Try our new research platform with insights from 80,000+ expert users

Splunk SOAR pros and cons

Vendor: Splunk

4.0 out of 5

53 reviews
88% willing to recommend

Pros & Cons summary

Splunk SOAR excels in integration capabilities and automation, enhancing workflow management and productivity by reducing manual tasks for Security Operations Center teams. It connects effortlessly with numerous systems and tools, yet its documentation and Microsoft integration need improvement. Despite an extensive library of pre-built integrations and significant impact on threat response efficiency, limited simulation features and high costs may challenge smaller organizations. Workflow management issues further complicate its use.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Splunk SOAR's integration capabilities are highly valued, making it seamless to connect with various systems and tools.

The ability to customize playbooks significantly enhances automation and allows for efficient workflow management.

Splunk SOAR's automation features lead to significant time savings and increased productivity by reducing manual tasks for Security Operations Center teams.

The extensive library of pre-built integrations in Splunk SOAR streamlines workflows by connecting with popular security and IT applications effortlessly.

Splunk SOAR's impact on security operations and business processes is significant, with an emphasis on reducing mean time to detect and improving threat response efficiency.

CONS

Splunk SOAR is lacking in comprehensive documentation, particularly for its functions and features, which complicates navigation and usage.

The integration with other systems, especially Microsoft products and IAM solutions, is insufficient, causing challenges in seamless connectivity.

Simulation tools and features are missing, limiting the ability to create effective playbooks and run simulations.

The pricing of Splunk SOAR remains prohibitively high for smaller organizations and certain global regions, posing budget challenges.

Splunk SOAR encounters difficulties with workflow management, including issues with halting and resuming workflows effectively.

Splunk SOAR Pros review quotes

AS

Chief Technology Officer at Globalnet Research Corporation

Feb 17, 2020

The most valuable feature is the risk-based access control.

Read full review

SA

Technical Lead at Paladion Networks

Apr 30, 2020

Very flexible integration with other tools

Read full review

Senior Data Analyst at a financial services firm with 10,001+ employees

Aug 23, 2020

So far, the interface is very easy to use.

Read full review

Free Report: Splunk SOAR Reviews and More

Learn what your peers think about Splunk SOAR. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.

881,346 professionals have used our research since 2012.

Technical Associate at Positka

Jan 22, 2021

The customization continues to be excellent.

Read full review

reviewer1561083

Cyber Security Solution Architect at a tech services company with 11-50 employees

Apr 26, 2021

I like the integration capabilities of Phantom. It has a lot of integrations with other products. Its searching methodologies are also good. It is also easy to understand and easy to create playbooks.

Read full review

reviewer1540500

Head of Cyber Security Operations Centre at a comms service provider with 1,001-5,000 employees

May 13, 2021

I'm just a beginner on the solution and it's pretty easy for me to use.

Read full review

Filip Stojkovski

VP - Security Automation Lead at a financial services firm with 10,001+ employees

May 3, 2022

I have found all the security automation platform features of Splunk SOAR to be good. The Automation playbook development is highly useful.

Read full review

Deputy Manager at a tech vendor with 10,001+ employees

Jun 2, 2022

The most valuable feature of Splunk SOAR that stands out is it has a great SOAR. The automation and orchestration module is highly mature. A lot of use cases are on user entity and behavioral analytics (UEBA), which is artificial intelligence and machine learning-based (AIML).

Read full review

reviewer1260045

Senior Analyst at a computer software company with 11-50 employees

Jun 7, 2022

The automation part of the product is great.

Read full review

MP

Splunk Consultant at Yssy

Jun 15, 2022

The most valuable features of Splunk SOAR are the easy integration with other solutions, including other Splunk solutions. The most important playbooks we need on the market come already on the Frontend. However, nowadays, Splunk changed its name, it's not Frontend anymore, it's Splunk Store. This is a very strong point.

Read full review

Show 10 more reviews (out of 53)

Splunk SOAR Cons review quotes

AS

Chief Technology Officer at Globalnet Research Corporation

Feb 17, 2020

We want to see improvements made to the APIs such that we can connect to many different systems and data sources.

Read full review

SA

Technical Lead at Paladion Networks

Apr 30, 2020

And most of the challenges that I have faced with the solution can be found in the documentation itself.

Read full review

Senior Data Analyst at a financial services firm with 10,001+ employees

Aug 23, 2020

It would be ideal if we could automate processes even more.

