Splunk SOAR vs VMware Carbon Black Cloud comparison

Security Orchestration Automation and Response (SOAR)

Download the complete report

Helped 879,259 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

ROI

Sentiment score

5.6

Splunk SOAR improves automation and efficiency, but ROI and integration time vary, benefiting familiar organizations most with proper use.

Sentiment score

5.2

VMware Carbon Black Cloud offers cost savings, improved security, centralized protection, better efficiency, and quick ROI with automation features.

We've seen a decrease in false positives and a significant increase in our containment.

Cyber Security Network Security Engineer at Cirrus Logic

Monthly, around 300 hours of effort, it is saving with Splunk SOAR.

For more quotes and insights, download the Splunk SOAR report

Manager cybersecurity at Hexion Inc.

No quotes available

For more quotes and insights, download the VMware Carbon Black Cloud report

Customer Service

Sentiment score

6.6

Splunk SOAR's support is praised for reliability and responsiveness, though flexibility and response times could improve, valued community resources assist users.

Sentiment score

6.2

VMware Carbon Black Cloud's support is effective but could improve regionally, with mixed customer satisfaction and costly services.

Discovering different troubleshooting methods is harder to do with Splunk SOAR than with Enterprise Security or other Splunk services.

Cyber Security Network Security Engineer at Cirrus Logic

We always have a customer support representative who will come in the picture and help us to direct any ticket or any issue that we are facing to the right team.

Manager cybersecurity at Hexion Inc.

Splunk's technical support is very good and generally not needed often due to the stable environment.

For more quotes and insights, download the Splunk SOAR report

System Engineer - Security Presales at Raya Integration

No quotes available

For more quotes and insights, download the VMware Carbon Black Cloud report

Scalability Issues

Sentiment score

6.7

Splunk SOAR offers scalability and flexibility, effectively managing vast environments despite configuration challenges, with high user ratings noting customizable features.

Sentiment score

7.1

VMware Carbon Black Cloud is praised for its scalability and effectiveness in large environments, with minor integration suggestions.

It can be extended and adapted as necessary.

Kishore Gorantla

Splunk/SOAR Engineer

Splunk SOAR has the ability to scale quite significantly.

For more quotes and insights, download the Splunk SOAR report

Cyber Security Network Security Engineer at Cirrus Logic

No quotes available

For more quotes and insights, download the VMware Carbon Black Cloud report

Stability Issues

Sentiment score

7.3

Splunk SOAR is highly stable and reliable, with minor issues often attributed to third-party services rather than itself.

Sentiment score

7.0

VMware Carbon Black Cloud is stable, with minor issues, resolves bugs quickly, but needs better support and availability for large deployments.

We have not experienced any downtime, crashes, or performance issues.

Cyber Security Network Security Engineer at Cirrus Logic

We have not seen any impact in the work that we do with Splunk SOAR or the SIEM platform.

Manager cybersecurity at Hexion Inc.

Splunk SOAR provides a stable environment and technology.

For more quotes and insights, download the Splunk SOAR report

System Engineer - Security Presales at Raya Integration

No quotes available

For more quotes and insights, download the VMware Carbon Black Cloud report

Room For Improvement

Splunk SOAR requires better integration, user-friendliness, and automation, with improvements needed in support, training, and advanced AI features.

VMware Carbon Black Cloud struggles with intelligence, usability, performance issues, inadequate support, and high costs, affecting its efficiency.

If we start ingesting those data to Splunk SOAR or SIEM with some sort of integration with threat intelligence feed, that will also improve our detection and prediction method or help us with the investigation.

Manager cybersecurity at Hexion Inc.

Although it enhances alert handling, it still has a journey to compete with Palo Alto SOAR and FortiSOAR.

System Engineer - Security Presales at Raya Integration

Splunk's Unified Platform does help consolidate networking security and IT observability tools.

