Try our new research platform with insights from 80,000+ expert users
IBM Resilient Logo

IBM Resilient Reviews

Vendor: IBM
3.7 out of 5
Badge Leader
Leave a review

What is IBM Resilient?

The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.

Get the IBM Resilient Buyer's Guide and find out what your peers are saying about IBM Resilient, Microsoft Sentinel, IBM Security QRadar and more!
IBM Resilient is the #3 ranked solution in top Security Incident Response solutions and #11 ranked solution in SOAR tools. PeerSpot users give IBM Resilient an average rating of 7.4 out of 10. IBM Resilient is most commonly compared to Microsoft Sentinel: IBM Resilient vs Microsoft Sentinel. IBM Resilient is popular among the large enterprise segment, accounting for 64% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 33% of all views.
Buyer's Guide
IBM Resilient
July 2025
Get the report
Helped 863,564 peers since 2012

Featured IBM Resilient reviews

Read more reviews

IBM Resilient mindshare

Product category:
Security Incident Response
As of July 2025, the mindshare of IBM Resilient in the Security Incident Response category stands at 8.8%, down from 9.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Security Incident Response

PeerResearch reports based on IBM Resilient reviews

TypeTitleDate
CategorySecurity Incident ResponseJul 25, 2025Download
ProductReviews, tips, and advice from real usersJul 25, 2025Download
ComparisonIBM Resilient vs ServiceNow Security OperationsJul 25, 2025Download
ComparisonIBM Resilient vs VMware Carbon Black EndpointJul 25, 2025Download
ComparisonIBM Resilient vs Proofpoint Threat ResponseJul 25, 2025Download
Suggested products
TitleRatingMindshareRecommending
Microsoft Sentinel4.1N/A93%97 interviewsAdd to research
IBM Security QRadar4.0N/A91%209 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

IBM Resilient is valued for its simplicity and integration with IBM QRadar, offering flexibility and a user-friendly interface. It excels in incident response monitoring with robust security features. Users appreciate its comprehensive stack, mature architecture, and scalability. Dynamic playbooks, rapid action, and effective user behavior analytics enhance its appeal. Its incident response capabilities, threat intelligence, and container options are highly beneficial. Integration with IBM SIM and effective user blocking during attacks are key highlights.
  • "The integration with IBM SIM and the ability to block users during brute force attacks are particularly effective."
  • "It is a stable solution...It is a scalable solution."
  • "The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."

Room for Improvement

IBM Resilient requires enhanced integration with third-party tools and improved pricing and technical support. Users report complexity in initial setup and configuration, frequent compatibility issues, and limitations in device integration. More built-in automation and AI features would benefit users. The need for better documentation and user guidance, especially on custom playbooks and licensing, is evident. The lack of flexibility and challenges with data format handling suggest more development and research are necessary.
  • "Integration with some devices, including Cisco PowerPower and certain antivirus products, has limitations."
  • "The response time of the support is an area of concern where improvements are required."
  • "There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."

ROI

Some companies found that IBM Resilient delivered significant value with a substantial time-saving impact, claiming up to 80 percent efficiency improvement. Others expressed difficulty in assessing the financial gains without adequate expertise in utilizing the platform. For certain organizations, it's still premature to gauge the return on investment, while others haven't experienced measurable financial benefits from its deployment yet.

Pricing

IBM Resilient's pricing is viewed as expensive by many, with costs determined by a yearly licensing fee based on user count. Some describe it as moderately expensive but note affordability compared to other SOAR options. Additional costs include initial platform investments and support services. User opinions vary on pricing satisfaction, with some rating it affordable or cost-effective and others rating it lower on the affordability scale. This solution primarily suits enterprise-level environments.
  • "There are no costs except for the support services that our company pays in addition to the licensing charges attached to the solution."
  • "I feel it is an expensive product when my company pays annually for renewal, support, and follow-up."
  • "The cost of the product is quite high."

Popular Use Cases

Organizations primarily use IBM Resilient for cybersecurity operations, focusing on incident response automation and orchestration. They integrate it with IBM QRadar for data analysis and action, manage security services, and perform SOC analysis. It supports incident logging, team communication, and documentation, while automating workflows in operation centers. Industries like finance and governance utilize it for flexible incident handling and integration with security controls, emphasizing ticketing and case management. Resilient's tools enhance security processes across various sectors.

Deployment

IBM Resilient's initial setup varies in complexity. Some find it straightforward and quick, especially with prior IBM QRadar knowledge, while others face challenges in complex environments. Deployment can range from a day to several months. On-premises installations are generally easy, but customization can be time-consuming. Organizations often rely on multiple people for deployment and maintenance. Issues such as compatibility, especially with Palo Alto, may arise, impacting the process for some teams.

Scalability

IBM Resilient is known for scalability, allowing script customization and integration with various apps. It accommodates varying company sizes and supports user expansion. Though some encounter challenges, particularly with expertise availability, many find it scalable, rating it as high as nine out of ten. Some experience onboarding issues that are resolved with support. It scales easily with infrastructure support, addressing the needs of both small businesses and large enterprises effectively.

