Try our new research platform with insights from 80,000+ expert users

SECDO Platform vs Splunk SOAR comparison

The compared Palo Alto Networks and Splunk solutions aren't in the same category. Palo Alto Networks is ranked #9 in IRP , and holds a 5.2% mindshare in the category. Splunk is ranked #2 in SOAR , with an average rating of 8.3, and holds a 7.8% mindshare. Additionally, 75% of Palo Alto Networks users are willing to recommend the solution, compared to 87% of Splunk users who would recommend it.
SECDO Platform
Read 3 SECDO Platform reviews
  • 1,253 Views
  • 288 Comparison Views
75% willing to recommend
Splunk SOAR
Read 51 Splunk SOAR reviews
  • 4,588 Views
  • 3,533 Comparison Views
87% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between SECDO Platform and Splunk SOAR based on real PeerSpot user reviews.

Find out what your peers are saying about ServiceNow, Proofpoint, Trellix and others in Security Incident Response.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Security Incident Response Report (Updated: December 2025).
Buyer's Guide
Security Incident Response
December 2025
Download the complete report
Helped 879,477 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
5.0
The SECDO Platform enhanced incident response, threat detection, and operational efficiency, providing significant cost savings and improved security posture.
Sentiment score
5.6
Splunk SOAR improves automation and efficiency, but ROI and integration time vary, benefiting familiar organizations most with proper use.
No quotes available
For more quotes and insights, download the SECDO Platform report
We've seen a decrease in false positives and a significant increase in our containment.
Mack Scott
Cyber Security Network Security Engineer at Cirrus Logic
Monthly, around 300 hours of effort, it is saving with Splunk SOAR.
Shiboo Suren
Manager cybersecurity at Hexion Inc.
For more quotes and insights, download the Splunk SOAR report
 

Customer Service

Sentiment score
8.5
SECDO Platform's customer service is responsive, knowledgeable, fast, effective, and appreciated for technical expertise and courteous support across various channels.
Sentiment score
6.6
Splunk SOAR's support is praised for reliability and responsiveness, though flexibility and response times could improve, valued community resources assist users.
No quotes available
For more quotes and insights, download the SECDO Platform report
Discovering different troubleshooting methods is harder to do with Splunk SOAR than with Enterprise Security or other Splunk services.
Mack Scott
Cyber Security Network Security Engineer at Cirrus Logic
We always have a customer support representative who will come in the picture and help us to direct any ticket or any issue that we are facing to the right team.
Shiboo Suren
Manager cybersecurity at Hexion Inc.
Splunk's technical support is very good and generally not needed often due to the stable environment.
Hamada Elewa
System Engineer - Security Presales at Raya Integration
For more quotes and insights, download the Splunk SOAR report
Mack Scott - PeerSpot reviewer
SS
Hamada Elewa - PeerSpot reviewer
 

Scalability Issues

Sentiment score
7.8
SECDO Platform scales efficiently, handling increased loads and varying data volumes, suitable for small businesses and large enterprises.
Sentiment score
6.7
Splunk SOAR offers scalability and flexibility, effectively managing vast environments despite configuration challenges, with high user ratings noting customizable features.
No quotes available
For more quotes and insights, download the SECDO Platform report
It can be extended and adapted as necessary.
Kishore Gorantla
Splunk/SOAR Engineer
Splunk SOAR has the ability to scale quite significantly.
Mack Scott
Cyber Security Network Security Engineer at Cirrus Logic
For more quotes and insights, download the Splunk SOAR report
 

Stability Issues

Sentiment score
6.8
SECDO Platform is reliable, integrates well, detects threats effectively, enhances efficiency, and maintains stability without frequent downtime.
Sentiment score
7.3
Splunk SOAR is highly stable and reliable, with minor issues often attributed to third-party services rather than itself.
No quotes available
For more quotes and insights, download the SECDO Platform report
We have not experienced any downtime, crashes, or performance issues.
Mack Scott
Cyber Security Network Security Engineer at Cirrus Logic
We have not seen any impact in the work that we do with Splunk SOAR or the SIEM platform.
Shiboo Suren
Manager cybersecurity at Hexion Inc.
Splunk SOAR provides a stable environment and technology.
Hamada Elewa
System Engineer - Security Presales at Raya Integration
For more quotes and insights, download the Splunk SOAR report
Mack Scott - PeerSpot reviewer
SS
Hamada Elewa - PeerSpot reviewer
 

