Try our new research platform with insights from 80,000+ expert users

SECDO Platform vs Splunk SOAR comparison

The compared Palo Alto Networks and Splunk solutions aren't in the same category. Palo Alto Networks is ranked #10 in IRP , and holds a 4.5% mindshare in the category. Splunk is ranked #3 in SOAR , with an average rating of 8.4, and holds a 7.7% mindshare. Additionally, 75% of Palo Alto Networks users are willing to recommend the solution, compared to 86% of Splunk users who would recommend it.
SECDO Platform
Read 3 SECDO Platform reviews
  • 1,149 Views
  • 218 Comparison Views
75% willing to recommend
Splunk SOAR
Read 47 Splunk SOAR reviews
  • 4,844 Views
  • 3,633 Comparison Views
86% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between SECDO Platform and Splunk SOAR based on real PeerSpot user reviews.

Find out what your peers are saying about ServiceNow, VMware, Proofpoint and others in Security Incident Response.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Security Incident Response Report (Updated: August 2025).
Buyer's Guide
Security Incident Response
August 2025
Download the complete report
Helped 867,676 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
5.0
The SECDO Platform enhanced incident response, threat detection, and operational efficiency, providing significant cost savings and improved security posture.
Sentiment score
6.3
Splunk SOAR's benefits vary, often improving efficiency, yet setup complexities and costs can challenge perceived returns and integration success.
No quotes available
For more quotes and insights, download the SECDO Platform report
We've seen a decrease in false positives and a significant increase in our containment.
For more quotes and insights, download the Splunk SOAR report
 

Customer Service

Sentiment score
8.5
SECDO Platform's customer service is responsive, knowledgeable, fast, effective, and appreciated for technical expertise and courteous support across various channels.
Sentiment score
6.9
Splunk SOAR's support is responsive and efficient, with strong documentation but needs improvement in niche telecom use cases.
No quotes available
For more quotes and insights, download the SECDO Platform report
Discovering different troubleshooting methods is harder to do with Splunk SOAR than with Enterprise Security or other Splunk services.
Splunk's technical support is very good and generally not needed often due to the stable environment.
For more quotes and insights, download the Splunk SOAR report
 

Scalability Issues

Sentiment score
7.8
SECDO Platform scales efficiently, handling increased loads and varying data volumes, suitable for small businesses and large enterprises.
Sentiment score
7.1
Splunk SOAR is highly scalable, adaptable for various environments, with users praising its flexibility despite occasional issues.
No quotes available
For more quotes and insights, download the SECDO Platform report
It can be extended and adapted as necessary.
Splunk SOAR has the ability to scale quite significantly.
For more quotes and insights, download the Splunk SOAR report
 

Stability Issues

Sentiment score
6.8
SECDO Platform is reliable, integrates well, detects threats effectively, enhances efficiency, and maintains stability without frequent downtime.
Sentiment score
7.5
Splunk SOAR is stable with minimal outages, effective high-availability features, minor latency issues, and an eight out of ten stability rating.
No quotes available
For more quotes and insights, download the SECDO Platform report
We have not experienced any downtime, crashes, or performance issues.
Splunk SOAR provides a stable environment and technology.
For more quotes and insights, download the Splunk SOAR report
 

Room For Improvement

SECDO Platform requires improved integration, simpler setup, seamless reporting, enhanced customer support, and better scalability for optimal user experience.
Splunk SOAR users seek better integration, advanced automation, improved usability, enhanced features, comprehensive documentation, and more responsive support.
No quotes available
For more quotes and insights, download the SECDO Platform report
Although it enhances alert handling, it still has a journey to compete with Palo Alto SOAR and FortiSOAR.
Splunk's Unified Platform does help consolidate networking security and IT observability tools.
To make Splunk SOAR a better solution, there could be better built-in debugging tools, smarter playbook suggestions, and enhanced lifecycle management.
For more quotes and insights, download the Splunk SOAR report
Hamada Elewa - PeerSpot reviewerMack Scott - PeerSpot reviewer
KG
 

Setup Cost

Splunk SOAR's subscription model is costly but justified for its efficiency and automation benefits, especially for larger organizations.
No quotes available
For more quotes and insights, download the SECDO Platform report
Splunk SOAR is moderately priced, neither cheap nor overly expensive.
Splunk SOAR is affordable cost-wise only.
The solution is free for us, which is a beneficial aspect.
For more quotes and insights, download the Splunk SOAR report
KG
Hamada Elewa - PeerSpot reviewer
BM
 

Valuable Features

Users praise SECDO Platform for automated investigations, seamless integration, advanced forensics, and user-friendly design aiding efficient security event handling.
Splunk SOAR excels in customizable automation, seamless integration, enhancing incident response, and reducing manual tasks with user-friendly features.
No quotes available
For more quotes and insights, download the SECDO Platform report
Creating playbooks using the Playbook Editor in Splunk SOAR is easy. The editor is designed to be user-friendly with visual drag and drop features, allowing for easy workflows without writing any code.
The customization of the playbook in Splunk SOAR is very beneficial.
My impressions of Splunk's ability to predict, identify, and solve problems in real-time are very impressive.
For more quotes and insights, download the Splunk SOAR report
KG
Hamada Elewa - PeerSpot reviewerMack Scott - PeerSpot reviewer
 