For more quotes and insights, download the Splunk SOAR report

Cyber Security Network Security Engineer at Cirrus Logic

I recall we couldn't upgrade because the sensor was not compatible, and the latest VMware Carbon Black Cloud version was not compatible with the latest Red Hat version.

reviewer2771742

Sec consultant at a tech services company with 5,001-10,000 employees

For more quotes and insights, download the VMware Carbon Black Cloud report

Setup Cost

Enterprise buyers find Splunk SOAR costly but justified by its performance, with recent user-based pricing changes being favorable.

VMware Carbon Black Cloud offers varied pricing experiences, but users often secure competitive rates through resellers with few surprises.

Splunk SOAR is moderately priced, neither cheap nor overly expensive.

Kishore Gorantla

Splunk/SOAR Engineer

I am familiar with the pricing aspect, setup cost, and licensing cost of Splunk SOAR, and it is pretty much similar to what industries are offering these days.

Manager cybersecurity at Hexion Inc.

Splunk SOAR is affordable cost-wise only.

For more quotes and insights, download the Splunk SOAR report

System Engineer - Security Presales at Raya Integration

No quotes available

For more quotes and insights, download the VMware Carbon Black Cloud report

Valuable Features

Splunk SOAR excels with easy integration, automation, and customizable playbooks, significantly enhancing incident response and security operation efficiency.

VMware Carbon Black Cloud provides endpoint isolation, threat detection, and real-time protection with minimal disruption and efficient threat management.

Creating playbooks using the Playbook Editor in Splunk SOAR is easy. The editor is designed to be user-friendly with visual drag and drop features, allowing for easy workflows without writing any code.

Kishore Gorantla

Splunk/SOAR Engineer

Splunk SOAR saves time in threat response, and the time to solve an incident is currently the best in the market.

Francisco JavierRomo

Strategic Account Executive at a computer software company with 51-200 employees

Splunk SOAR has improved our MTTD and MTTR both with the consolidation with a unified platform with Splunk.

For more quotes and insights, download the Splunk SOAR report

Manager cybersecurity at Hexion Inc.

No quotes available

For more quotes and insights, download the VMware Carbon Black Cloud report

Categories and Ranking

Splunk SOAR

Average Rating

8.2

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (2nd)

VMware Carbon Black Cloud

Average Rating

8.2

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Security Incident Response (10th), Endpoint Detection and Response (EDR) (55th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Splunk SOAR is designed for Security Orchestration Automation and Response (SOAR) and holds a mindshare of 7.5%, up 7.5% compared to last year.
VMware Carbon Black Cloud, on the other hand, focuses on Security Incident Response, holds 7.4% mindshare, up 6.4% since last year.

Security Orchestration Automation and Response (SOAR) Market Share Distribution
Product	Market Share (%)
Splunk SOAR	7.5%
Microsoft Sentinel	13.9%
Palo Alto Networks Cortex XSOAR	9.4%
Other	69.2%

Security Orchestration Automation and Response (SOAR)

Security Incident Response Market Share Distribution
Product	Market Share (%)
VMware Carbon Black Cloud	7.4%
Proofpoint Threat Response	10.4%
ServiceNow Security Operations	9.3%
Other	72.9%

Security Incident Response

Featured Reviews

Automates threat response and reduces investigation time but needs better threat intelligence integration

Manager cybersecurity at Hexion Inc.

One thing that we would like to see with Splunk SOAR is the expandability to the threat intelligence feed. Currently, we have limited ingestion to the threat intelligence feed for the correlation purpose. We would like to see it being integrated, with license cost or without license cost, to leading threat intelligence sources such as Recorded Future, Feedly, or Flare. That is something we would appreciate having integrated. The second thing on the improvement side is about exposed credential-related information. If we start ingesting those data to Splunk SOAR or SIEM with some sort of integration with threat intelligence feed, that will also improve our detection and prediction method or help us with the investigation.

