Try our new research platform with insights from 80,000+ expert users

Splunk SOAR vs VMware Carbon Black Cloud comparison

The compared Splunk and Broadcom solutions aren't in the same category. Splunk is ranked #3 in SOAR , with an average rating of 8.4, and holds a 7.6% mindshare in the category. Broadcom is ranked #10 in IRP , with an average rating of 7.0, and holds a 7.4% mindshare. Additionally, 87% of Splunk users are willing to recommend the solution, compared to 93% of Broadcom users who would recommend it.
Splunk SOAR
Read 50 Splunk SOAR reviews
  • 4,447 Views
  • 3,380 Comparison Views
87% willing to recommend
VMware Carbon Black Cloud
Read 19 VMware Carbon Black Cloud reviews
  • 721 Views
  • 144 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Splunk SOAR and VMware Carbon Black Cloud based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Security Orchestration Automation and Response (SOAR) Report (Updated: October 2025).
Buyer's Guide
Security Orchestration Automation and Response (SOAR)
October 2025
Download the complete report
Helped 872,922 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
5.4
Splunk SOAR improves automation and efficiency, but ROI and integration time vary, benefiting familiar organizations most with proper use.
Sentiment score
5.2
VMware Carbon Black Cloud offers cost savings, improved security, centralized protection, better efficiency, and quick ROI with automation features.
We've seen a decrease in false positives and a significant increase in our containment.
For more quotes and insights, download the Splunk SOAR report
No quotes available
For more quotes and insights, download the VMware Carbon Black Cloud report
 

Customer Service

Sentiment score
6.5
Splunk SOAR's support is praised for reliability and responsiveness, though flexibility and response times could improve, valued community resources assist users.
Sentiment score
6.2
VMware Carbon Black Cloud's support is effective but could improve regionally, with mixed customer satisfaction and costly services.
Discovering different troubleshooting methods is harder to do with Splunk SOAR than with Enterprise Security or other Splunk services.
Splunk's technical support is very good and generally not needed often due to the stable environment.
My experience with the technical support by Splunk has been quite positive
For more quotes and insights, download the Splunk SOAR report
No quotes available
For more quotes and insights, download the VMware Carbon Black Cloud report
 

Scalability Issues

Sentiment score
6.6
Splunk SOAR offers scalability and flexibility, effectively managing vast environments despite configuration challenges, with high user ratings noting customizable features.
Sentiment score
7.1
VMware Carbon Black Cloud is praised for its scalability and effectiveness in large environments, with minor integration suggestions.
It can be extended and adapted as necessary.
Splunk SOAR has the ability to scale quite significantly.
For more quotes and insights, download the Splunk SOAR report
No quotes available
For more quotes and insights, download the VMware Carbon Black Cloud report
 

Stability Issues

Sentiment score
7.3
Splunk SOAR is highly stable and reliable, with minor issues often attributed to third-party services rather than itself.
Sentiment score
7.0
VMware Carbon Black Cloud is stable, with minor issues, resolves bugs quickly, but needs better support and availability for large deployments.
We have not experienced any downtime, crashes, or performance issues.
Splunk SOAR provides a stable environment and technology.
It's been pretty reliable.
For more quotes and insights, download the Splunk SOAR report
No quotes available
For more quotes and insights, download the VMware Carbon Black Cloud report
Mack Scott - PeerSpot reviewerHamada Elewa - PeerSpot reviewerTonyCormier - PeerSpot reviewer
 

Room For Improvement

Splunk SOAR requires better integration, user-friendliness, and automation, with improvements needed in support, training, and advanced AI features.
VMware Carbon Black Cloud struggles with intelligence, usability, performance issues, inadequate support, and high costs, affecting its efficiency.
Splunk's Unified Platform does help consolidate networking security and IT observability tools.
Although it enhances alert handling, it still has a journey to compete with Palo Alto SOAR and FortiSOAR.
Splunk SOAR does not help me reduce my security event volume; in fact, it makes them massive.
For more quotes and insights, download the Splunk SOAR report
I recall we couldn't upgrade because the sensor was not compatible, and the latest VMware Carbon Black Cloud version was not compatible with the latest Red Hat version.
For more quotes and insights, download the VMware Carbon Black Cloud report
Mack Scott - PeerSpot reviewerHamada Elewa - PeerSpot reviewerreviewer2771742 - PeerSpot reviewer
 

