IBM Resilient vs Siemplify comparison

Sponsored
Microsoft Sentinel
Read 86 Microsoft Sentinel reviews
  • 17,297 Views
  • 9,622 Comparison Views
92% willing to recommend
IBM Resilient
Read 17 IBM Resilient reviews
  • 1,960 Views
  • 1,249 Comparison Views
80% willing to recommend
Siemplify
Read 3 Siemplify reviews
  • 1,334 Views
  • 815 Comparison Views
80% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between IBM Resilient and Siemplify based on real PeerSpot user reviews.

Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed IBM Resilient vs. Siemplify Report (Updated: May 2024).
Buyer's Guide
IBM Resilient vs. Siemplify
May 2024
Download the complete report
Helped 787,779 peers since 2012
 

Categories and Ranking

Microsoft Sentinel
Sponsored
Ranking in Security Orchestration Automation and Response (SOAR)
1st
Average Rating
8.2
Number of Reviews
86
Ranking in other categories
Security Information and Event Management (SIEM) (2nd), Microsoft Security Suite (5th)
IBM Resilient
Ranking in Security Orchestration Automation and Response (SOAR)
8th
Average Rating
7.6
Number of Reviews
17
Ranking in other categories
Security Incident Response (4th)
Siemplify
Ranking in Security Orchestration Automation and Response (SOAR)
16th
Average Rating
8.6
Number of Reviews
3
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of June 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Microsoft Sentinel is 20.2%, up from 17.6% compared to the previous year. The mindshare of IBM Resilient is 2.1%, down from 3.0% compared to the previous year. The mindshare of Siemplify is 1.6%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
Unique Categories:
Security Information and Event Management (SIEM)
13.7%
Microsoft Security Suite
5.3%
Security Incident Response
20.0%
No other categories found
 

Featured Reviews

Nagendra Nekkala - PeerSpot reviewer
Nov 8, 2023
Provides a unified set of tools to detect, investigate, and respond to incidents and enables proactive threat hunting
We use the tool to help secure our cloud-native security solutions. By enabling us to secure our cloud environments, it acts as a single solution for attack detection and threat visibility for proactive hunting. The solution gives us a library of customizable content that helps us address our unique needs. It also gives regular patch updates. It helps us to be updated with the latest threats happening across the world. We use the Microsoft Sentinel Content hub. Integration with Active Directory is also helpful for us. The content hub enables us to see the latest features. We have Extended Detection and Response in SentinelOne. It provides effective protection for the platform. It provides more cybersecurity by providing more visibility and protects our enterprise. The content hub helps us centralize out-of-the-box security information and event management content. It discovers and manages the built-in content. It provides an end-to-end security for us. Microsoft Sentinel correlates signals from first and third-party sources into a single high-confidence incident. It can extract the information through the respective APIs of the third parties. It has increased our threat intelligence, monitoring, and incident analysis efficiency. We use Microsoft Sentinel's AI in automation. The generative AI features enable real-time threat hunting and detection. The solution has helped improve our visibility into user and network behavior. The generative AI provides better detection and response capabilities and faster response times with actionable intelligence. The product has saved us time. It helps us get various log files. When there’s an incident, it enables us to do investigations faster. The tool saves us three days in a week. It reduces the work involved in our event investigation by streamlining the processes and making automation effective. Event investigation is much faster. If someone is looking for a comprehensive solution, Microsoft Sentinel is a good choice. It will fulfill all our needs, including attack detection, threat visibility, and response. Overall, I rate the solution an eight out of ten.
Read full review
Jaliya Bandara - PeerSpot reviewer
Jan 26, 2023
It has a complete stack, so you don't need to use different OEM products because you have all you need under one umbrella
What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products. In a way, IBM Resilient is an orchestration platform, so it should allow you to orchestrate other OEMs or products from non-IBM vendors. If there were a pre-built function that lets you integrate third-party solutions with IBM Resilient, the initial setup for the solution would become easier and more flexible. Implementing or integrating other platforms with IBM Resilient would also take less time. After the solution is implemented, that's the time my company can give more recommendations on which features to add to improve IBM Resilient.
Read full review
CR
Apr 26, 2023
Great for reporting and ticketing for SOC MxDR client environments and has a great, supportive community
There are so many incredible features in the Chronicle SOAR platform that it's difficult to narrow down the list, however, if I had to choose, I would say that the most valuable features are the playbook builder and the integrations. The playbook builder allows us to establish workflows for the various case types that our analysts encounter within the SOC. These can be as granular or as high level as they need to be depending upon our business objectives and alert priorities. In turn, the tremendous number of integrations in the marketplace and the IDE (to custom-develop new integrations) are what make the playbooks as powerful as they are. Together, the integrations and playbooks make it simple to integrate powerful new capabilities and workflows.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The automation feature is valuable."
"The initial setup is very simple and straightforward."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The connectivity and analytics are great."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
More Microsoft Sentinel pros
"It is a stable solution...It is a scalable solution."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"The most valuable thing about it is how easy it is to navigate the user interface."
"It's really simple and has a flexible interface."
"The UBA, User Behavior Analytics, is very good."
"Its flexibility is the most valuable."
"As a whole, the product is stable...Technical support is very good."
"The product is very good at incident response."
More IBM Resilient pros
"The most valuable feature of Siemplify is the playbooks that can be created."
"Without hyperbole, I have never, in my entire career, encountered a vendor or a vendor community as awesome as Siemplify. Siemplify and the Siemplify Community quite literally made it possible for our SOC to increase almost five-fold in our number of clients and number of analysts and to go from a Monday to Friday 9-5 shop to a 24/7 shop all in the span of under a year and a half and all while continually adding capabilities and improving the services we offer to our clients."
"The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user interface is generally straightforward, although recent changes may require some adjustment and Siemplify's integrations and capabilities offer potential support for various compliance requirements."
 

