No more typing reviews! Try our Samantha, our new voice AI agent.

Splunk SOAR pros and cons

Vendor: Splunk

4.1 out of 5

58 reviews
89% willing to recommend

Pros & Cons summary

Splunk SOAR offers seamless integration, enhancing utility and scalability in diverse environments but faces challenges with Microsoft products and IAM solutions. It boosts efficiency through a library of pre-built, customizable playbooks, saving time in threat response while facing integration gaps and high pricing. Its automation, leveraging AI and ML, is mature despite users experiencing latency and complexities in playbook optimization. Issues in technical support and documentation affect user onboarding.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Splunk SOAR offers seamless integration with other applications and systems, enhancing its utility in diverse environments.

The library of pre-built playbooks and the ability to customize them with Python code significantly boosts efficiency and automation.

It has extensive automation capabilities that save a substantial amount of time in threat detection and response, reducing the burden on security teams.

The automation and orchestration module are mature, leveraging user entity and behavioral analytics with artificial intelligence and machine learning-based features.

Splunk SOAR is highly scalable and provides flexible and effective streamlining of workflows across security operations.

CONS

Splunk SOAR has challenges integrating with Microsoft products and IAM solutions, often facing integration gaps.

Its pricing model is considered high, particularly for smaller-sized customers.

There are complexities in playbook creation and optimization, with suggestions for more playbooks and better lifecycle management.

Users face latency issues, citing slow response times due to the large datasets it handles.

Splunk SOAR's technical support and documentation are perceived as lacking, affecting troubleshooting and user onboarding.

Splunk SOAR Pros review quotes

SS

Manager cybersecurity at Hexion Inc.

Nov 11, 2025

Splunk SOAR has saved us a lot; monthly, around 300 hours of effort, it is saving with Splunk SOAR, and it has helped us where we were able to run the SOC operation with the less number of headcount versus what we used to do earlier.

Read full review

Advance Data Engineer(Cyber Security) at Novo Nordisk

Jan 19, 2026

In terms of time savings in threat responses, as a team, we save more than 30%, estimated around 30-40%.

Read full review

SN

Sravanakumar Nidamanooru

Identity and Access Management Specialist at a university with 10,001+ employees

Feb 22, 2026

Since deploying Splunk SOAR, there has been a notable reduction in time spent on monotonous security tasks, which I estimate to be around 95%, enabling my team to focus on more strategic initiatives.

Read full review

Free Report: Splunk SOAR Reviews and More

Learn what your peers think about Splunk SOAR. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.

893,221 professionals have used our research since 2012.

Cyber Security Network Security Engineer at Cirrus Logic

Sep 9, 2025

In terms of deployment, there were no issues. It was pretty seamless.

Read full review

System Engineer - Security Presales at Raya Integration

Oct 28, 2025

Splunk SOAR helps reduce my mean time to detect significantly and enhances it very well; it reduces the mean time to detect by approximately 70%.

Read full review

Global Head Of Security Architecture Digital & Technology at Aramex

Apr 16, 2026

I have saved much time thanks to Splunk SOAR's impact, where earlier, without autonomous monitoring, users took almost one day or two days; now, a twenty-four hour job is done in almost thirty minutes.

Read full review

Isaac Ogbonnaya

Cybersecurity Consultant at Nnamdi Azikiwe University

Mar 4, 2026

Over the years, Splunk SOAR has significantly improved our return on investment and I see great improvement.

Read full review

reviewer2798544

Senior Information Security Engineer at a tech company with 10,001+ employees

Jan 21, 2026

Splunk SOAR allows us to connect to multiple platforms, whether they are networks, security, or observability.

Read full review

Information System Security Officer at a manufacturing company with 10,001+ employees

Oct 10, 2025

Fortunately, the system helps to parse through these alerts and determine which ones are important and need further investigation.

Read full review

FR

Francisco JavierRomo

Strategic Account Executive at a computer software company with 51-200 employees

Oct 22, 2025

Splunk SOAR saves time in threat response, and the time to solve an incident is currently the best in the market.

Read full review

Show 10 more reviews (out of 57)

Splunk SOAR Cons review quotes

SS

Manager cybersecurity at Hexion Inc.

Nov 11, 2025

One thing that we would like to see with Splunk SOAR is the expandability to the threat intelligence feed.

Read full review

Advance Data Engineer(Cyber Security) at Novo Nordisk

Jan 19, 2026

I'd rate Splunk's technical support around five because compared to IBM QRadar, their support is much better. I feel Splunk should enhance their support, as it appears lacking, especially considering the costs associated with higher licenses.

