We performed a comparison between IBM Resilient and LogicHub SOAR+ based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The analytic rule is the most valuable feature."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"It has a lot of great features."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"IBM Resilient is scalable."
"The product is very good at incident response."
"The UBA, User Behavior Analytics, is very good."
"The solution is easy to use."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"Stability-wise, I rate the solution a ten out of ten...Scalability-wise, I rate the solution a ten out of ten."
"The solution is reliable in our usage."
"This solution allows us to easily investigate malicious events, system alerts etc."
"It has improved my detection coverage in areas lacking by the SIEM."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"The solution should allow for a streamlined CI/CD procedure."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"The product must provide more integration with other tools."
"The tool needs to improve its documentation on license scripts."
"Its price needs improvement."
"The initial setup is complex."
"The implementation could be a bit simpler."
"The response time of the support is an area of concern where improvements are required."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"We would like this solution to have a higher level of support for SaaS applications."
"UI coloring can be improved."
IBM Resilient is ranked 7th in Security Orchestration Automation and Response (SOAR) with 17 reviews while LogicHub SOAR+ is ranked 18th in Security Orchestration Automation and Response (SOAR) with 2 reviews. IBM Resilient is rated 7.6, while LogicHub SOAR+ is rated 9.6. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of LogicHub SOAR+ writes "Integrated with hundreds of tools, analyzes data automatically, and has few false positives". IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, Fortinet FortiSOAR and IBM Security QRadar, whereas LogicHub SOAR+ is most compared with . See our IBM Resilient vs. LogicHub SOAR+ report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.