Bringing Security Architecture and Automation to Cloud
March 14, 2022

Bringing Security Architecture and Automation to Cloud

Sweety Elizabeth Jerome | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk SOAR (Security Orchestration, Automation and Response), formerly Phantom

The Splunk SOAR is that all that is being used by our security operations Centre by the center cyber security team and the blue team to monitor the endpoints and websites that have been hosted onto the system. This includes modem, web applications emails, client systems, and provides a wide variety of use cases that helps in threat intelligence, including detection and mitigation of threats involving, phishing campaigns, ransomware, malicious websites, and denial of service attacks.

Pros

  • Ease of Setup
  • Quality of Support and Assistance by the team
  • Feature rollout
  • Timely updates

Cons

  • Pricing Model
  • Simplified Integration
  • Identified and Mitigated Threats
  • Log4j Mitigation and attack Prevention
  • Automation efforts
The tool allows Alert enrichment, which is a widely used feature allowing us to automate the process of data collection and enrichment from various sources. This allows security analysts to 2investigate and responds to security alerts that much faster. The tool also allows us to tires using the crowd strike malware call PlayBook allowing us to have better visibility across tamale hosted machines and cloud infrastructure
We use Splunk for different automation use cases, This involves, Alerting, Phishing Investigation, endpoint malware triage, and different threat intelligence use cases. This allows our security analysts to focus more on their work rather than looking at the baby did you task which is taken care of with the playbook feature. The advantage is that this is completely customizable and you say pretty straightforward allowing security researchers to bring what organization exactly wants in terms of securing their infrastructure.

Do you think Splunk SOAR delivers good value for the price?

Yes

Are you happy with Splunk SOAR's feature set?

Yes

Did Splunk SOAR live up to sales and marketing promises?

Yes

Did implementation of Splunk SOAR go as expected?

Yes

Would you buy Splunk SOAR again?

Yes

Navigation is easy to integrate and very easy to teach people and get into the process of security monitoring. Easy to use and rather can be an easy instructor with a small course would help a professional to get in and you start or at its best. The tool is packed with a lot of features that allow it to be used internally at the same time can be used for software orchestration. Due to its complexity, it has been widely and adapted across the industry and sector benchmark insecurity orchestration automation and response tooling

Comments

More Reviews of Splunk SOAR

  1. Home
  2. Security Orchestration, Automation and Response (SOAR) Tools
  3. Splunk SOAR Reviews
  4. User Review of Splunk SOAR