We performed a comparison between IBM Resilient and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We are able to deploy within half an hour and we only require one person to complete the implementation."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The product can integrate with any device."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The connectivity and analytics are great."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."
"The solution is very easy to use."
"As a whole, the product is stable...Technical support is very good."
"It's really simple and has a flexible interface."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"It is a stable solution...It is a scalable solution."
"The UBA, User Behavior Analytics, is very good."
"I have found the solution very useful, it integrates well with other platforms."
"The Palo Alto ecosystem has a marketplace offering integration with Sentinel or other products."
"It is a scalable solution."
"Many different playbooks are available and can be customized."
"We use the solution to automate our SIEM tools and incidents."
"The product can automate security tasks."
"I have no complaints about Cortex's stability."
"The most valuable features are simplicity and ease of integration."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"The product can be improved by reducing the cost to use AI machine learning."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"The initial setup is complex."
"The product needs a bit more development."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"The implementation could be a bit simpler."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"The product must provide more integration with other tools."
"The response time of the support is an area of concern where improvements are required."
"The solution is very expensive."
"The solution is complicated to learn."
"It doesn't offer automatic internet reports out of the box."
"The dashboard could be better."
"I would like to see Cortex become less dependent on Active Directory and group policies to manage the deployment. Maybe I need to update my understanding of how to deploy it, but that's the way I know how to use it."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."
"The configuration of the solution could improve it is difficult."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
IBM Resilient is ranked 7th in Security Orchestration Automation and Response (SOAR) with 17 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews. IBM Resilient is rated 7.6, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". IBM Resilient is most compared with Splunk SOAR, ServiceNow Security Operations, Fortinet FortiSOAR, IBM Security QRadar and IBM Cloud Pak for Security, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and ServiceNow Security Operations. See our IBM Resilient vs. Palo Alto Networks Cortex XSOAR report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.