Setup Cost

Enterprise buyers find Splunk SOAR costly but justified by its performance, with recent user-based pricing changes being favorable.
VMware Carbon Black Cloud offers varied pricing experiences, but users often secure competitive rates through resellers with few surprises.
Splunk SOAR is moderately priced, neither cheap nor overly expensive.
The solution is free for us, which is a beneficial aspect.
Splunk SOAR is affordable cost-wise only.
For more quotes and insights, download the Splunk SOAR report
No quotes available
For more quotes and insights, download the VMware Carbon Black Cloud report
KG
BM
Hamada Elewa - PeerSpot reviewer
 

Valuable Features

Splunk SOAR excels with easy integration, automation, and customizable playbooks, significantly enhancing incident response and security operation efficiency.
VMware Carbon Black Cloud provides endpoint isolation, threat detection, and real-time protection with minimal disruption and efficient threat management.
Creating playbooks using the Playbook Editor in Splunk SOAR is easy. The editor is designed to be user-friendly with visual drag and drop features, allowing for easy workflows without writing any code.
Splunk SOAR saves time in threat response, and the time to solve an incident is currently the best in the market.
The customization of the playbook in Splunk SOAR is very beneficial.
For more quotes and insights, download the Splunk SOAR report
No quotes available
For more quotes and insights, download the VMware Carbon Black Cloud report
KG
FR
Hamada Elewa - PeerSpot reviewer
 

Categories and Ranking

Splunk SOAR
Average Rating
8.2
Reviews Sentiment
6.6
Number of Reviews
50
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (3rd)
VMware Carbon Black Cloud
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
19
Ranking in other categories
Security Incident Response (10th), Endpoint Detection and Response (EDR) (53rd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Splunk SOAR is designed for Security Orchestration Automation and Response (SOAR) and holds a mindshare of 7.6%, down 7.7% compared to last year.
VMware Carbon Black Cloud, on the other hand, focuses on Security Incident Response, holds 7.4% mindshare, up 5.1% since last year.
Security Orchestration Automation and Response (SOAR) Market Share Distribution
ProductMarket Share (%)
Splunk SOAR7.6%
Microsoft Sentinel15.0%
Palo Alto Networks Cortex XSOAR9.7%
Other67.7%
Security Orchestration Automation and Response (SOAR)
Security Incident Response Market Share Distribution
ProductMarket Share (%)
VMware Carbon Black Cloud7.4%
Proofpoint Threat Response12.3%
ServiceNow Security Operations11.0%
Other69.3%
Security Incident Response
 

Featured Reviews

Hamada Elewa - PeerSpot reviewer
Creating automation workflows has reduced detection time but integration and visibility challenges remain
The visibility of Splunk SOAR's playbook viewer is rather unclear to me; I wonder what the visibility is for. There are indeed some problems with integrating Splunk SOAR with other Splunk products or other vendors in my system, and it took a while after implementing Splunk SOAR to train my SOC team on how to use the playbooks. Splunk SOAR does not help me reduce my security event volume; in fact, it makes them massive. Splunk SOAR does not help me free up resources to work on other projects; they are not good in this regard. I have not seen time to value with Splunk SOAR; I am curious about what time to value means. I believe Splunk SOAR can be improved by adding more integrations and out-of-the-box integrations, and by increasing the number of admins that can access the solution simultaneously. I see the need to inject more AI in creating the playbooks. I think they can inject more threat intelligence into the solution.
Read full review
Tom Kar - PeerSpot reviewer
Shows promise for endpoint detection and response, with room for improvement in complexity and pricing
VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network. When a machine is quarantined, it cannot communicate with any other machines on the network except for the Carbon Black Cloud server. This allows you to investigate the machine without the risk of malware escaping to the network. Carbon Black Cloud's server can communicate with the quarantined machine through DNS and VSCP. This allows you to collect data from the machine, such as system logs, process activity, and registry changes. This data can be used to investigate the infection and determine the next steps. CrowdStrike and Cybereason are also popular EDR solutions. They offer similar features to VMware Carbon Black Cloud but may have different strengths and weaknesses. It is important to evaluate all of your options before choosing an EDR solution. Additionally, it is complex to use, and the pricing should be improved.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
See recommendations
872,922 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
9%
University
7%
Real Estate/Law Firm
9%
Healthcare Company
9%
Financial Services Firm
9%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business12
Midsize Enterprise7
Large Enterprise30
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise4
Large Enterprise8
 