Cons

"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"The reporting could be more structured."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
More Microsoft Sentinel cons
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"IBM Resilient could integrate better with my tools."
"The implementation could be a bit simpler."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"The tool needs to improve its documentation on license scripts."
"The product needs a bit more development."
More IBM Resilient cons
"We often encounter minor issues that could be improved, but we maintain communication with the developers and submit feature requests. Recently, I requested enhancements such as improved search functionality within playbooks and expanded options for exporting case data."
"I'm inclined to say that I'd love to see some Machine Learning capabilities integrated into the platform, however, I just attended a demo this morning where Siemplify gave a sneak peek into some Machine Learning capabilities that they are currently developing and have roadmapped for release soon."
"Building the playbooks could be easier and the integration could improve. It is a difficult process, such as what API connections need to be made."
 

Pricing and Cost Advice

"Microsoft Sentinel is included in our E5 license."
"Some of the licensing models can be a little bit difficult to understand and confusing at times, but overall it's a reasonable licensing model compared to some other SIEMs that charge you a lot per data."
"It is consumption-based pricing. It is an affordable solution."
"Sentinel is pretty competitive. The pricing is at the level of other SIEM solutions."
"Microsoft can enhance the licensing side. I feel there is confusion sometimes... They should have a single license in which we have the opportunity to use the EDR or CASB solution."
"Sentinel is costly compared to other solutions, but it's fair. SIEM solutions like CrowdStrike charge based on daily log volume. They generally process a set number of logs for free before they start charging. Microsoft's pricing is clearer. It's free under five gigabytes. Some of these logs we ingest have a cost, so they don't hide it. I believe the tenant pays the price, and Microsoft helps create awareness of the cost."
"Sentinel's price is comparable to pretty much everything out there. None of it is cheap, but we didn't think we could save money by going a different route. Sentinel was part of our Azure expenditures, so it was easier to add the expense instead of having a completely separate vendor."
"The pricing is based on how much you ingest, so it's pretty straightforward. There are no tiers, and you pay for what you use unlike with other types of SIEM solutions that are usually based on tiers."
More Microsoft Sentinel pricing and cost advice
"I feel it is an expensive product when my company pays annually for renewal, support, and follow-up."
"The licensing cost for IBM Resilient is not too expensive, but it's not affordable, so it's moderately expensive. Regarding price, I'm rating the solution seven out of ten. The company pays for the license yearly, based on the number of users. Apart from the cost of the license you need to pay for each user, you also need to spend an initial investment for the base platform. You also have to pay for IBM Resilient support."
"It is very expensive."
"I would rate the tool’s pricing a three out of ten. The tool’s pricing is on a yearly basis."
"We could create unlimited users using the license we had purchased."
"There are no costs except for the support services that our company pays in addition to the licensing charges attached to the solution."
"There is a license you need to pay for in order to use this product."
"Pricing for the solution is good, in my opinion."
More IBM Resilient pricing and cost advice
Information not available
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
See recommendations
787,779 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
10%
Government
9%
Manufacturing Company
7%
Financial Services Firm
18%
Computer Software Company
13%
Government
9%
Manufacturing Company
8%
Computer Software Company
14%
Financial Services Firm
11%
Comms Service Provider
8%
Energy/Utilities Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel an...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingest...
See all answers
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel...
See all answers
What do you like most about IBM Resilient?
It is a stable solution...It is a scalable solution.
See all answers
What is your experience regarding pricing and costs for IBM Resilient?
The product is expensive. There is a need to make yearly payments towards the licensing costs attached to the solutio...
See all answers
What needs improvement with IBM Resilient?
The configuration area to deal with during the very beginning or initial stages of the product can be the hardest par...
See all answers
What do you like most about Siemplify?
The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations wi...
See all answers
What needs improvement with Siemplify?
We often encounter minor issues that could be improved, but we maintain communication with the developers and submit ...
See all answers
What is your primary use case for Siemplify?
Siemplify has streamlined various tasks such as configuring playbooks, integrations, and running reports. It helps au...
See all answers
 