Read full review

Free Report: Splunk SOAR Reviews and More

Learn what your peers think about Splunk SOAR. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.

881,346 professionals have used our research since 2012.

Technical Associate at Positka

Jan 22, 2021

In the beginning, we couldn't find any specific documents for every function. It wasn't easy to navigate to what we needed.

Read full review

reviewer1561083

Cyber Security Solution Architect at a tech services company with 11-50 employees

Apr 26, 2021

I haven't used it fully, but based on my usage, I could not find simulation tools and features. It currently lacks simulation features, which are important for me for creating a playbook. It is also very expensive for my region.

Read full review

reviewer1540500

Head of Cyber Security Operations Centre at a comms service provider with 1,001-5,000 employees

May 13, 2021

We've had trouble implementing the solution with Microsoft products. There seems to be an integration gap.

Read full review

Filip Stojkovski

VP - Security Automation Lead at a financial services firm with 10,001+ employees

May 3, 2022

The Splunk SOAR platform was not designed specifically for case management which is why this area needs improvement.

Read full review

Deputy Manager at a tech vendor with 10,001+ employees

Jun 2, 2022

Splunk SOAR can improve IoT/OT security-related case studies or your use cases. Their integration with identity and access management (IAM) solutions is a bit shaky. They don't have good integration with a lot of IAM solutions. They do have good capability in terms of user access management internally, but even with privileged user access, they have a good module. However, if they have to integrate with solutions, such as CyberArk or IBM IAM solutions they are lacking, the visibility of user access is not that much.

Read full review

reviewer1260045

Senior Analyst at a computer software company with 11-50 employees

Jun 7, 2022

The scalability could be better.

Read full review

MP

Splunk Consultant at Yssy

Jun 15, 2022

Splunk SOAR has room to improve its offering for small-sized customers. The price is not fair for smaller-sized customers.

Read full review

Show 10 more reviews (out of 53)

Product Categories

Product Categories

Security Orchestration Automation and Response (SOAR)

Popular Comparisons

Popular Comparisons

Microsoft Sentinel vs Splunk SOAR

IBM Security QRadar vs Splunk SOAR

Elastic Security vs Splunk SOAR

AWS Security Hub vs Splunk SOAR

Palo Alto Networks Cortex XSOAR vs Splunk SOAR

Exabeam vs Splunk SOAR

Stellar Cyber Open XDR vs Splunk SOAR

Sumo Logic Security vs Splunk SOAR

Tines vs Splunk SOAR

ThreatConnect Threat Intelligence Platform (TIP) vs Splunk SOAR

Torq vs Splunk SOAR

Google Security Operations vs Splunk SOAR

Logpoint vs Splunk SOAR

ServiceNow Security Operations vs Splunk SOAR

Fortinet FortiSOAR vs Splunk SOAR

See all alternatives

Product Categories

Product Categories

Security Orchestration Automation and Response (SOAR)

Popular Comparisons

Popular Comparisons

Microsoft Sentinel vs Splunk SOAR

IBM Security QRadar vs Splunk SOAR

Elastic Security vs Splunk SOAR

AWS Security Hub vs Splunk SOAR

Palo Alto Networks Cortex XSOAR vs Splunk SOAR

Exabeam vs Splunk SOAR

Stellar Cyber Open XDR vs Splunk SOAR

Sumo Logic Security vs Splunk SOAR

Tines vs Splunk SOAR

ThreatConnect Threat Intelligence Platform (TIP) vs Splunk SOAR

Torq vs Splunk SOAR

Google Security Operations vs Splunk SOAR

Logpoint vs Splunk SOAR

ServiceNow Security Operations vs Splunk SOAR

Fortinet FortiSOAR vs Splunk SOAR

See all alternatives

Related questions

27

Which Do You Recommend, Phantom or Demisto?

104

What are the Top 5 cybersecurity trends in 2022?

195

What is the difference between SIEM and SOAR platforms?

77

What is an incident response playbook and how is it used in SOAR?

28

What are the latest trends in Security Operations Center (SOC)?

67

What tools and solutions do you use for automated incident response in an enterprise in 2022?

33

How to evaluate SIEM detection rules?

28

Why a Security Operations Center (SOC) is important?

34

What types of Security Operations Center (SOC) deployment models do exist?

137

Why is Security Orchestration Automation and Response (SOAR) important for companies?