No more typing reviews! Try our Samantha, our new voice AI agent.
Splunk SOAR Logo

Splunk SOAR pros and cons

Vendor: Splunk
4.1 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

Splunk SOAR enhances efficiency by automating processes and reducing response times, integrating with popular security and IT apps. While it offers robust flexibility and customizable playbooks, it has a limited playbook library and lacks AI features. Integration gaps with Microsoft products and costly pricing remain concerns. More AIOps could improve predictability, but it still boosts workflow ROI despite integration shortcomings with IAM solutions like CyberArk and IBM IAM.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Splunk SOAR enhances efficiency and productivity by automating processes and reducing manual tasks, saving significant time for security teams.
Splunk SOAR integrates seamlessly with various popular security and IT applications through its extensive library of pre-built apps, streamlining workflows and improving ROI.
The ability to create and customize playbooks in Splunk SOAR allows users to automate responses to incidents, further reducing response times and increasing productivity.
Splunk SOAR offers robust and flexible integration capabilities with various systems and environments, making it highly adaptable to different technological needs.
Splunk SOAR significantly reduces mean time to detect and respond to threats, allowing security operations to be more effective and efficient.

CONS

Splunk SOAR has a limited number of playbooks available and the playbook development process needs optimization.
More AIOps are required to improve predictability in Splunk SOAR, as it currently expands security event volume instead of reducing it.
Splunk SOAR lags in adopting AI features compared to competitors integrating AI, such as Copilots, into their platforms.
There is an integration gap in Splunk SOAR with Microsoft products, and existing integrations with IAM solutions like CyberArk or IBM IAM are insufficient.
Splunk SOAR is expensive, particularly for smaller organizations, and the pricing structure is compared unfavorably to competitors.
 

Splunk SOAR Pros review quotes

SS
Shiboo Suren
Manager cybersecurity at Hexion Inc.
Nov 11, 2025
Splunk SOAR has saved us a lot; monthly, around 300 hours of effort, it is saving with Splunk SOAR, and it has helped us where we were able to run the SOC operation with the less number of headcount versus what we used to do earlier.
Read full review
Abhishek Nayak - PeerSpot reviewer
Abhishek Nayak
Soc L1 Engineer at Softcell Technologies Limited
Jun 23, 2026
We decided to use Splunk SOAR because it's a powerful, reliable engine that has significantly improved our SOC operations, especially in terms of incident response time and scaling features.
Read full review
Vaibhav Mahendra Kolhe - PeerSpot reviewer
Vaibhav Mahendra Kolhe
Soc Analyst at Softcell Technologies Limited
Jun 2, 2026
Splunk SOAR helps a lot with consolidating our networking, security, and observability tools, and we are saving almost 200 hours compared to not using Splunk SOAR.
Read full review
Buyer's Guide
Splunk SOAR
May 2026
Free Report: Splunk SOAR Reviews and More
Learn what your peers think about Splunk SOAR. Get advice and tips from experienced pros sharing their opinions. Updated: May 2026.
DOWNLOAD NOW
900,644 professionals have used our research since 2012.
Jabez Daniel - PeerSpot reviewer
Jabez Daniel
Advance Data Engineer(Cyber Security) at Novo Nordisk
Jan 19, 2026
In terms of time savings in threat responses, as a team, we save more than 30%, estimated around 30-40%.
Read full review
SN
Sravanakumar Nidamanooru
Identity and Access Management Specialist at a university with 10,001+ employees
Feb 22, 2026
Since deploying Splunk SOAR, there has been a notable reduction in time spent on monotonous security tasks, which I estimate to be around 95%, enabling my team to focus on more strategic initiatives.
Read full review
Mack Scott - PeerSpot reviewer
Mack Scott
Cyber Security Network Security Engineer at Cirrus Logic
Sep 9, 2025
In terms of deployment, there were no issues. It was pretty seamless.
Read full review
R Nandasana - PeerSpot reviewer
R Nandasana
Senior Information Technology Security Consultant at Mideast Data Systems
May 19, 2026
Analysts save a lot of time with Splunk SOAR because all relevant details from phishing emails, including the email ID, IP address, sender information, and email content such as links or attachments, are automatically integrated into an incident and sent to ServiceNow, making troubleshooting easier and enabling them to start investigating directly or know what to do next.
Read full review
Vikas Pandita - PeerSpot reviewer
Vikas Pandita
Global Head Of Security Architecture Digital & Technology at Aramex
Apr 16, 2026
I have saved much time thanks to Splunk SOAR's impact, where earlier, without autonomous monitoring, users took almost one day or two days; now, a twenty-four hour job is done in almost thirty minutes.
Read full review
Hamada Elewa - PeerSpot reviewer
Hamada Elewa
System Engineer - Security Presales at Raya Integration
Oct 28, 2025
Splunk SOAR helps reduce my mean time to detect significantly and enhances it very well; it reduces the mean time to detect by approximately 70%.
Read full review
Vikas_Tiwari - PeerSpot reviewer
Vikas_Tiwari
Citius Tech at a outsourcing company with 5,001-10,000 employees
May 26, 2026
Splunk SOAR is very good and very efficient; the UI is very good, and that way we don't have to struggle with a lot of pages because everything is on the dashboard and every detail is just a click away, which saves a lot of time compared to other SOAR solutions whose UIs are quite complex.
Read full review
Show 10 more reviews (out of 61)
 

