What is Splunk SOAR?
Splunk SOAR (formerly Splunk Phantom) combines security infrastructure orchestration, playbook automation and case management capabilities to streamline your team, processes and tools.
Company Details
Need Assistance?
We're here to help you with understanding our reports and the data inside to help you make decisions.
Get AssistanceSplunk SOAR Ratings
Real user data aggregated to summarize the product performance and customer experience.
Download the entire Product Scorecard
to access more information on Splunk SOAR.
Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.
89 Likeliness to Recommend
93 Plan to Renew
84 Satisfaction of Cost Relative to Value
Emotional Footprint Overview
Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.
+94 Net Emotional Footprint
The emotional sentiment held by end users of the software based on their experience with the vendor. Responses are captured on an eight-point scale.
How much do users love Splunk SOAR?
Pros
- Enables Productivity
- Saves Time
- Altruistic
- Generous Negotitation
How to read the Emotional Footprint
The Net Emotional Footprint measures high-level user sentiment towards particular product offerings. It aggregates emotional response ratings for various dimensions of the vendor-client relationship and product effectiveness, creating a powerful indicator of overall user feeling toward the vendor and product.
While purchasing decisions shouldn't be based on emotion, it's valuable to know what kind of emotional response the vendor you're considering elicits from their users.
Footprint
Negative
Neutral
Positive
Feature Ratings
Capable of Use Case Development
Orchestrate & Automate
Playbooks/Runbooks and Workflow Builder
Dashboards
Team Collaboration
Integration with IR Management
Integration Capabilities
Case Management
Data Model
Management and Sharing of Intelligence
Automated Phishing Handling
Vendor Capability Ratings
Business Value Created
Breadth of Features
Ease of Implementation
Ease of Data Integration
Availability and Quality of Training
Quality of Features
Usability and Intuitiveness
Ease of Customization
Vendor Support
Ease of IT Administration
Product Strategy and Rate of Improvement
Splunk SOAR Reviews
Gregory R.
- Role: Information Technology
- Industry: Government
- Involvement: IT Development, Integration, and Administration
Submitted Feb 2022
Blooded SOAR product that has a community
Likeliness to Recommend
What differentiates Splunk SOAR from other similar products?
Case Management, Great VPE, Wide Compatibility, Battle Tested
What is your favorite aspect of this product?
The Community
What do you dislike most about this product?
Splunk Pushing the cloud version too hard, Slow updates to fixes, and slow feature implementations,
What recommendations would you give to someone considering this product?
Hire for it
Pros
- Continually Improving Product
- Respectful
- Altruistic
- Client's Interest First
Cons
- Vendor Friendly Policies
Shahrukh S.
- Role: Consultant
- Industry: Technology
- Involvement: IT Development, Integration, and Administration
Submitted Feb 2022
Splunk SOAR, a journey to maturity.
Likeliness to Recommend
What differentiates Splunk SOAR from other similar products?
Splunk SOAR has its signature in terms of the UI and the data model it follows. Also the best part is that it is constantly evolving. I started with the version 4.6.0 and now we are on 5.x.x. During these version changes, we have witnessed so many new features being added, exist features getting improved and they were relatively fast moving to Python 3.x while not impacting the 2.x playbooks. Users were allowed to keep python 2.x during these times and they also provided a script to convert 2.x playbooks to 3.x. This change to Python 3.x was also not immediate, they bought it to the platform one component at a time.
What is your favorite aspect of this product?
Backend is Python and it's easier to convert your existing Python code to a phantom custom code block.
What do you dislike most about this product?
During the initial days the documentation was poor and inconsistent that you needed to consult a support person to be confident to go for a major change such as an upgrade to the platform. They have improved so much over the last couple of years, bur we still see some of the things missed or unclear in a few of their documentations.
What recommendations would you give to someone considering this product?
Compared to other SOAR platforms, Splunk SOAR supports only Python code at the moment. Considering the flexibility of Python, this is sufficient for someone with a capable team to develop with Python. Their costing is a bit on the higher side but you are in safe hands when it comes to the technical support. If you already have Splunk Enterprise SIEM being used in your environment, that would be another added factor to lean towards Splunk SOAR as they work very well with each other. If you are looking at moving your existing PowerShell scripts to the SOAR platform, I urge you compare the the ease of integrations and development
Pros
- Helps Innovate
- Continually Improving Product
- Reliable
- Performance Enhancing
- Role: Information Technology
- Industry: Technology
- Involvement: IT Development, Integration, and Administration
Submitted Feb 2022
Excellent analysis
Likeliness to Recommend
Pros
- Helps Innovate
- Continually Improving Product
- Efficient Service
- Effective Service