Stability

IBM Resilient demonstrates high stability, consistently praised for its reliability, performance, and lack of bugs or crashes. Users appreciate its stability for load and user management, efficiently handling incidents with unlimited licenses. Some report past stability issues, resolved with updates. It requires occasional administrative oversight, particularly for updating playbooks. For on-premises deployments, stability is particularly noted when configured correctly. Most users rate its stability nine or ten out of ten.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our IBM Resilient Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
By visitors reading reviews

Top industries

By visitors reading reviews
Financial Services Firm
33%
Computer Software Company
12%
Manufacturing Company
8%
Government
6%
Comms Service Provider
5%
Retailer
4%
Healthcare Company
3%
Educational Organization
3%
Performing Arts
2%
Energy/Utilities Company
2%
Construction Company
2%
Real Estate/Law Firm
2%
University
2%
Marketing Services Firm
2%
Insurance Company
2%
Media Company
1%
Wholesaler/Distributor
1%
Consumer Goods Company
1%
Hospitality Company
1%
Legal Firm
1%
Mining And Metals Company
1%
Transportation Company
1%

Compare IBM Resilient with alternative products

Go!

Learn more about IBM Resilient

The Resilient IRP quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.

IBM Resilient customers

Golden Living, Health Equity, USA Funds

Related questions

  • 135
What are the pros and cons of internal SOC vs SOC-as-a-Service?
  • 86
What are the Top 5 cybersecurity trends in 2022?
  • 235
How do you decide about the alert severity in your Security Operations Center (SOC)?
  • 146
What is the difference between cyber resilience and business continuity?
  • 309
What is an incident response playbook and how is it used in SOAR?
  • 325
What is the difference between mitigation and remediation in incident response?
  • 38
What does the Log4j/Log4Shell vulnerability mean for your company?
  • 44
What tools and solutions do you use for automated incident response in an enterprise in 2022?
  • 75
What are the latest trends in Security Operations Center (SOC)?
  • 53
What are the best practices for Security Operations Center (SOC)?

Product Categories

Product Categories
Security Incident Response
Security Orchestration Automation and Response (SOAR)

Popular Comparisons

Popular Comparisons
Microsoft Sentinel vs IBM Resilient Logo
Microsoft Sentinel vs IBM Resilient
IBM Security QRadar vs IBM Resilient Logo
IBM Security QRadar vs IBM Resilient
Palo Alto Networks Cortex XSOAR vs IBM Resilient Logo
Palo Alto Networks Cortex XSOAR vs IBM Resilient
Splunk SOAR vs IBM Resilient Logo
Splunk SOAR vs IBM Resilient
ThreatConnect Threat Intelligence Platform (TIP) vs IBM Resilient Logo
ThreatConnect Threat Intelligence Platform (TIP) vs IBM Resilient
ServiceNow Security Operations vs IBM Resilient Logo
ServiceNow Security Operations vs IBM Resilient
Fortinet FortiSOAR vs IBM Resilient Logo
Fortinet FortiSOAR vs IBM Resilient
Swimlane vs IBM Resilient Logo
Swimlane vs IBM Resilient
SECDO Platform vs IBM Resilient Logo
SECDO Platform vs IBM Resilient
Proofpoint Threat Response vs IBM Resilient Logo
Proofpoint Threat Response vs IBM Resilient
DFLabs IncMan SOAR vs IBM Resilient Logo
DFLabs IncMan SOAR vs IBM Resilient
See all alternatives
 

IBM Resilient reviews

Sort by:
DT
Team Lead at MindTree
Verified user of IBM Resilient
Jul 18, 2023
An excellent tool for incident response that provides good support to its users

Pros

"The product is very good at incident response."

Cons

"The product must provide more integration with other tools."

What is our primary use case?

We have a team for case management that builds use cases for the solution. We use the solution for SOC analysis.

What is most valuable?

The product is very good at incident response. We have integrated our security with it. We have a firewall and have integrated our domain controller with IBM Resilient. If we want to contain any alert, we can do it using the product. It has been a great tool for the SOAR platform or automation. It is very beneficial. We were able to control the mean time to escalate (MTTE) metrics with the help of the solution.

*Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Read full review (605 words)
PeerSpot user
Technical Seller at Alawtad group
Verified user of IBM Resilient
Oct 4, 2023
Suitable for different industries and ensures effective incident response

Pros

"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."

Cons

"One thing to improve is how it handles data formats, which currently might require scripting for conversion to CSV before uploading. "

What is our primary use case?

IBM Resilient is a flexible cybersecurity solution suitable for different industries like finance, governance, and private businesses. It ensures effective incident response, regardless of the specific sector. Whether dealing with financial threats, governance issues, or private organization security, Resilient's tools and workflows automate incident handling, making it valuable across various sectors.

What is most valuable?

