Splunk SOAR Review
September 11, 2023
Splunk SOAR Review
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk SOAR
We are uing SOAR playbooks to automate the alerting mechanism for the Operations
- Prioritize alerts
- Improve operational efficiency and productivity
- Automate response and remediation actions
- It's specifically geared for SOC and not broader automation
- The artifact filtering that's forced on everything inside the platform is pretty awful
- the documentation and support could be improved
- The playbooks are valuable. They are the core component. Being able to implement and build a code process to work through and scale out what we want to do is valuable
- Before its use, analyzing each email would take at least 15 to 20 minutes, with some complex cases taking up to 30 minutes...With the automation provided by Splunk Phantom, we could significantly reduce the amount of time and human effort required to complete this task
Splunk SOAR is one of the more easier to use SOAR products because it gives you the ability to basically write a python script directly as a playbook rather than having to have logic steps built for each decision and only run one thing at a time. I have had previous SOAR products that require a tremendous amount of effort to setup data ingestion, where as Splunk SOAR seems to have the easiest route to execution.
Do you think Splunk SOAR delivers good value for the price?
Not sure
Are you happy with Splunk SOAR's feature set?
Yes
Did Splunk SOAR live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Splunk SOAR go as expected?
Yes
Would you buy Splunk SOAR again?
Yes