IT Central Station is now PeerSpot: Here's why

Cofense Triage vs Splunk Phantom comparison

You must select at least 2 products to compare!
Cofense Logo
216 views|169 comparisons
Splunk Logo
9,074 views|5,965 comparisons
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pricing and Cost Advice
Information Not Available
  • "I don't know the exact price, but for my region, it is very expensive."
  • "The price of Splunk Phantom is reasonable."
  • "Splunk Phantom follows very flat pricing and most of the time it's very high when compared to the other competitors. They can improve their pricing. The licensing model is a subscription and is consumption-based."
  • "The price of Splunk Phantom is based on the number of people using it. Once you increase the users, the prices go goes up. The customer receives a license for the user that is going to operate it in their environment."
  • More Splunk Phantom Pricing and Cost Advice →

    Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
    611,060 professionals have used our research since 2012.
    Questions from the Community
    Ask a question

    Earn 20 points

    Top Answer:The most valuable feature of Splunk Phantom that stands out is it has a great SOAR. The automation and orchestration module is highly mature. A lot of use cases are on user entity and behavioral… more »
    Top Answer:Splunk Phantom follows very flat pricing and most of the time it's very high when compared to the other competitors. They can improve their pricing. The licensing model is a subscription and is… more »
    Top Answer:Splunk Phantom can improve IoT/OT security-related case studies or your use cases. Their integration with identity and access management (IAM) solutions is a bit shaky. They don't have good… more »
    Average Words per Review
    Average Words per Review
    Also Known As
    PhishMe Triage
    Learn More

    With Cofense Triage, you can orchestrate and automate your response to attacks. Our platform analyzes and categorizes user-reported emails, enables incident responders to investigate and respond. Automated playbooks and workflows coordinate your response. It’s the faster, more efficient way to stop phishing attacks in progress.

    Phantom enables teams to work smarter by executing automated actions across their security infrastructure in seconds, versus hours or more if performed manually. Teams can codify workflows into Phantom’s automated playbooks using the visual editor (no coding required) or the integrated Python development environment. By offloading these repetitive tasks, teams can focus their attention on making the most mission-critical decisions.
    Phantom is the connective tissue that lets existing security tools work better together. By connecting and coordinating complex workflows across the SOC’s team and tools, Phantom ensures that each part of the SOC’s layered defense is actively participating in a unified defense strategy. Powerful abstraction allows teams to focus on what they need to accomplish, while the platform translates that into tool-specific actions.
    Incident Response
    Phantom helps security teams investigate and respond to threats faster. Using Phantom’s automated detection, investigation, and response capabilities, teams can execute response actions at machine speed, reduce malware dwell time and lower their overall mean time to resolve (MTTR). And now with Phantom on Splunk Mobile, analysts can use their mobile device to respond to security incidents while on-the-go. Phantom’s event and case management functionality can further streamline security operations. Case-related data and activity are easily accessible from one central repository. It’s easy to chat with other team members about an event or case, and assign events and tasks to the appropriate team member.

    Learn more about Cofense Triage
    Learn more about Splunk Phantom
    Sample Customers
    Scripps Networks Interactive
    Recorded Future, Blackstone
    Top Industries
    Computer Software Company24%
    Comms Service Provider14%
    Construction Company8%
    Computer Software Company27%
    Comms Service Provider16%
    Financial Services Firm9%
    Company Size
    Small Business9%
    Midsize Enterprise13%
    Large Enterprise78%
    Small Business40%
    Midsize Enterprise20%
    Large Enterprise40%
    Small Business15%
    Midsize Enterprise12%
    Large Enterprise72%
    Buyer's Guide
    Security Incident Response
    June 2022
    Find out what your peers are saying about VMware, IBM, Trellix and others in Security Incident Response. Updated: June 2022.
    611,060 professionals have used our research since 2012.

    Cofense Triage is ranked 10th in Security Incident Response while Splunk Phantom is ranked 3rd in Security Orchestration Automation and Response (SOAR) with 8 reviews. Cofense Triage is rated 0.0, while Splunk Phantom is rated 8.4. On the other hand, the top reviewer of Splunk Phantom writes "Very stable with a straightforward setup and good performance". Cofense Triage is most compared with , whereas Splunk Phantom is most compared with Palo Alto Networks Cortex XSOAR, ServiceNow Security Operations, IBM Resilient, Cisco SecureX and Fortinet FortiSOAR.

    We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.