We performed a comparison between Secureworks Red Cloak Threat Detection and Response [EOL] and Splunk SOAR based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy."
More Secureworks Red Cloak Threat Detection and Response [EOL] Pros →
"My understanding is the initial setup isn't too hard."
"The customizable playbook is the most valuable aspect of the solution."
"The solution allows us to customize playbooks and incorporate custom code, allowing us to drag and drop elements while still writing code to build the integrations we need."
"I like the integration capabilities of Phantom. It has a lot of integrations with other products. Its searching methodologies are also good. It is also easy to understand and easy to create playbooks."
"The best feature is the integration and the custom Python code that we can write. Splunk SOAR provides us with both of these capabilities, allowing us to integrate different security solutions with Splunk SOAR and take remediation actions directly on those security tools."
"It has definitely saved a decent amount of time for our analysts so they can focus on other tasks."
"Very flexible integration with other tools"
"The most valuable feature is the API connector, depending on how it's formatted and who made the actual app offering for it. The REST API is my favorite component. It's very easy to use. The filters are also really valuable. Those are the two primary features but I enjoy using the rest of it."
"There are some automated network response portions that we want to turn up."
More Secureworks Red Cloak Threat Detection and Response [EOL] Cons →
"SOAR is probably the most unreliable product Splunk has and that's because most of it is content driven from what you put into it. There are certain parts of it that have a little bit of difficulty at volume too. It's always changing. There is new stuff coming out for it that's going to make it a little bit better, but it does have some drawbacks."
"There is a lot of room for improvement with the UI."
"Splunk's support for integration is subpar and has room for improvement."
"The application does not work properly and does not pass the log-based configuration. I feel that some kind of review should happen in the application. This review should validate things so that we can get the right information. Splunk does not tell us where the IP address is associated with."
"We've run into a few minor issues. Some of the playbook writing is a bit complicated. We've had a few hiccups with the source control. We'd really like to use GitHub deployment keys for a dedicated account. We haven't been able to do that. I think those are some of the major ones."
"Creating playbooks using the solution’s playbook editor, for me, is very cumbersome. There have been instances where I have said to myself that I just don't want to use this editor. I might just use a code block and write my own code within it... The functionality in the playbook editor is 80 percent there, but that 20 percent is still lacking. They could make it more efficient."
"We've had trouble implementing the solution with Microsoft products. There seems to be an integration gap."
"It would be ideal if we could automate processes even more."
Earn 20 points
Secureworks Red Cloak Threat Detection and Response [EOL] doesn't meet the minimum requirements to be ranked in Security Incident Response while Splunk SOAR is ranked 3rd in Security Orchestration Automation and Response (SOAR) with 30 reviews. Secureworks Red Cloak Threat Detection and Response [EOL] is rated 8.0, while Splunk SOAR is rated 8.0. The top reviewer of Secureworks Red Cloak Threat Detection and Response [EOL] writes "Simple deployment with good reports and dashboard". On the other hand, the top reviewer of Splunk SOAR writes "Takes most of the work away, but the time they take to implement new features is a little bit of concern". Secureworks Red Cloak Threat Detection and Response [EOL] is most compared with VMware Carbon Black Endpoint, Cisco SecureX and VMware Carbon Black Cloud, whereas Splunk SOAR is most compared with Palo Alto Networks Cortex XSOAR, Cortex XSIAM, ServiceNow Security Operations, Torq and Swimlane.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.