IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform

IBM Resilient Security Orchestration, Automation and Response (SOAR) is a platform for orchestrating and automating incident response processes.

Languages supported: German, English, French, Japanese, Spanish, Chinese (Simplified)

8.4/10 (Expert Score) ★★★★★
Product is rated as #17 in category and Response (SOAR) Software
Ease of use
7.6
Support
8.2
Ease of Setup
7.6

Images

Check Software Images

The IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform is the leading platform for orchestrating and automating incident response processes. IBM Resilient SOAR Platform quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.

IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform
IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform

Show more categories

Customer Reviews

IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform Reviews

Swapnil R.

Advanced user of IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform
★★★★★
Powerful customizable tool but only when it's configured correctly

What do you like best?

IBM resilient soar is good platform when we consider automation in process. We have integrated this tool with IBM Qradar. Best part is that it can automate the security incidents directly without human interference. We can do part of automation which we want to automate, their are lots of functionalities in this tool itself. Incidents can be created automatically or manually. We can integrate the other API also. This tool helps in saving the time and meeting the SLA.

What do you dislike?

This tool is best when all the configuration is done correctly otherwise you will face number of small problems. It's a powerful but it needs time for proper setup. As we have integrated resilient with Qradar, when we do some changes in Qradar, resilient stops working because of some error. This happens frequently. So we have to fix this number of times. Sometimes Qradar data tables not generate in resilient so that creation of incidents stops for a while.

Recommendations to others considering the product:

Resilient is best automation tool for the quick generation of incidents. It helps in creation of major and critical incidents generation within SLA. But we cannot compare it with human analysis and investigation. It helps only generation of incidents with some details. After that analyst have to do actual investigation for the case.

What problems are you solving with the product? What benefits have you realized?

Sometimes resilient fails to fetch data from Qradar which stops the incident creation. This problem we are solving with the resilient.

Review source: G2.com

Leave a reply

Your total score

B2B Software Guide