Splunk SOAR Cons review quotes

SS
Shiboo Suren
Manager cybersecurity at Hexion Inc.
Nov 11, 2025
One thing that we would like to see with Splunk SOAR is the expandability to the threat intelligence feed.
Read full review
Abhishek Nayak - PeerSpot reviewer
Abhishek Nayak
Soc L1 Engineer at Softcell Technologies Limited
Jun 23, 2026
I have found a challenge in my three months with Splunk SOAR in that it is quite a heavy tool to maintain.
Read full review
Vaibhav Mahendra Kolhe - PeerSpot reviewer
Vaibhav Mahendra Kolhe
Soc Analyst at Softcell Technologies Limited
Jun 2, 2026
The price of Splunk SOAR is high. From a price perspective, the cost for an organization is very high.
Read full review
Buyer's Guide
Splunk SOAR
May 2026
Free Report: Splunk SOAR Reviews and More
Learn what your peers think about Splunk SOAR. Get advice and tips from experienced pros sharing their opinions. Updated: May 2026.
DOWNLOAD NOW
900,644 professionals have used our research since 2012.
Jabez Daniel - PeerSpot reviewer
Jabez Daniel
Advance Data Engineer(Cyber Security) at Novo Nordisk
Jan 19, 2026
I'd rate Splunk's technical support around five because compared to IBM QRadar, their support is much better. I feel Splunk should enhance their support, as it appears lacking, especially considering the costs associated with higher licenses.
Read full review
SN
Sravanakumar Nidamanooru
Identity and Access Management Specialist at a university with 10,001+ employees
Feb 22, 2026
While I appreciate Splunk SOAR, there are areas for improvement, notably regarding the CI/CD pipeline for playbook lifecycle management, as transitioning playbooks from development to production currently feels cumbersome and requires more manual effort than I would prefer.
Read full review
Mack Scott - PeerSpot reviewer
Mack Scott
Cyber Security Network Security Engineer at Cirrus Logic
Sep 9, 2025
They should integrate Splunk Enterprise Security better into Splunk Cloud.
Read full review
R Nandasana - PeerSpot reviewer
R Nandasana
Senior Information Technology Security Consultant at Mideast Data Systems
May 19, 2026
To make Splunk SOAR more usable, the tool needs to be simplified.
Read full review
Vikas Pandita - PeerSpot reviewer
Vikas Pandita
Global Head Of Security Architecture Digital & Technology at Aramex
Apr 16, 2026
From the improvement point of view regarding Splunk SOAR, I suggest including more types of LLM models such as autonomous AI models including Anthropic and Opus 4.6, as well as creating a playground for new users to work on these, which will significantly help solve complex problems and assist new companies in understanding how Splunk works easily.
Read full review
Hamada Elewa - PeerSpot reviewer
Hamada Elewa
System Engineer - Security Presales at Raya Integration
Oct 28, 2025
Splunk SOAR does not help me reduce my security event volume; in fact, it makes them massive.
Read full review
Vikas_Tiwari - PeerSpot reviewer
Vikas_Tiwari
Citius Tech at a outsourcing company with 5,001-10,000 employees
May 26, 2026
Technical support can be improvised more. That is one area where I feel the team is sometimes struggling.
Read full review
Show 10 more reviews (out of 61)