Comparisons

AWS Security Hub vs Microsoft Sentinel Logo
AWS Security Hub vs Microsoft Sentinel
Compared 17% of the time
IBM Security QRadar vs Microsoft Sentinel Logo
IBM Security QRadar vs Microsoft Sentinel
Compared 12% of the time
Wazuh vs Microsoft Sentinel Logo
Wazuh vs Microsoft Sentinel
Compared 6% of the time
Splunk Enterprise Security vs Microsoft Sentinel Logo
Splunk Enterprise Security vs Microsoft Sentinel
Compared 5% of the time
Elastic Security vs Microsoft Sentinel Logo
Elastic Security vs Microsoft Sentinel
Compared 5% of the time
More Microsoft Sentinel Competitors
Palo Alto Networks Cortex XSOAR vs IBM Resilient Logo
Palo Alto Networks Cortex XSOAR vs IBM Resilient
Compared 36% of the time
Splunk SOAR vs IBM Resilient Logo
Splunk SOAR vs IBM Resilient
Compared 21% of the time
ServiceNow Security Operations vs IBM Resilient Logo
ServiceNow Security Operations vs IBM Resilient
Compared 12% of the time
IBM Security QRadar vs IBM Resilient Logo
IBM Security QRadar vs IBM Resilient
Compared 9% of the time
IBM Cloud Pak for Security vs IBM Resilient Logo
IBM Cloud Pak for Security vs IBM Resilient
Compared 3% of the time
More IBM Resilient Competitors
Splunk SOAR vs Siemplify Logo
Splunk SOAR vs Siemplify
Compared 39% of the time
Palo Alto Networks Cortex XSOAR vs Siemplify Logo
Palo Alto Networks Cortex XSOAR vs Siemplify
Compared 28% of the time
ServiceNow Security Operations vs Siemplify Logo
ServiceNow Security Operations vs Siemplify
Compared 16% of the time
Fortinet FortiSOAR vs Siemplify Logo
Fortinet FortiSOAR vs Siemplify
Compared 9% of the time
Swimlane vs Siemplify Logo
Swimlane vs Siemplify
Compared 8% of the time
More Siemplify Competitors
 

Product Reports

Buyer's Guide
Microsoft Sentinel
June 2024
Microsoft Sentinel reportDownload Microsoft Sentinel product report
Buyer's Guide
IBM Resilient
June 2024
IBM Resilient reportDownload IBM Resilient product report
Buyer's Guide
Security Orchestration Automation and Response (SOAR)
June 2024
Siemplify reportDownload Siemplify product report
 

Also Known As

Azure Sentinel
No data available
Siemplify ThreatNexus
 

Learn More

Microsoft
Video not available
IBM
Siemplify
 

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.

The Resilient IRP quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.

Siemplify offers the ability to: Manage security operations from a single platform, build repeatable, automated security processes, and track, measure and improve SOC performance.

Manage Security Operations from a Single Platform

From case creation, through investigation to remediation – Siemplify provides the intuitive,  cloud-native workbench security operations teams have been craving to effectively respond at scale.

Build Repeatable, Automated Security Processes

Playbooks orchestrate over 200 of the tools that you rely on with a simple drag and drop interface. Automate repetitive tasks to free up your time for higher-value work and slash response times.

Track, Measure and Improve SOC Performance

Rise above the daily firefighting to make data-informed decisions that drive continuous improvement with machine-learning-based recommendations and advanced analytics for complete visibility of SOC activity.

- Largest independent SOAR vendor

- Purpose-built for enterprise and the leading SOAR for MSSP

- The first Cloud-native SOAR solution

 

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
Golden Living, Health Equity, USA Funds
FedEx Mondelez Intenrational Check Point Trustwave Atos Cyberint Bae Systems Crowe Longwall Security Telefonica Nordea HCL
Buyer's Guide
IBM Resilient vs. Siemplify
May 2024
Free Report: IBM Resilient vs. Siemplify
Find out what your peers are saying about IBM Resilient vs. Siemplify and other solutions. Updated: May 2024.
DOWNLOAD NOW
787,779 professionals have used our research since 2012.
See our IBM Resilient vs. Siemplify report.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.