Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats.



| Product | Market Share (%) | 
|---|---|
| Splunk SOAR | 7.7% | 
| Microsoft Sentinel | 15.9% | 
| Palo Alto Networks Cortex XSOAR | 9.6% | 
| Other | 66.8% | 
| Type | Title | Date | |
|---|---|---|---|
| Category | Security Orchestration Automation and Response (SOAR) | Oct 25, 2025 | Download | 
| Product | Reviews, tips, and advice from real users | Oct 25, 2025 | Download | 
| Comparison | Splunk SOAR vs Microsoft Sentinel | Oct 25, 2025 | Download | 
| Comparison | Splunk SOAR vs Palo Alto Networks Cortex XSOAR | Oct 25, 2025 | Download | 
| Comparison | Splunk SOAR vs IBM Security QRadar | Oct 25, 2025 | Download | 
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| Microsoft Sentinel | 4.2 | 15.9% | 93% | 98 interviewsAdd to research | 
| IBM Security QRadar | 4.0 | 7.1% | 90% | 212 interviewsAdd to research | 
| Company Size | Count | 
|---|---|
| Small Business | 12 | 
| Midsize Enterprise | 7 | 
| Large Enterprise | 25 | 
| Company Size | Count | 
|---|---|
| Small Business | 189 | 
| Midsize Enterprise | 112 | 
| Large Enterprise | 443 | 
Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.
Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.
Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.
Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.
Splunk SOAR was previously known as Phantom.
Recorded Future, Blackstone
| Author info | Rating | Review Summary | 
|---|---|---|
| Cyber Security Network Security Engineer at Cirrus Logic | 4.5 | I've used Splunk SOAR for a year to automate security responses, especially phishing detection, and it's been reliable, seamless to deploy, and time-saving, with strong integrations, though on-prem integration and support resources could improve. | 
| Splunk/SOAR Engineer | 4.0 | My focus with Splunk SOAR is on data deployment, configuration, and integration with various platforms. The visual Playbook Editor is a standout feature. Improvements could include better debugging tools and collaboration features. It's more flexible than other SOAR solutions I've used. | 
| System Engineer - Security Presales at Raya Integration | 2.5 | I work with Splunk SOAR for security, notably user behavior analytics and orchestration. Its playbook customization is beneficial, despite being hardware-intensive and complex. While Splunk enhances alerts, it needs better integrations to rival Palo Alto SOAR and FortiSOAR. | 
| Information System Security Officer at a manufacturing company with 10,001+ employees | 4.0 | I don't use Splunk SOAR directly, but it supports our SOC by organizing massive alert volumes, enabling automation, and improving visibility, helping us investigate issues efficiently and enhancing our organization's security monitoring and overall resilience. | 
| Information Security Architect at UMMS | 4.5 | We've used Splunk SOAR with Mission Control for a year, improving alert handling and efficiency. Integration with Enterprise Security is key, setup was easy, and while minor issues exist, overall performance and ROI have been very positive. | 
| Consultant at HCL Technologies | 4.0 | I use Splunk SOAR for incident response and automation, effectively reducing false positives and improving resolution times with seamless integration of tools like VirusTotal and ServiceNow, though I see room for AIOps enhancement to boost predictability. | 
| Information Security Analyst at a healthcare company with 1,001-5,000 employees | 4.0 | I use Splunk to detect and analyze threats, benefiting from its vast data collection and visualization features. While it's expensive and challenging for beginners, its integration capabilities and effectiveness surpass previous solutions like Wazoo, though the dashboard could improve. | 
| Senior Information Security Engineer at a tech company with 10,001+ employees | 2.5 | I use Splunk SOAR to automate our SOC workflows with third-party integrations, especially through Python-based playbook development. While the pre-built integrations are valuable, the playbook development process could be improved due to the need for custom coding. |