Read full review

reviewer2771742

Sec consultant at a tech services company with 5,001-10,000 employees

Has supported consistent deployment across departments but needs better OS compatibility and detection performance

I am not really looking for a new solution, actually, I was preparing for an interview and wanted to have a comparison between both tools. I have not worked with any of these products before, but we had a training demonstration yesterday with Dynatrace, and I have investigated the Wiz solution better. In terms of experience, it will be my first time with CDR. I am working with something for EDR, specifically, we have an EDR, it's VMware Carbon Black Cloud. They have a hybrid environment, both on-prem and cloud. I would usually recommend this product for big companies, because it's not cheap, so only big companies would I expect to pay for that. The review rating for VMware Carbon Black Cloud is 6 out of 10.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.

See recommendations

879,259 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

12%

Manufacturing Company

10%

Computer Software Company

10%

University

Financial Services Firm

11%

Real Estate/Law Firm

Healthcare Company

Computer Software Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	12
Midsize Enterprise	7
Large Enterprise	31

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	4
Large Enterprise	8

Questions from the Community

What do you like most about Splunk Phantom?

Splunk SOAR's quick response to incidents is the most valuable part.

What is your experience regarding pricing and costs for Splunk Phantom?

I am familiar with the pricing aspect, setup cost, and licensing cost of Splunk SOAR, and it is pretty much similar to what industries are offering these days. We never had any issue when we had to...

What needs improvement with Splunk Phantom?

The visibility of Splunk SOAR's playbook viewer is rather unclear to me; I wonder what the visibility is for. There are indeed some problems with integrating Splunk SOAR with other Splunk products ...

What to choose: an endpoint antivirus, an EDR solution or both?

I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...

What's the difference between Carbon Black CB Response and Carbon Black CB Defense?

Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...

What do you like most about Carbon Black CB Response?

Threat hunting is the most valuable feature of VMware Carbon Black Cloud.

Palo Alto Networks Cortex XSOAR vs Splunk SOAR

Comparisons

Compared 16% of the time

Fortinet FortiSOAR vs Splunk SOAR

Compared 11% of the time

ServiceNow Security Operations vs Splunk SOAR

Compared 9% of the time

Tines vs Splunk SOAR

Compared 8% of the time

Swimlane vs Splunk SOAR

Compared 4% of the time

More Splunk SOAR Competitors

Palo Alto Networks Cortex XSOAR vs VMware Carbon Black Cloud

Compared 20% of the time

VMware Carbon Black Endpoint vs VMware Carbon Black Cloud

Compared 11% of the time

Rapid7 InsightIDR vs VMware Carbon Black Cloud

Compared 9% of the time

Fortinet FortiEDR vs VMware Carbon Black Cloud

Compared 8% of the time

Fidelis Elevate vs VMware Carbon Black Cloud

Compared 7% of the time

More VMware Carbon Black Cloud Competitors

Product Reports

Splunk SOAR

Download Splunk SOAR product report

VMware Carbon Black Cloud

Download VMware Carbon Black Cloud product report

Also Known As

Phantom

Carbon Black CB Response

Overview

Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats.

Go from overwhelmed to in-control

Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.

Force multiply your team

Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.

From 30 minutes to 30 seconds

Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.

End-to-end security operations made easy

Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.

Splunk

Fortify Endpoint and Workload Protection

Legacy approaches fall short as cybercriminals update tactics and obscure their actions. Get advanced cybersecurity fueled by behavioral analytics to spot minor fluctuations and adapt in response.

Recognize New Threats

Analyze attackers’ behavior patterns to detect and stop never-before-seen attacks with continuous endpoint activity data monitoring. Don’t get stuck analyzing only what’s worked in the past.

Simplify Your Security Stack

Streamline the response to potential incidents with a unified endpoint agent and console. Minimize downtime responding to incidents and return critical CPU cycles back to the business.

Broadcom

Sample Customers

Recorded Future, Blackstone

ALLETE belk

Security Orchestration Automation and Response (SOAR)