Room For Improvement

SECDO Platform requires improved integration, simpler setup, seamless reporting, enhanced customer support, and better scalability for optimal user experience.
Splunk SOAR requires better integration, user-friendliness, and automation, with improvements needed in support, training, and advanced AI features.
No quotes available
For more quotes and insights, download the SECDO Platform report
If we start ingesting those data to Splunk SOAR or SIEM with some sort of integration with threat intelligence feed, that will also improve our detection and prediction method or help us with the investigation.
Shiboo Suren
Manager cybersecurity at Hexion Inc.
Although it enhances alert handling, it still has a journey to compete with Palo Alto SOAR and FortiSOAR.
Hamada Elewa
System Engineer - Security Presales at Raya Integration
Splunk's Unified Platform does help consolidate networking security and IT observability tools.
Mack Scott
Cyber Security Network Security Engineer at Cirrus Logic
For more quotes and insights, download the Splunk SOAR report
SS
Hamada Elewa - PeerSpot reviewerMack Scott - PeerSpot reviewer
 

Setup Cost

Enterprise buyers find Splunk SOAR costly but justified by its performance, with recent user-based pricing changes being favorable.
No quotes available
For more quotes and insights, download the SECDO Platform report
Splunk SOAR is moderately priced, neither cheap nor overly expensive.
Kishore Gorantla
Splunk/SOAR Engineer
I am familiar with the pricing aspect, setup cost, and licensing cost of Splunk SOAR, and it is pretty much similar to what industries are offering these days.
Shiboo Suren
Manager cybersecurity at Hexion Inc.
Splunk SOAR is affordable cost-wise only.
Hamada Elewa
System Engineer - Security Presales at Raya Integration
For more quotes and insights, download the Splunk SOAR report
KG
SS
Hamada Elewa - PeerSpot reviewer
 

Valuable Features

Users praise SECDO Platform for automated investigations, seamless integration, advanced forensics, and user-friendly design aiding efficient security event handling.
Splunk SOAR excels with easy integration, automation, and customizable playbooks, significantly enhancing incident response and security operation efficiency.
No quotes available
For more quotes and insights, download the SECDO Platform report
Creating playbooks using the Playbook Editor in Splunk SOAR is easy. The editor is designed to be user-friendly with visual drag and drop features, allowing for easy workflows without writing any code.
Kishore Gorantla
Splunk/SOAR Engineer
Splunk SOAR saves time in threat response, and the time to solve an incident is currently the best in the market.
Francisco JavierRomo
Strategic Account Executive at a computer software company with 51-200 employees
Splunk SOAR has improved our MTTD and MTTR both with the consolidation with a unified platform with Splunk.
Shiboo Suren
Manager cybersecurity at Hexion Inc.
For more quotes and insights, download the Splunk SOAR report
KG
FR
SS
 

Categories and Ranking

SECDO Platform
Average Rating
9.0
Reviews Sentiment
7.0
Number of Reviews
3
Ranking in other categories
Security Incident Response (9th), Endpoint Detection and Response (EDR) (67th)
Splunk SOAR
Average Rating
8.2
Reviews Sentiment
6.6
Number of Reviews
51
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. SECDO Platform is designed for Security Incident Response and holds a mindshare of 5.2%, up 1.0% compared to last year.
Splunk SOAR, on the other hand, focuses on Security Orchestration Automation and Response (SOAR), holds 7.8% mindshare, up 7.3% since last year.
Security Incident Response Market Share Distribution
ProductMarket Share (%)
SECDO Platform5.2%
Proofpoint Threat Response9.0%
ServiceNow Security Operations8.7%
Other77.1%
Security Incident Response
Security Orchestration Automation and Response (SOAR) Market Share Distribution
ProductMarket Share (%)
Splunk SOAR7.8%
Microsoft Sentinel13.0%
Palo Alto Networks Cortex XSOAR8.9%
Other70.3%
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