The most valuable features of IBM Resilient are its flexibility and customization options for incident response. You can easily create dynamic playbooks tailored to your needs, which sets it apart from some competitors like Palo Alto. Resilient offers comprehensive incident response capabilities, from case management to automation, threat intelligence enrichment, and even the Bridge Response Module. This flexibility and depth of features make it stand out in helping organizations effectively handle security incidents. Clients appreciate Resilient for its ability to take action swiftly and efficiently.

*Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Read full review (792 words)
Buyer's Guide
Download free report
Find out what your peers are saying about IBM Resilient. Updated July 2025
863,564 professionals have used our research since 2012.
Usman Bhatti - PeerSpot user
Senior Officer Security Operations Center at a financial services firm with 10,001+ employees
Verified user of IBM Resilient
Mar 20, 2023
Simple deployment, scalable, but lacking third-party solution compatibility

Pros

"The solution is reliable in our usage."

Cons

"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."

What is our primary use case?

Our usage of IBM Resilient was primarily limited to communication and incident resolution. Although there was some automation implemented, we experienced delays from the technical side. Therefore, we only utilized it for incident logging, team communication, and documentation purposes. In case of any future incidents, we could easily refer back to the records.

What is most valuable?

The solution is reliable in our usage.

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (508 words)
PeerSpot user
Manager at a financial services firm with 5,001-10,000 employees
Verified user of IBM Resilient
Oct 6, 2023
With an initial setup phase that is not complex, the product needs to focus on the improvement of its technical support

Pros

"The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."

Cons

"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."

What is our primary use case?

In my company, we use IBM Resilient SOAR.

What needs improvement?

One of the drawbacks of the solution stems from the fact that it is an expensive product. The solution's price is an area where improvement is required.

There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future.

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (542 words)
AA
Integration Dept. Manager at Nssc
Verified user of IBM Resilient
Jan 31, 2024
A tool with good integration capabilities and great stability

Pros

"It is a stable solution...It is a scalable solution."

Cons

"The response time of the support is an area of concern where improvements are required."

What is our primary use case?

I use IBM Resilient in my company to manage areas like automation of non-easy tasks and to be able to integrate with other security controls in our environment. The tool is also useful to manage areas like ticketing and case management.

What needs improvement?

The configuration area to deal with during the very beginning or initial stages of the product can be the hardest part for users. Dealing with the configuration part in the beginning stages can be difficult since it is very important for users to have the capability to identify what is required within the tool and what you want to automate. The product's configuration during the beginning stages can be an area that needs to be considered for improvement.

The response time of the support is an area of concern where improvements are required.

*Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Read full review (807 words)
Jaliya Bandara - PeerSpot user
SOC Manager at a comms service provider with 5,001-10,000 employees
Verified user of IBM Resilient
Feb 1, 2023
It has a complete stack, so you don't need to use different OEM products because you have all you need under one umbrella

Pros

"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."

Cons

"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."

What is our primary use case?

IBM Resilient is used primarily for security, particularly cybersecurity in operation centers. My company uses it to monitor the data security-related aspects of the IT infrastructure.

How has it helped my organization?

IBM Resilient is beneficial to my company because it gives endpoint visibility through the system's audited security and data logs. At the same time, you can monitor the communication between the systems at the network and endpoint level through IBM Resilient. Using the data from the solution, you can coordinate security data and activities, and you can audit activities from all angles, from different perspectives.

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (1342 words)
PeerSpot user
Senior ArcSight and IBM resileint (SOAR) administrator at a comms service provider with 1,001-5,000 employees
Verified user of IBM Resilient
May 22, 2023
A solution with good technical support with a complex configuration

Pros

"As a whole, the product is stable...Technical support is very good."

Cons

"IBM Resilient is quite complex, including its configuration. "

What is most valuable?

I didn't work in SOC and IT. However, IBM Resilient is a good tool. IBM Resilient is a good option, especially for its container capabilities. Apart from that, there isn't something for which I use the solution.

What needs improvement?

Actually, we faced some internal issues while using IBM Resilient. There are other tools simpler than IBM Resilient. So, you have to develop a new infrastructure that involves a lot of scripting, programming, and some extra work to create a very good one. FortiSOAR is simpler than IBM Resilient. It may take me three months or four months to compare between them. IBM Resilient is quite complex, including its configuration. Also, the dashboard in IBM Resilient is not good. Firstly, the IT support is not good. Secondly, the community of IBM Resilient and the steps for integration mentioned in its audiobooks were not good.

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (618 words)
Mostafa-Ahmed - PeerSpot user
Cybersecurity incident response team lead at Information Technology Solutions- ITS
Verified user of IBM Resilient
Oct 1, 2023
Stable and cost-effective

Pros

"The most valuable thing about it is how easy it is to navigate the user interface."

Cons

"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."

What is our primary use case?

I mainly use it for automating and simplifying incident response workflows, focusing on basic tasks in security orchestration.

What is most valuable?

IBM Resilient is an okay tool overall, and the most valuable thing about it is how easy it is to navigate the user interface.

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (430 words)