Questions from the Community

What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
See all answers
What is your experience regarding pricing and costs for Splunk Phantom?
I don't have experience with costs; management handles that aspect.
See all answers
What needs improvement with Splunk Phantom?
I'm not an expert on Splunk SOAR, but I'm sure our team members know what areas could be improved. I haven't spoken to them specifically about what could be improved or what they would want Splunk ...
See all answers
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
See all answers
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
See all answers
What do you like most about Carbon Black CB Response?
Threat hunting is the most valuable feature of VMware Carbon Black Cloud.
See all answers
 

Comparisons

Palo Alto Networks Cortex XSOAR vs Splunk SOAR Logo
Palo Alto Networks Cortex XSOAR vs Splunk SOAR
Compared 18% of the time
Fortinet FortiSOAR vs Splunk SOAR Logo
Fortinet FortiSOAR vs Splunk SOAR
Compared 11% of the time
ServiceNow Security Operations vs Splunk SOAR Logo
ServiceNow Security Operations vs Splunk SOAR
Compared 10% of the time
Tines vs Splunk SOAR Logo
Tines vs Splunk SOAR
Compared 9% of the time
IBM Resilient vs Splunk SOAR Logo
IBM Resilient vs Splunk SOAR
Compared 4% of the time
More Splunk SOAR Competitors
Palo Alto Networks Cortex XSOAR vs VMware Carbon Black Cloud Logo
Palo Alto Networks Cortex XSOAR vs VMware Carbon Black Cloud
Compared 29% of the time
VMware Carbon Black Endpoint vs VMware Carbon Black Cloud Logo
VMware Carbon Black Endpoint vs VMware Carbon Black Cloud
Compared 15% of the time
Rapid7 InsightIDR vs VMware Carbon Black Cloud Logo
Rapid7 InsightIDR vs VMware Carbon Black Cloud
Compared 12% of the time
Fidelis Elevate vs VMware Carbon Black Cloud Logo
Fidelis Elevate vs VMware Carbon Black Cloud
Compared 9% of the time
More VMware Carbon Black Cloud Competitors
 

Product Reports

Buyer's Guide
Splunk SOAR
October 2025
Splunk SOAR reportDownload Splunk SOAR product report
Buyer's Guide
VMware Carbon Black Cloud
October 2025
VMware Carbon Black Cloud reportDownload VMware Carbon Black Cloud product report
 

Also Known As

Phantom
Carbon Black CB Response
 

Overview

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats. 

Go from overwhelmed to in-control

Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

Force multiply your team

Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

From 30 minutes to 30 seconds

Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

End-to-end security operations made easy

Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

Splunk

Fortify Endpoint and Workload Protection

Legacy approaches fall short as cybercriminals update tactics and obscure their actions. Get advanced cybersecurity fueled by behavioral analytics to spot minor fluctuations and adapt in response.

Recognize New Threats

Analyze attackers’ behavior patterns to detect and stop never-before-seen attacks with continuous endpoint activity data monitoring. Don’t get stuck analyzing only what’s worked in the past.

Simplify Your Security Stack

Streamline the response to potential incidents with a unified endpoint agent and console. Minimize downtime responding to incidents and return critical CPU cycles back to the business.

Broadcom
 

Sample Customers

Recorded Future, Blackstone
ALLETE belk
Buyer's Guide
Security Orchestration Automation and Response (SOAR)
October 2025
Download Free Report
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR). Updated: October 2025.
DOWNLOAD NOW
872,922 professionals have used our research since 2012.

We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.