


Swimlane and Splunk SOAR are competing in the security orchestration, automation, and response solutions market. Swimlane, with its focus on pricing and customer support, provides an advantage for resource-constrained organizations. However, Splunk SOAR, equipped with advanced automation and integrations, is favored due to its comprehensive feature set.
Features: Swimlane stands out for its customizable dashboards, integration framework, and capability to enable security teams through incident management. Splunk SOAR offers matured automation and orchestration features, seamless integrations across numerous security tools, and allows complex playbook creation, providing enhanced threat detection and response.
Room for Improvement: Swimlane could improve in automation depth, integration with niche tools, and scalability for larger environments. Splunk SOAR can work on simplifying its deployment process, enhancing real-time user support during setup, and boosting its cloud-deployment efficiency.
Ease of Deployment and Customer Service: Swimlane's deployment is straightforward, supported by an intuitive setup and strong customer service, resulting in a rapid adoption rate. Splunk SOAR, while offering extensive documentation and support, may involve a more intensive deployment process that could benefit from more streamlined integration paths.
Pricing and ROI: Swimlane offers competitive pricing, making it appealing for organizations focused on cost-saving and quick return on investment. Splunk SOAR, demanding a higher initial investment, compensates with its extensive capabilities that promise a higher long-term ROI by improving operational efficiencies.
Since we started working with Torq, I am handling much fewer alerts. It is becoming really easy for me to handle an alert.
We have seen a return on investment, targeting a $600,000 ROI for the year.
By the time we officially bought Torq, we already had two workflows that were very helpful to us.
Since deploying Splunk SOAR, there has been a notable reduction in time spent on monotonous security tasks, which I estimate to be around 95%, enabling my team to focus on more strategic initiatives.
We've seen a decrease in false positives and a significant increase in our containment.
Monthly, around 300 hours of effort, it is saving with Splunk SOAR.
Swimlane saves us 80 to 90 percent of our time by quickly helping us design the journey and efficiently passing information to various components.
We have seen a return on investment; with the same number of engineers, we now handle double the number of customers, even with the new, larger customers requiring dedicated teams.
My impression of their technical support during the initial setup was that they were helpful, responded within a reasonable timeframe, and provided exactly what we needed.
The speed and quality of their answers have been pretty good, as I usually get a response within 24 hours, and they follow up well.
We can always get an answer, and the support team are experts in their own system.
Discovering different troubleshooting methods is harder to do with Splunk SOAR than with Enterprise Security or other Splunk services.
We always have a customer support representative who will come in the picture and help us to direct any ticket or any issue that we are facing to the right team.
I have worked with Splunk SOAR's technical support or customer service, which I find to be as perfect as Splunk SIEM
When I raise a ticket, they reply within half an hour with an initial response, signifying that an agent has been assigned and is working on the issue.
They are attentive, responsive, and work to resolve issues efficiently.
They provided assistance within the same hour.
Our case management is super scalable.
In terms of scalability, you can do as long as you can build it, and they can support it.
Regarding the ability of the solution to grow in your work environment, if it is scalable, if it fits your business requirements, and if there is room to scale up, the answer is yes, for sure.
This solution is very much scalable, so I would rate it a ten.
It can be extended and adapted as necessary.
Regarding scalability, I find it to be a nine, as we have had no issues with scaling Splunk SOAR.
Swimlane should have the capability to be moved out of Appian and integrated with other platforms.
We did not encounter issues even when managing thousands of alerts, as scalability is only limited by our instance's server capacity.
Its scalability automatically adjusts based on usage.
We have been using Torq for one and a half years, but we have experienced no downtime.
Most of the time, the system is stable as long as the components that they integrate with are stable.
I have never faced any downtime or issues.
We have not experienced any downtime, crashes, or performance issues.
We have not seen any impact in the work that we do with Splunk SOAR or the SIEM platform.
I have not encountered any outages or glitches within my experience with Splunk SOAR.
I haven't seen any production issue or anything coming up because of Swimlane.
We encountered issues requiring restarts and losing alerts.
The version we had was kind of buggy, but support indicated we just needed to do updates to resolve the issues.
Torq should offer default templates that can directly scan firewall data and automate actions.
The AI value depends on maturity. Real value depends heavily on telemetry, integration depth, and workflow design, all of which rely on how mature customers are in their SOC department.
It was able to capture data but was unable to differentiate between the agent hostname we are using and the hostname that resides on the back end of the Internet.
If we start ingesting those data to Splunk SOAR or SIEM with some sort of integration with threat intelligence feed, that will also improve our detection and prediction method or help us with the investigation.
Torq is better than Splunk SOAR because Torq has a no-code UI where we can accomplish anything through drag and drop.
It's basically given me a force multiplier.
Despite being advertised as a no-code tool, it remains code-reliant, demanding users to build solutions through coding.
In the orchestration tab, it would be helpful to have a list of playbooks where a particular asset or connector is used.
Colors can be used for the prioritization of risks and the significance of information.