Categories and Ranking

SECDO Platform
Average Rating
9.0
Reviews Sentiment
7.0
Number of Reviews
3
Ranking in other categories
Security Incident Response (10th), Endpoint Detection and Response (EDR) (67th)
Splunk SOAR
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
47
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (3rd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. SECDO Platform is designed for Security Incident Response and holds a mindshare of 4.5%, up 1.3% compared to last year.
Splunk SOAR, on the other hand, focuses on Security Orchestration Automation and Response (SOAR), holds 7.7% mindshare, down 8.2% since last year.
Security Incident Response Market Share Distribution
ProductMarket Share (%)
SECDO Platform4.5%
Proofpoint Threat Response15.4%
ServiceNow Security Operations14.4%
Other65.7%
Security Incident Response
Security Orchestration Automation and Response (SOAR) Market Share Distribution
ProductMarket Share (%)
Splunk SOAR7.7%
Microsoft Sentinel16.3%
Palo Alto Networks Cortex XSOAR9.7%
Other66.3%
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

reviewer1643085 - PeerSpot reviewer
Great documentation, good technical support, and very in-depth
The initial setup can be complex. I would advise users to leverage all of the access with Palo Alto, in terms of setting up with the technical account management teams. They need to ensure that what they have in mind for the product is actually going to be what happens. I have not run into any problems with deploying the product. Any of their security products are well-documented, either with open source intelligence or the documentation from Palo Alto. We had a client with less than a thousand users that received a dedicated engineer and a technical account manager that was able to walk them through the first 90 days of ownership. The support is certainly there.
Read full review
Mack Scott - PeerSpot reviewer
Improves response time by consolidating tools and automating threat detection
I haven't gone too far into it to see anything that needs improvement yet. We can likely include some features related to the integration with on-premises resources, rather than focusing solely on the existing automation. These are the additional features that could be included in the future. Splunk's Unified Platform does help consolidate networking security and IT observability tools. They should integrate Splunk Enterprise Security better into Splunk Cloud.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
See recommendations
867,676 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Performing Arts
24%
Manufacturing Company
7%
Comms Service Provider
7%
Media Company
6%
Computer Software Company
12%
Financial Services Firm
12%
Manufacturing Company
11%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise7
Large Enterprise28
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
See all answers
What is your experience regarding pricing and costs for Splunk Phantom?
The solution is free for us, which is a beneficial aspect.
See all answers
What needs improvement with Splunk Phantom?
It would be nice if we could put it on other search heads, not just Enterprise Security. We have an ad hoc search head, and compatibility with that would be beneficial. More training classes from S...
See all answers
 

Comparisons

Palo Alto Networks Cortex XSOAR vs SECDO Platform Logo
Palo Alto Networks Cortex XSOAR vs SECDO Platform
Compared 59% of the time
Fortinet FortiSOAR vs SECDO Platform Logo
Fortinet FortiSOAR vs SECDO Platform
Compared 41% of the time
More SECDO Platform Competitors
Palo Alto Networks Cortex XSOAR vs Splunk SOAR Logo
Palo Alto Networks Cortex XSOAR vs Splunk SOAR
Compared 19% of the time
Cortex XSIAM vs Splunk SOAR Logo
Cortex XSIAM vs Splunk SOAR
Compared 13% of the time
Fortinet FortiSOAR vs Splunk SOAR Logo
Fortinet FortiSOAR vs Splunk SOAR
Compared 11% of the time
Tines vs Splunk SOAR Logo
Tines vs Splunk SOAR
Compared 9% of the time
ServiceNow Security Operations vs Splunk SOAR Logo
ServiceNow Security Operations vs Splunk SOAR
Compared 9% of the time
More Splunk SOAR Competitors
 

Product Reports

Buyer's Guide
Security Incident Response
August 2025
SECDO Platform reportDownload SECDO Platform product report
Buyer's Guide
Splunk SOAR
August 2025
Splunk SOAR reportDownload Splunk SOAR product report
 

Also Known As

No data available
Phantom
 

Overview

SECDO enables security teams to identify and remediate incidents fast. Using thread-level endpoint monitoring and causality analytics, SECDO provides visibility into every endpoint along with the context necessary for understanding whether a suspicious activity is a genuine threat. Unique deception techniques force threats like ransomware out into the open early, and trigger automated containment and remediation.

SECDO provides the most intuitive investigation experience available so you can quickly unravel complex incidents across the organization.  You can investigate incidents detected by SECDO as well as alerts from the SIEM. SECDO visualizes the attack chain so you immediately understand the “who, what, where, when and how” behind the incident. Then, based on an analysis of exactly how endpoints were compromised, SECDO surgically remediates the incident with minimum user impact.

Palo Alto Networks

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats. 

Go from overwhelmed to in-control

Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

Force multiply your team

Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

From 30 minutes to 30 seconds

Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

End-to-end security operations made easy

Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

Splunk
 

Sample Customers

Valley National Bank, IDT Corporation
Recorded Future, Blackstone
Buyer's Guide
Security Incident Response
August 2025
Download Free Report
Find out what your peers are saying about ServiceNow, VMware, Proofpoint and others in Security Incident Response. Updated: August 2025.
DOWNLOAD NOW
867,676 professionals have used our research since 2012.

We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.