Read full review

SN

Sravanakumar Nidamanooru

Identity and Access Management Specialist at a university with 10,001+ employees

Feb 22, 2026

While I appreciate Splunk SOAR, there are areas for improvement, notably regarding the CI/CD pipeline for playbook lifecycle management, as transitioning playbooks from development to production currently feels cumbersome and requires more manual effort than I would prefer.

Read full review

Free Report: Splunk SOAR Reviews and More

Learn what your peers think about Splunk SOAR. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.

893,221 professionals have used our research since 2012.

Cyber Security Network Security Engineer at Cirrus Logic

Sep 9, 2025

They should integrate Splunk Enterprise Security better into Splunk Cloud.

Read full review

System Engineer - Security Presales at Raya Integration

Oct 28, 2025

Splunk SOAR does not help me reduce my security event volume; in fact, it makes them massive.

Read full review

Global Head Of Security Architecture Digital & Technology at Aramex

Apr 16, 2026

From the improvement point of view regarding Splunk SOAR, I suggest including more types of LLM models such as autonomous AI models including Anthropic and Opus 4.6, as well as creating a playground for new users to work on these, which will significantly help solve complex problems and assist new companies in understanding how Splunk works easily.

Read full review

Isaac Ogbonnaya

Cybersecurity Consultant at Nnamdi Azikiwe University

Mar 4, 2026

I see room for improvement in Splunk SOAR regarding the learning curve, specifically breaking it down, as the Python side requires some technical knowledge.

Read full review

reviewer2798544

Senior Information Security Engineer at a tech company with 10,001+ employees

Jan 21, 2026

I think Splunk SOAR is a bit slow to catch up with the AI boom. Everyone is ingesting Copilots or some form of AI in their platforms, and Splunk SOAR doesn't have it yet.

Read full review

Information System Security Officer at a manufacturing company with 10,001+ employees

Oct 10, 2025

I'm not an expert on Splunk SOAR, but I'm sure our team members know what areas could be improved.

Read full review

FR

Francisco JavierRomo

Strategic Account Executive at a computer software company with 51-200 employees

Oct 22, 2025

There are areas where Splunk SOAR can continue to improve, particularly regarding the synchronization of information, as sometimes it takes longer than other tools.

Read full review

Show 10 more reviews (out of 57)

Product Categories

Product Categories

Security Orchestration Automation and Response (SOAR)

Popular Comparisons

Popular Comparisons

IBM Security QRadar vs Splunk SOAR

Microsoft Sentinel vs Splunk SOAR

Elastic Security vs Splunk SOAR

AWS Security Hub vs Splunk SOAR

Palo Alto Networks Cortex XSOAR vs Splunk SOAR

Torq vs Splunk SOAR

Exabeam vs Splunk SOAR

Stellar Cyber Open XDR vs Splunk SOAR

Sumo Logic Security vs Splunk SOAR

Logpoint vs Splunk SOAR

Tines vs Splunk SOAR

Google Security Operations vs Splunk SOAR

ThreatConnect Threat Intelligence Platform (TIP) vs Splunk SOAR

ServiceNow Security Operations vs Splunk SOAR

Fortinet FortiSOAR vs Splunk SOAR

See all alternatives

Product Categories

Product Categories

Security Orchestration Automation and Response (SOAR)

Popular Comparisons

Popular Comparisons

IBM Security QRadar vs Splunk SOAR

Microsoft Sentinel vs Splunk SOAR

Elastic Security vs Splunk SOAR

AWS Security Hub vs Splunk SOAR

Palo Alto Networks Cortex XSOAR vs Splunk SOAR

Torq vs Splunk SOAR

Exabeam vs Splunk SOAR

Stellar Cyber Open XDR vs Splunk SOAR

Sumo Logic Security vs Splunk SOAR

Logpoint vs Splunk SOAR

Tines vs Splunk SOAR

Google Security Operations vs Splunk SOAR

ThreatConnect Threat Intelligence Platform (TIP) vs Splunk SOAR

ServiceNow Security Operations vs Splunk SOAR

Fortinet FortiSOAR vs Splunk SOAR

See all alternatives

Related questions

45

Which Do You Recommend, Phantom or Demisto?

243

What are the Top 5 cybersecurity trends in 2022?

194

What is the difference between SIEM and SOAR platforms?

94

What is an incident response playbook and how is it used in SOAR?

64

What are the latest trends in Security Operations Center (SOC)?

162

What tools and solutions do you use for automated incident response in an enterprise in 2022?

69

How to evaluate SIEM detection rules?

66

Why a Security Operations Center (SOC) is important?

97

What types of Security Operations Center (SOC) deployment models do exist?

174

Why is Security Orchestration Automation and Response (SOAR) important for companies?