIEM solutions, and much more.
Pros
- REST API calls to other products for orchestration
- Incident Response (if utilized correctly)
- Monitoring and Logging efforts
Cons
- Incident Response capabilities and features
- Apps and streamlining the build process
- real time syntax linting
- Available Documentation and online Learnings
- Data Orchestration for Metrics and Logging
- Faster Process Execution
- System Monitoring efforts for failures, etc
Splunk SOAR is one of the more easier to use SOAR products because it gives you the ability to basically write a python script directly as a playbook rather than having to have logic steps built for each decision and only run one thing at a time. I have had previous SOAR products that require a tremendous amount of effort to setup data ingestion, where as Splunk SOAR seems to have the easiest route to execution.
Do you think Splunk SOAR delivers good value for the price?
Not sure
Are you happy with Splunk SOAR's feature set?
Yes
Did Splunk SOAR live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Splunk SOAR go as expected?
I wasn't involved with the implementation phase
Would you buy Splunk SOAR again?
Yes
Comments
Please log in to join the conversation