Try our new research platform with insights from 80,000+ expert users

Cisco SecureX [EOL] vs Splunk SOAR comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco SecureX [EOL]
Average Rating
9.0
Reviews Sentiment
8.2
Number of Reviews
13
Ranking in other categories
No ranking in other categories
Splunk SOAR
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
45
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (3rd)
 

Featured Reviews

Alon K - PeerSpot reviewer
Gives our customers visibility and they don't have to go multiple management consoles anymore
One of the examples is related to forensics. The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever. With just one click you have information from email, from the endpoint, from the web. Let's say that tomorrow morning, you have a ransom[ware] attack in your organization and you would like to know from which email it came, or where the customer saved the file, even though the incident didn't occur at the same moment. With SecureX, you have Cisco Threat Response inside. [With] one click, you get all of the flow. That's amazing value. That also releases resources for our customers. The customers don't have to connect many systems and try to register the event on each system, or to go to the SIEM and do a correlation. That's the one-stop shop for the customers, and that's amazing.
Hamada Elewa - PeerSpot reviewer
Playbook complexity challenges integration but customization enables professional operation
We work with Splunk SOAR from a security perspective, focusing on User Behavior Analytics (UBA) and Security Orchestration, Automation, and Response (SOAR) The customization of the playbook in Splunk SOAR is very beneficial. After building the playbook, it operates professionally. There is an AI…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"Integrates well with our existing security infrastructure."
"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."
"The customizable playbook is the most valuable aspect of the solution."
"Very flexible integration with other tools"
"When you design a playbook, you can integrate multiple log sources and define rules... After that, the platform automatically compiles all these activities and, based on the results, the analyst only has to indicate whether the result is a true or false positive. That reduces the time and effort involved."
"Technical support is helpful."
"Splunk SOAR's quick response to incidents is the most valuable part."
"Scalability is the best feature of the solution."
"Surprisingly, the mobile app is valuable because it is very convenient for our on-call analysts to respond and get alerted to security alerts and events wherever they are. We are able to harness the power of Splunk SOAR and everything that we are doing, and we are also able to alert our on-call analysts 24/7. From their mobile phone, they can respond to those alerts."
"The solution allows us to customize playbooks and incorporate custom code, allowing us to drag and drop elements while still writing code to build the integrations we need."
 

Cons

"They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful]."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"Enhancing automation capabilities could further improve the product."
"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"Remediation stuff could be integrated into the product's automation."
"what's missing right now is the multi-tenant capability."
"If they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality."
"SOAR is probably the most unreliable product Splunk has and that's because most of it is content driven from what you put into it. There are certain parts of it that have a little bit of difficulty at volume too. It's always changing. There is new stuff coming out for it that's going to make it a little bit better, but it does have some drawbacks."
"The pricing could be a bit more reasonable. It would be great if it were feasible for smaller organizations."
"Providing Splunk app developers and playbook developers Python Stub files so that way when they create custom code through their IDE, they can have IntelliCode suggestions."
"The dashboard could be improved and some other features. SOAR should integrate network capabilities, allowing us to also monitor the WLAN network. Splunk is also expensive and difficult for beginners to learn. It's hard for a new user to figure out how to visualize old threat data. It took two to three months to learn with hands-on experience how to use the dashboard, visualize events, and analyze threats."
"have put a number of ideas on the ideas.splunk.com site for feature requests for the Splunk SOAR product. I posted one of them about three years ago, which finally got implemented in the latest release that just got announced, so the time to implement new features and things like that is a little bit concerning."
"Splunk SOAR has room to improve its offering for small-sized customers. The price is not fair for smaller-sized customers."
"We want to see improvements made to the APIs such that we can connect to many different systems and data sources."
"The tool's response is slower because it has to search through a huge dataset, which can be improved for latency."
 

Pricing and Cost Advice

"You can spend less money for another solution, but if you really want to have a good solution you have to pay. We are happy that we are getting such a good solution for what we are spending."
"It comes free with all Cisco products. So, it is a good price."
"The pricing is competitive, especially for education institutions. Licensing can be a little bit difficult to navigate, especially with resellers with Cisco, but for us it has been pretty easy."
"It would be nice if they had a different pricing model. Most of our budget for projects goes towards Cisco."
"For the value you get, the pricing of the solution is excellent."
"The pricing is the best part of this solution. It is free if you buy Umbrella or Duo Security. It is also a good solution."
"It is free. It can't get any better than that."
"Cisco SecureX is more expensive than Trend Micro. However, considering the integration capabilities with other solutions and the quality of technical support, I believe there's justification for the price difference."
"I don't know the exact price, but for my region, it is very expensive."
"The tool is not cheap."
"Splunk SOAR is more expensive compared to other options for SOAR."
"When we first purchased our Splunk SOAR license, it was based on an event-count model. It was based on the number of events. I had strong opinions at the time that automation should not be stifled by the amount of automation you can accomplish, so the previous structure was not as beneficial for us. Later that year, we got told or saw at a conference that they announced user-based pricing. We are now in a renewal period, so we migrated to a user-based license model, which is more appropriate for us so that we no longer have to worry about stifling our automation based on the quantity."
"Splunk SOAR is moderately priced, neither cheap nor overly expensive."
"Splunk is a fast enterprise tool, but it costs too much. At the same time, it's worth what we pay, in my opinion. We can efficiently perform all the functions and tie together the data. It's the perfect tool for our needs."
"The licensing cost is reasonable."
"In my opinion, the price is high, but if you want good products, you have to be willing to pay for them."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
861,490 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
37%
Financial Services Firm
7%
Manufacturing Company
6%
Government
6%
Computer Software Company
13%
Financial Services Firm
13%
Manufacturing Company
11%
University
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
What is your experience regarding pricing and costs for Splunk Phantom?
Splunk SOAR is moderately priced, neither cheap nor overly expensive.
What needs improvement with Splunk Phantom?
There are areas in Splunk SOAR that have room for improvement. To make Splunk SOAR a better solution, there could be better built-in debugging tools, smarter playbook suggestions, and enhanced life...
 

Comparisons

No data available
 

Also Known As

Kenna.AppSec, Kenna.VI
Phantom
 

Overview

 

Sample Customers

NHS, Rackspace, UNC Pembroke, University of North Carolina at Charlotte, Missing Piece
Recorded Future, Blackstone
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: June 2025.
861,490 professionals have used our research since 2012.