Product Categories

Product Categories
Security Orchestration Automation and Response (SOAR)

Popular Comparisons

Popular Comparisons
IBM Security QRadar vs Splunk SOAR Logo
IBM Security QRadar vs Splunk SOAR
Microsoft Sentinel vs Splunk SOAR Logo
Microsoft Sentinel vs Splunk SOAR
Elastic Security vs Splunk SOAR Logo
Elastic Security vs Splunk SOAR
Torq vs Splunk SOAR Logo
Torq vs Splunk SOAR
AWS Security Hub vs Splunk SOAR Logo
AWS Security Hub vs Splunk SOAR
Palo Alto Networks Cortex XSOAR vs Splunk SOAR Logo
Palo Alto Networks Cortex XSOAR vs Splunk SOAR
Exabeam vs Splunk SOAR Logo
Exabeam vs Splunk SOAR
Stellar Cyber Open XDR vs Splunk SOAR Logo
Stellar Cyber Open XDR vs Splunk SOAR
NetWitness NDR vs Splunk SOAR Logo
NetWitness NDR vs Splunk SOAR
Sumo Logic Security vs Splunk SOAR Logo
Sumo Logic Security vs Splunk SOAR
Logpoint vs Splunk SOAR Logo
Logpoint vs Splunk SOAR
Tines vs Splunk SOAR Logo
Tines vs Splunk SOAR
Google Security Operations vs Splunk SOAR Logo
Google Security Operations vs Splunk SOAR
ThreatConnect Threat Intelligence Platform (TIP) vs Splunk SOAR Logo
ThreatConnect Threat Intelligence Platform (TIP) vs Splunk SOAR
ServiceNow Security Operations vs Splunk SOAR Logo
ServiceNow Security Operations vs Splunk SOAR
See all alternatives

Product Categories

Product Categories
Security Orchestration Automation and Response (SOAR)

Popular Comparisons

Popular Comparisons
IBM Security QRadar vs Splunk SOAR Logo
IBM Security QRadar vs Splunk SOAR
Microsoft Sentinel vs Splunk SOAR Logo
Microsoft Sentinel vs Splunk SOAR
Elastic Security vs Splunk SOAR Logo
Elastic Security vs Splunk SOAR
Torq vs Splunk SOAR Logo
Torq vs Splunk SOAR
AWS Security Hub vs Splunk SOAR Logo
AWS Security Hub vs Splunk SOAR
Palo Alto Networks Cortex XSOAR vs Splunk SOAR Logo
Palo Alto Networks Cortex XSOAR vs Splunk SOAR
Exabeam vs Splunk SOAR Logo
Exabeam vs Splunk SOAR
Stellar Cyber Open XDR vs Splunk SOAR Logo
Stellar Cyber Open XDR vs Splunk SOAR
NetWitness NDR vs Splunk SOAR Logo
NetWitness NDR vs Splunk SOAR
Sumo Logic Security vs Splunk SOAR Logo
Sumo Logic Security vs Splunk SOAR
Logpoint vs Splunk SOAR Logo
Logpoint vs Splunk SOAR
Tines vs Splunk SOAR Logo
Tines vs Splunk SOAR
Google Security Operations vs Splunk SOAR Logo
Google Security Operations vs Splunk SOAR
ThreatConnect Threat Intelligence Platform (TIP) vs Splunk SOAR Logo
ThreatConnect Threat Intelligence Platform (TIP) vs Splunk SOAR
ServiceNow Security Operations vs Splunk SOAR Logo
ServiceNow Security Operations vs Splunk SOAR
See all alternatives
Related questions
  • 51
Which Do You Recommend, Phantom or Demisto?
  • 315
What are the Top 5 cybersecurity trends in 2022?
  • 224
What is the difference between SIEM and SOAR platforms?
  • 120
What is an incident response playbook and how is it used in SOAR?
  • 92
What are the latest trends in Security Operations Center (SOC)?
  • 222
What tools and solutions do you use for automated incident response in an enterprise in 2022?
  • 101
How to evaluate SIEM detection rules?
  • 85
Why a Security Operations Center (SOC) is important?
  • 125
What types of Security Operations Center (SOC) deployment models do exist?
  • 195
Why is Security Orchestration Automation and Response (SOAR) important for companies?