When they bring more and more value into the platform, it makes more sense to pay that price, but still, it is expensive.
Before deciding to implement Torq, I considered that compared to our old case management platform, Torq was a much better price and had a lot better value for what you get out of the platform, which was a key consideration for the company.
It is an expensive solution, not an inexpensive solution, but we get through the flexibility.
It is way below what it costs to hire some professionals to do only that type of work.
Splunk SOAR is moderately priced, neither cheap nor overly expensive.
I am familiar with the pricing aspect, setup cost, and licensing cost of Splunk SOAR, and it is pretty much similar to what industries are offering these days.
Swimlane is cheaper than other SOAR platforms.
In terms of pricing, Swimlane is on the slightly expensive side.
the pricing was very nice with a great discount.
Torq's unified platform approach to AI SOC automation and case management has significantly benefited us by integrating the case management platform with the automation, which saves time compared to managing multiple point solutions across our security stack.
The fact that I can build whatever I want within my own imagination and skills without relying on code is the best thing about Torq.
You can copy and paste a cURL command. If you have documentation or APIs, you usually have an example on the side. You basically have all the information on how the API call should be. You can just copy that and paste it into a step, and it will just build the step for you.
Creating playbooks using the Playbook Editor in Splunk SOAR is easy. The editor is designed to be user-friendly with visual drag and drop features, allowing for easy workflows without writing any code.
Splunk SOAR saves time in threat response, and the time to solve an incident is currently the best in the market.
Splunk SOAR has improved our MTTD and MTTR both with the consolidation with a unified platform with Splunk.
Its integration capabilities allow connections to various platforms, enhancing its usability.
It helps in clearly identifying the roles, timeline, and actions involved in the workflow, offering a comprehensive depiction of the entire process.
As a solution architect, I use various software, and the most important thing is that Swimlane is an easily designed and learnable software.
| Product | Mindshare (%) |
|---|---|
| Splunk SOAR | 7.1% |
| Torq | 3.8% |
| Swimlane | 2.7% |
| Other | 86.4% |
| Company Size | Count |
|---|---|
| Small Business | 4 |
| Midsize Enterprise | 5 |
| Large Enterprise | 6 |
| Company Size | Count |
|---|---|
| Small Business | 17 |
| Midsize Enterprise | 10 |
| Large Enterprise | 41 |
| Company Size | Count |
|---|---|
| Small Business | 3 |
| Midsize Enterprise | 1 |
| Large Enterprise | 8 |
Torq is the enterprise AI SOC solution that effectively combines adaptive insights and automation to handle critical threats efficiently. It manages threat lifecycles, swiftly moving from triage to response, ensuring effective risk management.
Torq is designed to streamline security operations by aggregating telemetry across your security stack. It investigates significant risks and manages threats from triage to containment and remediation. This AI-driven tool enhances the capabilities of your SecOps team, allowing them to achieve more impactful results without introducing complicated processes.
What are the key features of Torq?In industries like finance and healthcare, Torq shows effectiveness by adapting to specific risk scenarios often encountered in these fields. Its integration with existing infrastructures makes it a valuable asset for maintaining stringent security standards, essential for protecting critical data and operations in diverse high-stakes environments.
Splunk SOAR focuses on automating security operations with seamless third-party integrations and customizable workflows, enhancing incident response and threat management.
Splunk SOAR offers robust playbook automation and powerful API connectivity, allowing organizations to streamline workflows and integrate extensively with tools like Salesforce and ServiceNow. With its capabilities in real-time data visualization and automated threat responses, it significantly enhances security and reduces manual efforts. Users appreciate the ease of creating playbooks, which reduces mean time to detect and resolve. However, attention to its integration challenges with Microsoft products, the need for more playbooks, and improved customization tools is necessary. Enhancements in the development process, visibility, scalability, and case management options are also beneficial. Improving documentation and training resources would add more depth and accessibility.
What are the top features of Splunk SOAR?Organizations implement Splunk SOAR in industries to automate tasks in Security Operation Centers, addressing incidents such as phishing, brute force, and ransomware. It integrates with third-party applications for threat intelligence enrichment, commonly deployed both on-premise and cloud, enhancing cybersecurity efforts.
Swimlane provides a centralized platform for security orchestration, automation, and response. It enhances operational efficiency and reduces workloads through drag-and-drop task automation and integration capabilities.
Swimlane empowers IT teams by streamlining tasks with minimal coding, offering extensive customization, and enabling efficient incident response. Its features include centralized logging, visual workflow representation, and integration with third-party tools. Swimlane's task persistence and case management improve operational control but face issues with stability and latency. While marketed as a no-code platform, setup complexity requires skilled developers. Enhancing search, AI, and scalability is vital for improved usage in multinational environments.
What are Swimlane's essential features?In industries like IT and security, Swimlane serves as a SOAR platform for incident management and enriched alert integration. It's used for designing customer journey architectures and task assignments in multinational environments, despite requiring improvements in its initial setup and orchestration.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.