it_user1643085 - PeerSpot reviewer
it_user1643085
Founder/ CEO
Great documentation, good technical support, and very in-depth
The initial setup can be complex. I would advise users to leverage all of the access with Palo Alto, in terms of setting up with the technical account management teams. They need to ensure that what they have in mind for the product is actually going to be what happens. I have not run into any problems with deploying the product. Any of their security products are well-documented, either with open source intelligence or the documentation from Palo Alto. We had a client with less than a thousand users that received a dedicated engineer and a technical account manager that was able to walk them through the first 90 days of ownership. The support is certainly there.
Read full review
SS
Shiboo Suren
Manager cybersecurity at Hexion Inc.
Automates threat response and reduces investigation time but needs better threat intelligence integration
One thing that we would like to see with Splunk SOAR is the expandability to the threat intelligence feed. Currently, we have limited ingestion to the threat intelligence feed for the correlation purpose. We would like to see it being integrated, with license cost or without license cost, to leading threat intelligence sources such as Recorded Future, Feedly, or Flare. That is something we would appreciate having integrated. The second thing on the improvement side is about exposed credential-related information. If we start ingesting those data to Splunk SOAR or SIEM with some sort of integration with threat intelligence feed, that will also improve our detection and prediction method or help us with the investigation.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
See recommendations
879,477 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Performing Arts
24%
Comms Service Provider
9%
Manufacturing Company
9%
Retailer
6%
Financial Services Firm
12%
Manufacturing Company
10%
Computer Software Company
10%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business12
Midsize Enterprise7
Large Enterprise31
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about Splunk Phantom?
Splunk SOAR's quick response to incidents is the most valuable part.
See all answers
What is your experience regarding pricing and costs for Splunk Phantom?
I am familiar with the pricing aspect, setup cost, and licensing cost of Splunk SOAR, and it is pretty much similar to what industries are offering these days. We never had any issue when we had to...
See all answers
What needs improvement with Splunk Phantom?
The visibility of Splunk SOAR's playbook viewer is rather unclear to me; I wonder what the visibility is for. There are indeed some problems with integrating Splunk SOAR with other Splunk products ...
See all answers
 

Comparisons

Palo Alto Networks Cortex XSOAR vs SECDO Platform Logo
Palo Alto Networks Cortex XSOAR vs SECDO Platform
Compared 31% of the time
IBM Resilient vs SECDO Platform Logo
IBM Resilient vs SECDO Platform
Compared 27% of the time
Google Security Operations vs SECDO Platform Logo
Google Security Operations vs SECDO Platform
Compared 25% of the time
Fortinet FortiSOAR vs SECDO Platform Logo
Fortinet FortiSOAR vs SECDO Platform
Compared 17% of the time
More SECDO Platform Competitors
Palo Alto Networks Cortex XSOAR vs Splunk SOAR Logo
Palo Alto Networks Cortex XSOAR vs Splunk SOAR
Compared 16% of the time
Fortinet FortiSOAR vs Splunk SOAR Logo
Fortinet FortiSOAR vs Splunk SOAR
Compared 11% of the time
ServiceNow Security Operations vs Splunk SOAR Logo
ServiceNow Security Operations vs Splunk SOAR
Compared 9% of the time
Tines vs Splunk SOAR Logo
Tines vs Splunk SOAR
Compared 8% of the time
Torq vs Splunk SOAR Logo
Torq vs Splunk SOAR
Compared 7% of the time
More Splunk SOAR Competitors
 

Product Reports

Buyer's Guide
Security Incident Response
December 2025
SECDO Platform reportDownload SECDO Platform product report
Buyer's Guide
Splunk SOAR
December 2025
Splunk SOAR reportDownload Splunk SOAR product report
 

Also Known As

No data available
Phantom
 

Overview

SECDO enables security teams to identify and remediate incidents fast. Using thread-level endpoint monitoring and causality analytics, SECDO provides visibility into every endpoint along with the context necessary for understanding whether a suspicious activity is a genuine threat. Unique deception techniques force threats like ransomware out into the open early, and trigger automated containment and remediation.

SECDO provides the most intuitive investigation experience available so you can quickly unravel complex incidents across the organization.  You can investigate incidents detected by SECDO as well as alerts from the SIEM. SECDO visualizes the attack chain so you immediately understand the “who, what, where, when and how” behind the incident. Then, based on an analysis of exactly how endpoints were compromised, SECDO surgically remediates the incident with minimum user impact.

Palo Alto Networks

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats. 

Go from overwhelmed to in-control

Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

Force multiply your team

Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

From 30 minutes to 30 seconds

Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

End-to-end security operations made easy

Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

Splunk
 

Sample Customers

Valley National Bank, IDT Corporation
Recorded Future, Blackstone
Buyer's Guide
Security Incident Response
December 2025
Download Free Report
Find out what your peers are saying about ServiceNow, Proofpoint, Trellix and others in Security Incident Response. Updated: December 2025.
DOWNLOAD NOW
879,477 professionals have used our research since 2012.

We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.