We performed a comparison between IBM Resilient, Palo Alto Networks Cortex XSOAR, and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."The solution is very easy to use."
"Stability-wise, I rate the solution a ten out of ten...Scalability-wise, I rate the solution a ten out of ten."
"This is a good solution that we recommend for customers."
"The solution is reliable in our usage."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"It is a stable solution...It is a scalable solution."
"As a whole, the product is stable...Technical support is very good."
"Its flexibility is the most valuable."
"I chose Cortex XSOAR because the client also has Palo Alto firewalls. I can incorporate the data from the Palo Alto firewalls into Cortex and send it into the same data lake to manipulate that data. It lets me manage and monitor the data in one place."
"For organizations that are stable with their security operations, like those with around 50 members in their security team running full-phased operations 24/7, Cortex is necessary."
"It is a scalable solution."
"It has an extensive list of integrations that are available out of the box which makes it easy to start."
"They have a portal where you can find any kind of integration that you need."
"The pricing is very good."
"The solution is easy to deploy."
"It’s easy to install."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"The solution does very well as a baseline EDR and provides good process-level management."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"It is nice when you're in a situation where you think someone's device is compromised and that there's some malware getting into your fleet."
"The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"The most valuable features are its lightweight design, ensuring minimal impact on end-users, and its real-time protection."
"They're highly stable in comparison with other solutions I have."
"This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility."
"IBM Resilient could integrate better with my tools."
"One thing to improve is how it handles data formats, which currently might require scripting for conversion to CSV before uploading."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"The response time of the support is an area of concern where improvements are required."
"The product needs a bit more development."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"The product must provide more integration with other tools."
"The configuration of the solution could improve it is difficult."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"It is been decommissioned by Palo Alto."
"It's only one cloud right now. It might be helpful for some companies to have an on-premies option."
"The solution is complicated to learn."
"The platform’s setup procedures could be streamlined compared to one of its competitors."
"They should provide integration with machine learning platforms."
"Palo Alto Networks Cortex XSOAR lacks to offer SIEM functionalities currently."
"The solution can only handle about 500 bans or blocks."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"The threat intelligence feed could use some fine tweaking."
"One area for improvement is the maturity of its vulnerability features."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
"It's not simple."
"The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →