# Best Enterprise Security Orchestration, Automation, and Response (SOAR) Software

*By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)*


Products classified in the overall Security Orchestration, Automation, and Response (SOAR) category are similar in many regards and help companies of all sizes solve their business problems. However, enterprise business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Enterprise Business Security Orchestration, Automation, and Response (SOAR) to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2&#39;s buying advisors to find the right solutions within the Enterprise Business Security Orchestration, Automation, and Response (SOAR) category.

In addition to qualifying for inclusion in the Security Orchestration, Automation, and Response (SOAR) Software category, to qualify for inclusion in the Enterprise Business Security Orchestration, Automation, and Response (SOAR) Software category, a product must have at least 10 reviews left by a reviewer from an enterprise business.






## G2 Grid® for Security Orchestration, Automation, and Response (SOAR) Software
![G2 Grid® for Security Orchestration, Automation, and Response (SOAR) Software plotting products by satisfaction and market presence](https://www.g2.com/categories/security-orchestration-automation-and-response-soar/grids.png?focus%5B%5D=98376&focus%5B%5D=122123&focus%5B%5D=55254&focus%5B%5D=58203&focus%5B%5D=130803&focus%5B%5D=30500&focus%5B%5D=139264&focus%5B%5D=1430041)
Highlighted products: Tines, Microsoft Sentinel, ServiceNow Security Operations, Check Point Infinity Platform, Palo Alto Networks Cortex XSOAR, Google Security Operations, KnowBe4 PhishER/PhishER Plus, and Palo Alto Cortex XSIAM.
Underlying data: [Grid® JSON](https://www.g2.com/categories/security-orchestration-automation-and-response-soar/grids.json?focus%5B%5D=tines&amp;focus%5B%5D=microsoft-sentinel&amp;focus%5B%5D=servicenow-security-operations&amp;focus%5B%5D=check-point-infinity-platform&amp;focus%5B%5D=palo-alto-networks-cortex-xsoar&amp;focus%5B%5D=google-security-operations&amp;focus%5B%5D=knowbe4-phisher-phisher-plus&amp;focus%5B%5D=palo-alto-cortex-xsiam&amp;segment=enterprise)


## How Many Security Orchestration, Automation, and Response (SOAR) Software Products Does G2 Track?
**Total Products under this Category:** 80

### Category Stats (Jul 2026)
- **Average Rating**: 4.53/5 The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: Forescout Platform (+0.74%) - Among all products in this category, Forescout Platform recorded the largest rating increase compared to last month
*Last updated: July 17, 2026*


## How Does G2 Rank Security Orchestration, Automation, and Response (SOAR) Software Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 3,400+ Authentic Reviews
- 80+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.



---

**Sponsored**

### IRONSCALES

IRONSCALES is a cloud-native email security platform that helps enterprises and MSPs close gaps with mailbox-level detection, autonomous remediation, and built-in user training. It combines AI and human insights that continuously learn from user behavior, message context, and analyst feedback to identify advanced threats like BEC, account takeovers, impersonation, and other advanced phishing attacks. IRONSCALES is headquartered in Atlanta, Georgia and is proud to serve more than 17,000 customers globally. IRONSCALES leverages adaptive AI and its Agentic AI engine, Themis, to drive autonomous, mailbox-level remediation with customizable automation. Smart clustering, context-driven decisioning, and user-reported inputs enable Themis to remediate threats in real time while preserving analyst oversight and control. Designed for rapid deployment via API, IRONSCALES integrates with existing security stacks without requiring MX record changes. To reduce risk, improve SOC efficiency, and support a proactive security culture, its comprehensive capabilities also include: - Phishing Simulations - Security Awareness Training - DMARC management - Deepfake Live Protection - Generative AI tools



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=2178&amp;secure%5Bchosen_at%5D=2026-07-17T13%3A05%3A50Z&amp;secure%5Bdisplayable_resource_id%5D=1011413&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=neighbor_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=1011413&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=127324&amp;secure%5Bresource_id%5D=2178&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fsecurity-orchestration-automation-and-response-soar%2Fenterprise&amp;secure%5Btoken%5D=0bf16c3c2e2bae07ab671346278947c7a7768e3e95592412240a973555e09389&amp;secure%5Burl%5D=https%3A%2F%2Fsecure.ironscales.com%2F90-day-scan-back%3Futm_source%3Dg2%26utm_medium%3Daffiliate%26utm_campaign%3Dg2-ads&amp;secure%5Burl_type%5D=custom_url)

---

## What Are the Top-Rated Security Orchestration, Automation, and Response (SOAR) Software Products in 2026?
### 1. [Tines](https://www.g2.com/products/tines/reviews)
Tines is the intelligent workflow platform trusted by the world&#39;s most advanced organizations. Companies like Coinbase, Databricks, Mars, Reddit, and SAP use Tines to power their most important workflows. With Tines, they’ve built a secure, flexible foundation to operationalize AI agents and intelligent workflows, unlocking productivity, moving faster, and future-proofing how work gets done. You can start building right away, by signing up for our always-free Community Edition and importing one of our pre-built workflows from the library.


**Average Rating:** 4.7/5.0
**Total Reviews:** 396
**How Do G2 Users Rate Tines?**

- **Automated Remediation:** 9.3/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.6/10 (Category avg: 9.0/10)
- **Ease of Admin:** 9.2/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.6/10 (Category avg: 8.8/10)

**Who Is the Company Behind Tines?**

- **Seller:** [Tines](https://www.g2.com/sellers/tines)
- **Company Website:** https://www.tines.com/
- **Year Founded:** 2018
- **HQ Location:** Dublin, IE
- **LinkedIn® Page:** https://www.linkedin.com/company/tines-io/ (568 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Engineer, Software Engineer
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 39% Mid-Market, 36% Enterprise


#### What Are Tines's Pros and Cons?

**Pros:**

- Ease of Use (49 reviews)
- Automation (38 reviews)
- Customer Support (31 reviews)
- Easy Integrations (22 reviews)
- Integrations (22 reviews)

**Cons:**

- Missing Features (10 reviews)
- Learning Curve (9 reviews)
- Lack of Features (8 reviews)
- Expensive (7 reviews)
- Complexity (6 reviews)


### What Do G2 Reviewers Say About Tines?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Tines, enabling efficient automation without requiring extensive technical knowledge.
- Users find Tines makes **automation effortless** , enabling easy task handling without requiring coding skills.
- Users praise Tines for their **exceptional customer support** , providing fast, friendly, and effective assistance anytime it’s needed.
- Users value the **easy integrations** of Tines, enabling quick and effective automation without coding skills.
- Users praise Tines for its **seamless integrations** and robust support, enabling efficient workflow automation with ease.

**Cons:**

- Users find Tines lacks essential features, notably a robust **IDE and code review capabilities** , affecting workflow efficiency.
- Users experience a **steep learning curve** with Tines, requiring deep understanding for effective automation and customization.
- Users find the **lack of advanced features** in Tines hampers their ability to create complex workflows effectively.
- Users find Tines **expensive** , particularly for smaller teams, due to its rigid pricing model and limited ticketing features.
- Users find the **learning curve and complexity** challenging, making it hard to fully utilize Tines&#39; capabilities.

#### What Are Recent G2 Reviews of Tines?

**"[AI orchestration with Drag-and-Drop development tool](https://www.g2.com/survey_responses/tines-review-12620879)"**

**Rating:** 4.5/5.0 stars
*— Dinesh  K.*

[Read full review](https://www.g2.com/survey_responses/tines-review-12620879)

---

**"[Streamlined Automation, Minimal Coding Required](https://www.g2.com/survey_responses/tines-review-12640960)"**

**Rating:** 5.0/5.0 stars
*— Shubham B.*

[Read full review](https://www.g2.com/survey_responses/tines-review-12640960)

---


#### What Are G2 Users Discussing About Tines?

- [How do you use Tines?](https://www.g2.com/discussions/how-do-you-use-tines)
- [Is tines a soar?](https://www.g2.com/discussions/is-tines-a-soar) - 1 comment
- [What does Tines do?](https://www.g2.com/discussions/what-does-tines-do) - 1 comment
- [What is Tines automation?](https://www.g2.com/discussions/what-is-tines-automation) - 2 comments

### 2. [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews)
Microsoft Sentinel lets you see and stop threats before they cause harm, with SIEM reinvented for a modern world. Microsoft Sentinel is your birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make your threat detection and response smarter and faster with artificial intelligence (AI). Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can: - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft -Respond to incidents rapidly with built-in orchestration and automation of common tasks


**Average Rating:** 4.4/5.0
**Total Reviews:** 273
**How Do G2 Users Rate Microsoft Sentinel?**

- **Automated Remediation:** 8.7/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.5/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.3/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.4/10 (Category avg: 8.8/10)

**Who Is the Company Behind Microsoft Sentinel?**

- **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft)
- **Year Founded:** 1975
- **HQ Location:** Redmond, Washington
- **Twitter:** @microsoft (13,091,739 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (231,632 employees on LinkedIn®)
- **Ownership:** MSFT

**Who Uses This Product?**
- **Who Uses This:** Senior Software Engineer, Security Analyst
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 42% Enterprise, 31% Mid-Market


#### What Are Microsoft Sentinel's Pros and Cons?

**Pros:**

- Real-time Monitoring (27 reviews)
- Alerting (23 reviews)
- Dashboard Usability (21 reviews)
- Response Time (16 reviews)
- Data Management (15 reviews)

**Cons:**

- Cloud Dependency (12 reviews)
- Complex Configuration (12 reviews)
- Configuration Issues (11 reviews)
- Difficult Setup (10 reviews)
- Poor Interface Design (9 reviews)


### What Do G2 Reviewers Say About Microsoft Sentinel?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **real-time monitoring** of Microsoft Sentinel, enhancing their ability to quickly respond to security threats.
- Users value the **automated alert response** of Microsoft Sentinel, providing peace of mind with centralized security monitoring.
- Users value the **seamless dashboard usability** of Microsoft Sentinel, facilitating intuitive security management and comprehensive monitoring.
- Users value the **fast and secure threat response** of Microsoft Sentinel, enhancing overall security and risk management.
- Users benefit from the **seamless data management** of Microsoft Sentinel, enhancing workflow and ensuring comprehensive security analytics.

**Cons:**

- Users express concerns about **cloud dependency** , particularly regarding connectivity issues with low-speed internet and commercial reliance.
- Users find the **complex configuration** of Microsoft Sentinel challenging, requiring advanced technical skills for effective setup and use.
- Users face **configuration issues** with Microsoft Sentinel, requiring technical expertise and time for effective setup.
- Users find the **difficult setup** of Microsoft Sentinel challenging without dedicated security experts and proper training.
- Users struggle with the **poor interface design** of Microsoft Sentinel, making navigation and understanding features difficult.

#### What Are Recent G2 Reviews of Microsoft Sentinel?

**"[Easy Log Ingestion Across Formats with Seamless Sentinel Integrations](https://www.g2.com/survey_responses/microsoft-sentinel-review-13073395)"**

**Rating:** 4.5/5.0 stars
*— Sandip K.*

[Read full review](https://www.g2.com/survey_responses/microsoft-sentinel-review-13073395)

---

**"[Strong Centralized Visibility and Scalable Detection for Faster SOC Response](https://www.g2.com/survey_responses/microsoft-sentinel-review-12823175)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/microsoft-sentinel-review-12823175)

---


#### What Are G2 Users Discussing About Microsoft Sentinel?

- [What is Microsoft Sentinel used for?](https://www.g2.com/discussions/what-is-microsoft-sentinel-used-for) - 3 comments, 2 upvotes
- [Why should I use Azure Sentinel?](https://www.g2.com/discussions/why-should-i-use-azure-sentinel) - 1 comment
- [Which feature provides the extended detection and response capabilities of Azure Sentinel?](https://www.g2.com/discussions/which-feature-provides-the-extended-detection-and-response-capabilities-of-azure-sentinel)
- [What is the difference between Azure security Center and Azure Sentinel?](https://www.g2.com/discussions/what-is-the-difference-between-azure-security-center-and-azure-sentinel)
- [What does Azure Sentinel provide?](https://www.g2.com/discussions/what-does-azure-sentinel-provide)

### 3. [ServiceNow Security Operations](https://www.g2.com/products/servicenow-security-operations/reviews)
ServiceNow Security Operations is a sophisticated software solution designed to enhance threat and vulnerability management as well as incident response for organizations. By leveraging artificial intelligence, this platform empowers security teams to operate more efficiently and effectively, allowing for streamlined collaboration across IT, security, and risk management departments. The primary goal of ServiceNow Security Operations is to simplify complex security processes while minimizing risks associated with cybersecurity threats. Targeted at security teams within organizations of various sizes, ServiceNow Security Operations addresses the need for a cohesive approach to managing security incidents and vulnerabilities. It is particularly beneficial for organizations that utilize multiple security tools, as it integrates security and vulnerability data from these existing systems. This integration enables teams to respond to threats more rapidly by automating critical workflows and processes, thus reducing the manual effort traditionally required in incident response. Key features of ServiceNow Security Operations include intelligent workflows that automate routine tasks, allowing security professionals to focus on more strategic initiatives. The platform’s AI-driven capabilities facilitate the automatic correlation of threat intelligence from diverse sources, such as the MITRE ATT&amp;CK framework. This feature enhances situational awareness and enables teams to prioritize threats effectively based on real-time data. Additionally, the ability to take action within other security or IT management tools from a centralized console streamlines operations, ensuring that teams can respond to incidents without unnecessary delays. Moreover, the use of digital security workflows and orchestration significantly accelerates tasks such as analysis, prioritization, and remediation. By automating these processes, organizations can not only improve their response times but also enhance their overall cybersecurity posture. The integration of AI-driven automation within the ServiceNow AI Platform® further strengthens the platform&#39;s capabilities, enabling organizations to drive cyber resilience and reduce their exposure to potential threats. In summary, ServiceNow Security Operations is a comprehensive solution that addresses the complexities of modern cybersecurity challenges. By automating and simplifying threat and vulnerability management, it empowers security teams to respond more effectively, thereby enhancing the overall security framework of an organization.


**Average Rating:** 4.4/5.0
**Total Reviews:** 70
**How Do G2 Users Rate ServiceNow Security Operations?**

- **Automated Remediation:** 8.8/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.5/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.3/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.5/10 (Category avg: 8.8/10)

**Who Is the Company Behind ServiceNow Security Operations?**

- **Seller:** [ServiceNow](https://www.g2.com/sellers/servicenow)
- **Company Website:** https://www.servicenow.com/
- **Year Founded:** 2004
- **HQ Location:** Santa Clara, CA
- **Twitter:** @servicenow (55,548 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/29352/ (35,081 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 50% Enterprise, 22% Mid-Market


#### What Are ServiceNow Security Operations's Pros and Cons?

**Pros:**

- Integration Capabilities (11 reviews)
- Integration Support (10 reviews)
- Ease of Use (9 reviews)
- Integrations (8 reviews)
- Incident Management (7 reviews)

**Cons:**

- Difficult Setup (4 reviews)
- Integration Issues (4 reviews)
- Licensing Issues (3 reviews)
- Complexity (2 reviews)
- Difficult Customization (2 reviews)


### What Do G2 Reviewers Say About ServiceNow Security Operations?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **integration capabilities** of ServiceNow Security Operations, enabling seamless connections with essential third-party tools.
- Users value the **remarkable integration capabilities** of ServiceNow Security Operations, enhancing incident management and data processing efficiency.
- Users appreciate the **ease of use** of ServiceNow Security Operations, enhancing productivity with seamless integration and setup.
- Users value the **robust integration capabilities** of ServiceNow Security Operations, enhancing workflow and incident management efficiency.
- Users appreciate the **end-to-end incident management** capabilities in ServiceNow, making it a comprehensive security solution.

**Cons:**

- Users find the **difficult setup** of ServiceNow Security Operations a barrier, impacting overall usability and cost-effectiveness.
- Users face **integration issues** , struggling with field mapping, initial setup, and documentation, affecting overall usability.
- Users find the **restrictive licensing issues** limiting for playbooks, impacting remediation efficiency and security operations.
- Users face **complexity in building playbooks** within ServiceNow Security Operations, finding the process challenging and costly.
- Users find **difficult customization** in ServiceNow Security Operations hinders their ability to effectively build playbooks.

#### What Are Recent G2 Reviews of ServiceNow Security Operations?

**"[Strong platform for centralized security operations and incident response](https://www.g2.com/survey_responses/servicenow-security-operations-review-12737410)"**

**Rating:** 4.5/5.0 stars
*— Dharamveer p.*

[Read full review](https://www.g2.com/survey_responses/servicenow-security-operations-review-12737410)

---

**"[Unifies Security and IT with Efficient Threat Response and Automation](https://www.g2.com/survey_responses/servicenow-security-operations-review-13059971)"**

**Rating:** 5.0/5.0 stars
*— Anshul S.*

[Read full review](https://www.g2.com/survey_responses/servicenow-security-operations-review-13059971)

---


#### What Are G2 Users Discussing About ServiceNow Security Operations?

- [What is ServiceNow sir?](https://www.g2.com/discussions/what-is-servicenow-sir)
- [What is service now in cyber security?](https://www.g2.com/discussions/what-is-service-now-in-cyber-security)
- [What are the typical functions of the Security Operations Center SOC analysts?](https://www.g2.com/discussions/what-are-the-typical-functions-of-the-security-operations-center-soc-analysts)
- [What can ServiceNow security operations do?](https://www.g2.com/discussions/what-can-servicenow-security-operations-do)

### 4. [Check Point Infinity Platform](https://www.g2.com/products/check-point-infinity-platform/reviews)
Check Point Infinity is the only fully consolidated cyber security architecture that provides unprecedented protection against Gen V mega-cyber attacks as well as future cyber threats across all networks, endpoint, cloud and mobile. The architecture is designed to resolve the complexities of growing connectivity and inefficient security.


**Average Rating:** 4.6/5.0
**Total Reviews:** 109
**How Do G2 Users Rate Check Point Infinity Platform?**

- **Quality of Support:** 8.8/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.6/10 (Category avg: 8.5/10)

**Who Is the Company Behind Check Point Infinity Platform?**

- **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies)
- **Year Founded:** 1993
- **HQ Location:** Redwood City, CA
- **Twitter:** @CheckPointSW (70,955 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,554 employees on LinkedIn®)
- **Ownership:** NASDAQ:CHKP

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 44% Enterprise, 37% Mid-Market


#### What Are Check Point Infinity Platform's Pros and Cons?

**Pros:**

- Cloud Security (20 reviews)
- Cloud Integration (16 reviews)
- Detection (16 reviews)
- Comprehensive Security (14 reviews)
- Cloud Services (13 reviews)

**Cons:**

- Learning Curve (10 reviews)
- Complexity (6 reviews)
- Improvement Needed (6 reviews)
- Poor Support Services (6 reviews)
- Limited Customization (5 reviews)


### What Do G2 Reviewers Say About Check Point Infinity Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **advanced security features** of Check Point Infinity Platform, ensuring robust protection against future attacks.
- Users appreciate the **cloud security features** of Check Point Infinity Platform, ensuring efficient security audits and infrastructure assessment.
- Users value the **proactive threat detection** features of Check Point Infinity Platform, enhancing security for cloud applications.
- Users value the **comprehensive security** features of Check Point Infinity Platform, ensuring robust protection against cloud threats.
- Users appreciate the **advanced cloud security features** of Check Point Infinity Platform, ensuring robust protection against future attacks.

**Cons:**

- Users find the **steep learning curve** challenging due to complex setup and lack of comprehensive documentation.
- Users find the **complexity** of the Check Point Infinity Platform&#39;s settings and documentation can hinder usability and efficiency.
- Users find that **improvement is needed** in support and visibility of native servers in Check Point logs.
- Users find **poor support services** detrimental, highlighting the need for improved customer assistance and log visibility.
- Users face **limited customization** options for rulesets and metrics, making detailed assessments challenging.

#### What Are Recent G2 Reviews of Check Point Infinity Platform?

**"[Excellent option  Harmony Platform for security central](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11868343)"**

**Rating:** 4.5/5.0 stars
*— Tania V.*

[Read full review](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11868343)

---

**"[Seamless Hybrid Security Integration Across All Environments](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11954684)"**

**Rating:** 4.5/5.0 stars
*— Sonu S.*

[Read full review](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11954684)

---


#### What Are G2 Users Discussing About Check Point Infinity Platform?

- [How does Check Point Infinity help customers?](https://www.g2.com/discussions/how-does-check-point-infinity-help-customers)
- [What are the benefits of Check Point unified security architecture?](https://www.g2.com/discussions/what-are-the-benefits-of-check-point-unified-security-architecture)
- [What are the 4 components of the Infinity architecture?](https://www.g2.com/discussions/what-are-the-4-components-of-the-infinity-architecture)
- [What is Infinity Total protection?](https://www.g2.com/discussions/what-is-infinity-total-protection)

### 5. [Palo Alto Networks Cortex XSOAR](https://www.g2.com/products/palo-alto-networks-cortex-xsoar/reviews)
Palo Alto Networks&#39; Cortex XSOAR is a comprehensive Security Orchestration, Automation, and Response (SOAR) platform designed to streamline and enhance security operations. By integrating automation, case management, real-time collaboration, and threat intelligence management, Cortex XSOAR empowers security teams to respond to incidents more efficiently and effectively. Key Features and Functionality: - Process Standardization and Automation: Cortex XSOAR offers over 270 out-of-the-box playbooks, enabling the automation of numerous security use cases. These playbooks orchestrate response actions across more than 350 third-party products, facilitating seamless integration and operational consistency. - Security-Focused Case Management: The platform unifies alerts, incidents, and indicators from various sources into a single case management framework. This consolidation accelerates incident response by providing a comprehensive view of security events. - Real-Time Collaboration: Cortex XSOAR includes a Virtual War Room equipped with built-in ChatOps and a command-line interface. This feature allows security teams to collaborate in real time, execute commands across the entire product stack, and manage incidents more effectively. - Threat Intelligence Management: The platform aggregates disparate threat intelligence sources, customizes and scores feeds, and matches indicators against the organization&#39;s specific environment. This capability enables security teams to take informed actions swiftly. Primary Value and Problem Solving: Cortex XSOAR addresses the challenges faced by security teams, such as the overwhelming volume of alerts and the need for rapid incident response. By automating repetitive tasks and standardizing processes, the platform reduces the time spent on incidents by up to 90%, allowing analysts to focus on critical threats. The integration of threat intelligence management with SOAR capabilities ensures that organizations can operationalize threat feeds effectively, enhancing their overall security posture. Additionally, the platform&#39;s extensive integration ecosystem, with over 360 third-party integrations, enables organizations to orchestrate complex workflows across their existing security infrastructure without extensive custom development.


**Average Rating:** 4.6/5.0
**Total Reviews:** 28
**How Do G2 Users Rate Palo Alto Networks Cortex XSOAR?**

- **Automated Remediation:** 9.0/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.5/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.9/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.9/10 (Category avg: 8.8/10)

**Who Is the Company Behind Palo Alto Networks Cortex XSOAR?**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,951 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (22,313 employees on LinkedIn®)
- **Ownership:** NYSE: PANW

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security
- **Company Size:** 50% Enterprise, 32% Mid-Market


#### What Are Palo Alto Networks Cortex XSOAR's Pros and Cons?

**Pros:**

- Incident Management (3 reviews)
- User Interface (2 reviews)
- Accuracy of Information (1 reviews)
- Automation (1 reviews)
- Customer Support (1 reviews)

**Cons:**

- Learning Curve (2 reviews)
- Limited Customization (1 reviews)
- Logging Issues (1 reviews)
- Log Management Issues (1 reviews)
- Poor Reporting (1 reviews)


### What Do G2 Reviewers Say About Palo Alto Networks Cortex XSOAR?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **powerful automation** capabilities of Cortex XSOAR, enhancing incident response efficiency and customization.
- Users enjoy the **great UI** of Palo Alto Networks Cortex XSOAR, which enhances usability and customization significantly.
- Users admire the **accuracy of information** in Palo Alto Networks Cortex XSOAR, enhancing safety and efficiency in operations.
- Users value the **powerful automation** capabilities of Cortex XSOAR for efficient incident response management.
- Users appreciate the **direct customer support** of Palo Alto Networks Cortex XSOAR, enhancing their overall experience.

**Cons:**

- Users find the **learning curve steep** , requiring significant time and effort to effectively manage Cortex XSOAR&#39;s complexities.
- Users feel that the **limited customization** options hinder the overall reporting experience in Cortex XSOAR.
- Users find **logging issues** arise from hard-to-read data logs that require opening in a new tab for clarity.
- Users find **log management issues** frustrating, as reading data logs quickly is challenging due to window size limitations.
- Users find the **reporting lacking** and desire enhanced customization options for a better experience.

#### What Are Recent G2 Reviews of Palo Alto Networks Cortex XSOAR?

**"[Powerful Tool with Clean Data and Seamless Integrations](https://www.g2.com/survey_responses/palo-alto-networks-cortex-xsoar-review-11967977)"**

**Rating:** 5.0/5.0 stars
*— Pablo V.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-networks-cortex-xsoar-review-11967977)

---

**"[Unlocking Security Operations automation with Cortex XSOAR](https://www.g2.com/survey_responses/palo-alto-networks-cortex-xsoar-review-10447892)"**

**Rating:** 5.0/5.0 stars
*— Jai P.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-networks-cortex-xsoar-review-10447892)

---


#### What Are G2 Users Discussing About Palo Alto Networks Cortex XSOAR?

- [What is Palo Alto Networks Cortex XSOAR used for?](https://www.g2.com/discussions/what-is-palo-alto-networks-cortex-xsoar-used-for)

### 6. [Google Security Operations](https://www.g2.com/products/google-security-operations/reviews)
Google Security Operations offers a unified experience across SIEM, SOAR, and threat intelligence to drive better detection, investigation, and response. Collect security telemetry data, apply threat intel to identify high priority threats, drive response with playbook automation, case management, and collaboration. It also provides Gemini-native agentic defense to help autonomously handle workflows like alert triage, threat hunting, and detection engineering. Google Security Operations also supports AI Threat Defense to monitor, detect, and respond to threats from code you do not own or cannot patch.


**Average Rating:** 4.4/5.0
**Total Reviews:** 47
**How Do G2 Users Rate Google Security Operations?**

- **Automated Remediation:** 9.8/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.3/10 (Category avg: 9.0/10)
- **Ease of Admin:** 7.8/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.8/10 (Category avg: 8.8/10)

**Who Is the Company Behind Google Security Operations?**

- **Seller:** [Google](https://www.g2.com/sellers/google)
- **Year Founded:** 1998
- **HQ Location:** Mountain View, CA
- **Twitter:** @google (31,899,995 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1441/ (341,888 employees on LinkedIn®)
- **Ownership:** NASDAQ:GOOG

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 42% Enterprise, 39% Mid-Market


#### What Are Google Security Operations's Pros and Cons?

**Pros:**

- Security (8 reviews)
- Ease of Use (6 reviews)
- Threat Detection (5 reviews)
- Comprehensive Security (3 reviews)
- Easy Integrations (3 reviews)

**Cons:**

- Expensive (6 reviews)
- Learning Curve (4 reviews)
- Complexity (3 reviews)
- Learning Difficulty (2 reviews)
- Limited Customization (2 reviews)


### What Do G2 Reviewers Say About Google Security Operations?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **excellent cybersecurity features** of Google Security Operations, appreciating its ease of use and scalability.
- Users find Google Security Operations to be **very easy to use** , effectively detecting threats with seamless integration.
- Users appreciate the **efficient threat detection** capabilities of Google Security Operations, enhancing security and response times.
- Users value the **comprehensive security** features of Google Security Operations for effective threat detection and response.
- Users value the **easy integrations** of Google Security Operations, enhancing their overall security management experience.

**Cons:**

- Users find Google Security Operations to be **costly and complex** , posing challenges for both setup and ongoing maintenance.
- Users report a **steep learning curve** with Google Security Operations, making effective utilization challenging for some organizations.
- Users find the **implementation complexity** of Google Security Operations challenging, requiring time and resources for effective use.
- Users find the **learning difficulty** of Google Security Operations to be a barrier due to complex features and configuration.
- Users find **limited customization** in Google Security Operations hinders adaptability and affects overall user experience.

#### What Are Recent G2 Reviews of Google Security Operations?

**"[Google SecOps: Intuitive UI and Powerful AI-Driven Detection with Gemini](https://www.g2.com/survey_responses/google-security-operations-review-11259633)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Insurance*

[Read full review](https://www.g2.com/survey_responses/google-security-operations-review-11259633)

---

**"[Fast, Scalable Platform That Speeds Up Security Investigations](https://www.g2.com/survey_responses/google-security-operations-review-12789503)"**

**Rating:** 4.5/5.0 stars
*— Ankith T.*

[Read full review](https://www.g2.com/survey_responses/google-security-operations-review-12789503)

---



### 7. [KnowBe4 PhishER/PhishER Plus](https://www.g2.com/products/knowbe4-phisher-phisher-plus/reviews)
KnowBe4 PhishER Plus delivers automated incident response to eliminate SOC noise and remediate malicious emails across your organization simultaneously. It leverages AI to categorize reported messages across email and Microsoft Teams, automatically responding to reporters, flagging high-risk messages, and removing threats across all mailboxes. SOC teams can even flip malicious messages into training simulations to see who would have fallen victim. Customers report saving upwards of 99% of triage time, highly praising the platform&#39;s intuitive, user-friendly interface that transforms overwhelming manual workflows into fast, consistent actions. This layer of defense reviews threats slipping past other security layers, offering a single pane of glass view with leading third-party integrations like CrowdStrike, Webroot, and VirusTotal. PhishER Plus turns manual email triaging into a proactive, automated security posture.


**Average Rating:** 4.5/5.0
**Total Reviews:** 567
**How Do G2 Users Rate KnowBe4 PhishER/PhishER Plus?**

- **Automated Remediation:** 8.7/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.2/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.9/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.6/10 (Category avg: 8.8/10)

**Who Is the Company Behind KnowBe4 PhishER/PhishER Plus?**

- **Seller:** [KnowBe4, Inc.](https://www.g2.com/sellers/knowbe4-inc)
- **Company Website:** https://www.knowbe4.com
- **Year Founded:** 2010
- **HQ Location:** Clearwater, FL
- **Twitter:** @KnowBe4 (16,161 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2225282/ (2,606 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** IT Manager, Director of IT
- **Top Industries:** Financial Services, Primary/Secondary Education
- **Company Size:** 75% Mid-Market, 13% Enterprise


#### What Are KnowBe4 PhishER/PhishER Plus's Pros and Cons?

**Pros:**

- Phishing Prevention (42 reviews)
- Email Security (25 reviews)
- Automation (19 reviews)
- Ease of Use (18 reviews)
- Security (15 reviews)

**Cons:**

- Email Management (8 reviews)
- False Positives (8 reviews)
- Ineffective Email Security (8 reviews)
- Inefficient Automation (6 reviews)
- Setup Difficulty (6 reviews)


### What Do G2 Reviewers Say About KnowBe4 PhishER/PhishER Plus?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **effective phishing tests** and monitoring features of KnowBe4 PhishER, enhancing overall security awareness.
- Users appreciate the **Email Security features** of KnowBe4 PhishER for proactively managing email threats effectively.
- Users value the **automation of email triage** , enhancing efficiency in identifying and managing phishing threats effectively.
- Users value the **ease of use** of KnowBe4 PhishER, enhancing the efficiency of spam email triage and reporting.
- Users value the **security features** of KnowBe4 PhishER, enhancing safety while minimizing administrative workload.

**Cons:**

- Users experience issues with **email management** , as emails often end up in Junk folders or lack troubleshooting clarity.
- Users experience frequent **false positives** , complicating automation and demanding ongoing manual review for better accuracy.
- Users note **ineffective email security** , as phishing emails often bypass inbox and remain in junk folders, complicating management.
- Users find the **inefficient automation** problematic, requiring manual intervention and lacking consistent detection for phishing campaigns.
- Users find the **setup difficult** , requiring time and careful understanding before fully utilizing PhishER/PhishER Plus.

#### What Are Recent G2 Reviews of KnowBe4 PhishER/PhishER Plus?

**"[PhishER Simplifies Phishing Review and Stops Threats Organization-Wide](https://www.g2.com/survey_responses/knowbe4-phisher-phisher-plus-review-13078008)"**

**Rating:** 5.0/5.0 stars
*— Weston G.*

[Read full review](https://www.g2.com/survey_responses/knowbe4-phisher-phisher-plus-review-13078008)

---

**"[User friendly and great support!](https://www.g2.com/survey_responses/knowbe4-phisher-phisher-plus-review-7661687)"**

**Rating:** 4.0/5.0 stars
*— Scott W.*

[Read full review](https://www.g2.com/survey_responses/knowbe4-phisher-phisher-plus-review-7661687)

---


#### What Are G2 Users Discussing About KnowBe4 PhishER/PhishER Plus?

- [What is phishing explain with example?](https://www.g2.com/discussions/what-is-phishing-explain-with-example)
- [Is KnowBe4 com legit?](https://www.g2.com/discussions/is-knowbe4-com-legit) - 2 comments
- [What is KnowBe4 Phish?](https://www.g2.com/discussions/what-is-knowbe4-phish) - 1 comment
- [What is a PhishER&#39;s tool?](https://www.g2.com/discussions/what-is-a-phisher-s-tool) - 4 comments

### 8. [Palo Alto Cortex XSIAM](https://www.g2.com/products/palo-alto-cortex-xsiam/reviews)
Product Description: Palo Alto Networks&#39; Cortex XSIAM is an AI-driven security operations platform designed to transform traditional Security Operations Centers by integrating and automating key functions such as data centralization, threat detection, and incident response. By leveraging machine learning and automation, it enables organizations to detect and respond to threats more efficiently, reducing manual workloads and improving overall security posture. Key Features and Functionality: - Data Centralization: Aggregates data from various sources into a unified platform, providing comprehensive visibility across the enterprise. - AI-Powered Threat Detection: Utilizes machine learning algorithms to identify anomalies and potential threats in real-time. - Automated Incident Response: Streamlines response processes through automation, enabling rapid mitigation of security incidents. - Integrated SOC Capabilities: Combines functions such as Extended Detection and Response , Security Orchestration, Automation, and Response , Attack Surface Management , and Security Information and Event Management into a cohesive platform, eliminating the need for multiple disparate tools. - Scalability: Designed to handle large volumes of data and adapt to the evolving needs of modern enterprises. Primary Value and Problem Solved: Cortex XSIAM addresses the challenges of disjointed data, weak threat defense, and heavy reliance on manual work in traditional SOCs. By centralizing data and automating security operations, it simplifies processes, enhances threat detection accuracy, and accelerates incident response times. This transformation enables organizations to proactively outpace threats, reduce operational costs, and achieve a more robust security posture.


**Average Rating:** 4.4/5.0
**Total Reviews:** 64
**How Do G2 Users Rate Palo Alto Cortex XSIAM?**

- **Automated Remediation:** 7.3/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.1/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.0/10 (Category avg: 8.5/10)
- **Workflow Automation:** 7.5/10 (Category avg: 8.8/10)

**Who Is the Company Behind Palo Alto Cortex XSIAM?**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Company Website:** https://www.paloaltonetworks.com
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,951 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (22,313 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 49% Enterprise, 29% Mid-Market


#### What Are Palo Alto Cortex XSIAM's Pros and Cons?

**Pros:**

- Log Management (13 reviews)
- Dashboard Design (11 reviews)
- Real-time Monitoring (11 reviews)
- Simple (11 reviews)
- Dashboard Customization (9 reviews)

**Cons:**

- Resource Intensive (9 reviews)
- Complex Setup (8 reviews)
- Cost (7 reviews)
- Dashboard Issues (7 reviews)
- Difficult Setup (7 reviews)


### What Do G2 Reviewers Say About Palo Alto Cortex XSIAM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight **best-in-class log management** and effective alerting features, enhancing the overall usability and integration.
- Users appreciate the **user-friendly dashboards** of Palo Alto Cortex XSIAM, highlighting ease of understanding alerts and metrics.
- Users value the **real-time monitoring** capabilities of Palo Alto Cortex XSIAM, enhancing threat detection and response efficiency.
- Users appreciate the **user-friendly interface** of Palo Alto Cortex XSIAM, making monitoring and deployment seamless and efficient.
- Users appreciate the **good dashboard customization** in Palo Alto Cortex XSIAM, citing ease of use and integration.

**Cons:**

- Users find the solution **resource intensive** , increasing costs and complicating implementation due to high hardware requirements.
- Users find the **complex implementation** of Palo Alto Cortex XSIAM time-consuming and resource-intensive, requiring significant technical expertise.
- Users find the **cost** of Palo Alto Cortex XSIAM to be higher than competitors, impacting affordability for smaller companies.
- Users report **dashboard issues** that hinder monitoring and create a messy interface, impacting usability and visibility.
- Users struggle with the **difficult setup** of Palo Alto Cortex XSIAM, finding it complex and time-consuming for implementation.

#### What Are Recent G2 Reviews of Palo Alto Cortex XSIAM?

**"[Streamlines Security Operations with Automation](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-13067964)"**

**Rating:** 4.0/5.0 stars
*— Ronald D.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-13067964)

---

**"[Palo Alto Cortex XSIAM Streamlines SOC Work with Smart Noise Reduction and Automation](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-12626074)"**

**Rating:** 5.0/5.0 stars
*— Rohan K.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-12626074)

---


#### What Are G2 Users Discussing About Palo Alto Cortex XSIAM?

- [What is IBM Security ReaQta used for?](https://www.g2.com/discussions/what-is-ibm-security-reaqta-used-for)
- [What does QRadar stand for?](https://www.g2.com/discussions/what-does-qradar-stand-for) - 1 comment, 1 upvote
- [How do I use IBM QRadar?](https://www.g2.com/discussions/how-do-i-use-ibm-qradar) - 1 comment
- [What are the key component of IBM QRadar?](https://www.g2.com/discussions/what-are-the-key-component-of-ibm-qradar) - 1 comment
- [What is IBM QRadar Siem?](https://www.g2.com/discussions/what-is-ibm-qradar-siem) - 1 comment

### 9. [Torq AI SOC Platform](https://www.g2.com/products/torq-ai-soc-platform/reviews)
Torq is transforming cybersecurity with the Torq AI SOC Platform. Torq empowers enterprises to instantly and precisely detect and respond to security events at scale. Torq’s customer base includes major multinational enterprise customers, including Abnormal Security, Armis, Check Point Security, Chipotle Mexican Grill, Inditex (Zara, Bershka, and Pull &amp; Bear), Informatica, Kyocera, PepsiCo, Procter &amp; Gamble, Siemens, Telefónica, Valvoline, Virgin Atlantic, and Wiz.


**Average Rating:** 4.8/5.0
**Total Reviews:** 149
**How Do G2 Users Rate Torq AI SOC Platform?**

- **Automated Remediation:** 9.2/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.6/10 (Category avg: 9.0/10)
- **Ease of Admin:** 9.5/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.3/10 (Category avg: 8.8/10)

**Who Is the Company Behind Torq AI SOC Platform?**

- **Seller:** [torq](https://www.g2.com/sellers/torq)
- **Company Website:** https://torq.io/
- **Year Founded:** 2020
- **HQ Location:** New York, US
- **Twitter:** @torq_io (1,944 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/torqio/mycompany (441 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 50% Mid-Market, 29% Small-Business


#### What Are Torq AI SOC Platform's Pros and Cons?

**Pros:**

- Ease of Use (67 reviews)
- Security (61 reviews)
- Automation (59 reviews)
- Features (55 reviews)
- Threat Detection (41 reviews)

**Cons:**

- Difficult Learning (18 reviews)
- Learning Curve (17 reviews)
- Missing Features (10 reviews)
- Improvement Needed (8 reviews)
- Poor Interface Design (8 reviews)


### What Do G2 Reviewers Say About Torq AI SOC Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of Torq AI SOC Platform, making it accessible to all skill levels with minimal training.
- Users value the **efficient network vulnerability checks** that enhance security through automation and quick remediation actions.
- Users value the **automation capabilities** of Torq AI SOC Platform, enhancing efficiency and securing networks effectively.
- Users highlight the **no-code automation capabilities** of Torq, simplifying security workflows and enhancing operational efficiency.
- Users value Torq&#39;s **effective threat detection** , seamlessly transitioning and enhancing their vulnerability management and network security processes.

**Cons:**

- Users face a **difficult learning curve** with Torq AI SOC Platform, requiring time and support for effective use.
- Users face a significant **learning curve** with Torq AI SOC Platform, requiring extensive training and support for effective use.
- Users find the **missing features** like built-in playbooks and widgets hinder the full potential of Torq AI SOC.
- Users suggest that **improvements in findings grouping** and integration could greatly enhance the Torq AI SOC Platform experience.
- Users face challenges with **poor interface design** , including buggy interactions and a steep learning curve for troubleshooting.

#### What Are Recent G2 Reviews of Torq AI SOC Platform?

**"[Efficient Automation with Robust Integrations](https://www.g2.com/survey_responses/torq-ai-soc-platform-review-12301239)"**

**Rating:** 5.0/5.0 stars
*— Orlando  M.*

[Read full review](https://www.g2.com/survey_responses/torq-ai-soc-platform-review-12301239)

---

**"[Centralized Incident Management That Exceeds Expectations](https://www.g2.com/survey_responses/torq-ai-soc-platform-review-12121506)"**

**Rating:** 5.0/5.0 stars
*— Octave P.*

[Read full review](https://www.g2.com/survey_responses/torq-ai-soc-platform-review-12121506)

---



### 10. [IBM QRadar SOAR](https://www.g2.com/products/ibm-qradar-soar/reviews)
IBM QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks. The open and agnostic platform helps accelerate and orchestrate their response by automating actions with intelligence and integrating with other security tools. IBM QRadar SOAR is available on AWS Marketplace.


**Average Rating:** 4.0/5.0
**Total Reviews:** 25
**How Do G2 Users Rate IBM QRadar SOAR?**

- **Automated Remediation:** 7.5/10 (Category avg: 8.6/10)
- **Quality of Support:** 7.9/10 (Category avg: 9.0/10)
- **Ease of Admin:** 6.7/10 (Category avg: 8.5/10)
- **Workflow Automation:** 7.4/10 (Category avg: 8.8/10)

**Who Is the Company Behind IBM QRadar SOAR?**

- **Seller:** [IBM](https://www.g2.com/sellers/ibm)
- **Year Founded:** 1911
- **HQ Location:** Armonk, New York, United States
- **Twitter:** @IBMSecurity (74,660 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (328,202 employees on LinkedIn®)
- **Ownership:** SWX:IBM

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services
- **Company Size:** 72% Enterprise, 21% Mid-Market


#### What Are IBM QRadar SOAR's Pros and Cons?

**Pros:**

- Ease of Use (5 reviews)
- Automation (3 reviews)
- Easy Integrations (3 reviews)
- Integrations (3 reviews)
- Customer Support (2 reviews)

**Cons:**

- Integration Issues (3 reviews)
- Complexity (2 reviews)
- Limited Integration (2 reviews)
- System Limitations (2 reviews)
- Bug Issues (1 reviews)


### What Do G2 Reviewers Say About IBM QRadar SOAR?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **easy-to-use interface** of IBM QRadar SOAR, facilitating quick workflow creation and customization.
- Users find that IBM QRadar SOAR&#39;s **automation capabilities** significantly reduce manual tasks, enhancing efficiency in security operations.
- Users value the **easy integrations** with various tools, simplifying their security operations and workflows efficiently.
- Users appreciate the **seamless integration** with various tools, enhancing efficiency and streamlining security processes effectively.
- Users value the **responsive IBM support** and the ease of use of the QRadar SOAR console for quick resolutions.

**Cons:**

- Users face **integration issues** with IBM QRadar SOAR, limiting its functionality and complicating setups with other applications.
- Users find the **initial complexity** of IBM QRadar SOAR challenging, requiring time to master its extensive features.
- Users experience **limited integration** with IBM QRadar SOAR, making advanced configurations and implementation challenging.
- Users find the **system limitations** of IBM QRadar SOAR restrict effective transformations and complicate implementation efforts.
- Users report **bug issues** with IBM QRadar SOAR, including errors in workflows and occasional lagging performance.

#### What Are Recent G2 Reviews of IBM QRadar SOAR?

**"[Analyze Soar Qradar](https://www.g2.com/survey_responses/ibm-qradar-soar-review-9842312)"**

**Rating:** 5.0/5.0 stars
*— Aparecido A.*

[Read full review](https://www.g2.com/survey_responses/ibm-qradar-soar-review-9842312)

---

**"[IBM Security QRadar SOAR](https://www.g2.com/survey_responses/ibm-qradar-soar-review-9696782)"**

**Rating:** 4.5/5.0 stars
*— Prashanth K.*

[Read full review](https://www.g2.com/survey_responses/ibm-qradar-soar-review-9696782)

---



### 11. [Splunk SOAR (Security Orchestration, Automation and Response)](https://www.g2.com/products/splunk-soar-security-orchestration-automation-and-response/reviews)
Splunk SOAR provides security orchestration, automation and response capabilities that allow security analysts to work smarter by automating repetitive tasks; respond to security incidents faster with automated detection, investigation, and response; increase productivity, efficiency and accuracy; and strengthen defenses by connecting and coordinating complex workflows across their team and tools. Splunk SOAR also supports a broad range of security operations center (SOC) functions including event and case management, integrated threat intelligence, collaboration tools and reporting.


**Average Rating:** 4.4/5.0
**Total Reviews:** 39
**How Do G2 Users Rate Splunk SOAR (Security Orchestration, Automation and Response)?**

- **Automated Remediation:** 8.6/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.8/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.1/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.7/10 (Category avg: 8.8/10)

**Who Is the Company Behind Splunk SOAR (Security Orchestration, Automation and Response)?**

- **Seller:** [Cisco](https://www.g2.com/sellers/cisco)
- **Year Founded:** 1984
- **HQ Location:** San Jose, CA
- **Twitter:** @Cisco (720,366 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,545 employees on LinkedIn®)
- **Ownership:** NASDAQ:CSCO

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Consulting
- **Company Size:** 40% Mid-Market, 35% Enterprise


#### What Are Splunk SOAR (Security Orchestration, Automation and Response)'s Pros and Cons?

**Pros:**

- Automation (16 reviews)
- Security (13 reviews)
- Features (9 reviews)
- Threat Detection (8 reviews)
- Ease of Use (7 reviews)

**Cons:**

- Expensive (16 reviews)
- Learning Curve (7 reviews)
- Difficult Learning (6 reviews)
- Complexity (5 reviews)
- Poor Interface Design (4 reviews)


### What Do G2 Reviewers Say About Splunk SOAR (Security Orchestration, Automation and Response)?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **automation capabilities** of Splunk SOAR, enhancing security and response efficiency dramatically.
- Users value the **effective incident management** of Splunk SOAR, enhancing security response and automation in their workflows.
- Users value the **flexibility and integration** of Splunk SOAR, allowing seamless workflow orchestration for enhanced security.
- Users appreciate the **easy threat detection** capability of Splunk SOAR, enhancing security analysis and response efficiency.
- Users value the **ease of use** of Splunk SOAR, appreciating its intuitive UI and seamless integration capabilities.

**Cons:**

- Users find the **high cost** of Splunk SOAR prohibitive, making it difficult for average users to afford.
- Users find the **learning curve steep** , requiring extensive knowledge and training to effectively use Splunk SOAR.
- Users find the **difficult learning curve** to be challenging, especially for beginners new to automation platforms.
- Users find the **complexity** of Splunk SOAR challenging, requiring extensive learning for effective use.
- Users find the **poor interface design** of Splunk SOAR challenging, particularly for those new to automation platforms.

#### What Are Recent G2 Reviews of Splunk SOAR (Security Orchestration, Automation and Response)?

**"[Splunk SOAR is an awesome automation and security software](https://www.g2.com/survey_responses/splunk-soar-security-orchestration-automation-and-response-review-9922387)"**

**Rating:** 5.0/5.0 stars
*— Noor  Z.*

[Read full review](https://www.g2.com/survey_responses/splunk-soar-security-orchestration-automation-and-response-review-9922387)

---

**"[Splunk SOAR is a good software for automation](https://www.g2.com/survey_responses/splunk-soar-security-orchestration-automation-and-response-review-9922172)"**

**Rating:** 5.0/5.0 stars
*— Dheeraj T.*

[Read full review](https://www.g2.com/survey_responses/splunk-soar-security-orchestration-automation-and-response-review-9922172)

---


#### What Are G2 Users Discussing About Splunk SOAR (Security Orchestration, Automation and Response)?

- [What is Splunk SOAR (Security Orchestration, Automation and Response) used for?](https://www.g2.com/discussions/what-is-splunk-soar-security-orchestration-automation-and-response-used-for)

### 12. [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews)
Sumo Logic, Inc. unifies and analyzes enterprise data, translating it into actionable insights through one AI-powered cloud-native log analytics platform. This single source of truth enables Dev, Sec and Ops teams to simplify complexity, collaborate efficiently and accelerate data-driven decisions that drive business value. Customers around the world rely on the Sumo Logic SaaS Log Analytics Platform for trusted insights to ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. For more information, visit: SUMOLOGIC.COM


**Average Rating:** 4.3/5.0
**Total Reviews:** 391
**How Do G2 Users Rate Sumo Logic?**

- **Automated Remediation:** 8.8/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.5/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.4/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.3/10 (Category avg: 8.8/10)

**Who Is the Company Behind Sumo Logic?**

- **Seller:** [Sumo Logic](https://www.g2.com/sellers/sumo-logic)
- **Company Website:** https://www.sumologic.com
- **Year Founded:** 2010
- **HQ Location:** Redwood City, CA
- **Twitter:** @SumoLogic (6,542 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1037816/ (838 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 48% Mid-Market, 37% Enterprise


#### What Are Sumo Logic's Pros and Cons?

**Pros:**

- Ease of Use (54 reviews)
- Log Management (44 reviews)
- Features (32 reviews)
- Insights (30 reviews)
- Real-time Monitoring (29 reviews)

**Cons:**

- Expensive (18 reviews)
- Difficult Learning (16 reviews)
- Learning Curve (16 reviews)
- Learning Difficulty (16 reviews)
- Slow Performance (16 reviews)


### What Do G2 Reviewers Say About Sumo Logic?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of Sumo Logic, finding it simple to learn and configure effectively.
- Users appreciate the **ease of searching and configuring logs** , enhancing their monitoring and tracing capabilities effortlessly.
- Users value the **Continuous Intelligence feature** of Sumo Logic for its quick and actionable insights from diverse data.
- Users commend **Sumo Logic&#39;s visual power and flexibility** , enhancing KPI display and minimizing log-related workload.
- Users value the **real-time insights** offered by Sumo Logic, enhancing monitoring and analytics for better decision-making.

**Cons:**

- Users find Sumo Logic to be **expensive** , often questioning if its value justifies the high pricing.
- Users find the **difficult learning** curve of Sumo Logic hampers quick proficiency in using its features effectively.
- Users find Sumo Logic&#39;s **steep learning curve** challenging, especially when mastering complex queries and setup processes.
- Users find the **steep learning curve** of Sumo Logic challenging, requiring significant time to gain proficiency.
- Users experience **slow performance** due to a clunky UI and delayed alerting, impacting efficiency and response times.

#### What Are Recent G2 Reviews of Sumo Logic?

**"[Centralized Logging with Intuitive Dashboards](https://www.g2.com/survey_responses/sumo-logic-review-12948839)"**

**Rating:** 4.5/5.0 stars
*— Sudarshan B.*

[Read full review](https://www.g2.com/survey_responses/sumo-logic-review-12948839)

---

**"[AI Activity Monitoring That Makes Auditing and Debugging Easy](https://www.g2.com/survey_responses/sumo-logic-review-12888562)"**

**Rating:** 4.5/5.0 stars
*— Vishal S.*

[Read full review](https://www.g2.com/survey_responses/sumo-logic-review-12888562)

---


#### What Are G2 Users Discussing About Sumo Logic?

- [What is Cloud SOAR used for?](https://www.g2.com/discussions/what-is-cloud-soar-used-for) - 1 comment, 1 upvote
- [Is Sumo Logic a SIEM?](https://www.g2.com/discussions/is-sumo-logic-a-siem)
- [What is Sumo Logic used for?](https://www.g2.com/discussions/what-is-sumo-logic-used-for)
- [Who are Sumo Logic competitors?](https://www.g2.com/discussions/who-are-sumo-logic-competitors) - 1 comment
- [How much does Sumo Logic cost?](https://www.g2.com/discussions/how-much-does-sumo-logic-cost)

### 13. [D3 Security](https://www.g2.com/products/d3-security/reviews)
D3 stands at the forefront of AI-powered security, providing real-time, autonomous SOC solutions that help organizations stay ahead of cyber threats. By merging autonomous investigation and triage with AI-guided remediation, D3 is delivering AI-powered, human-led cyber security solutions. Morpheus is D3 Security’s fully autonomous SOC solution that triages, investigates, and responds to every alert, 24/7. Morpheus covers 100% of your alerts — no exceptions — so your team never has to choose between chasing false positives or risking a breach. It triages 95% of alerts in under two minutes, integrating seamlessly with any SIEM, XDR, or security stack. Unlike traditional SOAR platforms, Morpheus doesn’t need endless playbook tuning; it can build response workflows on the fly, specific to your security stack. The result? Zero alert fatigue, fewer missed threats, and a dramatic boost in SOC efficiency, powered by a data privacy-friendly and SecOps-focused AI model.


**Average Rating:** 4.2/5.0
**Total Reviews:** 64
**How Do G2 Users Rate D3 Security?**

- **Automated Remediation:** 8.3/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.0/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.2/10 (Category avg: 8.5/10)
- **Workflow Automation:** 6.7/10 (Category avg: 8.8/10)

**Who Is the Company Behind D3 Security?**

- **Seller:** [D3 Security Management Systems](https://www.g2.com/sellers/d3-security-management-systems)
- **Year Founded:** 2012
- **HQ Location:** Vancouver, British Columbia
- **Twitter:** @D3Security (1,118 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/342986/ (162 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 49% Enterprise, 41% Mid-Market



#### What Are Recent G2 Reviews of D3 Security?

**"[Next Generation SOAR Platform](https://www.g2.com/survey_responses/d3-security-review-7793810)"**

**Rating:** 4.5/5.0 stars
*— Kristian T.*

[Read full review](https://www.g2.com/survey_responses/d3-security-review-7793810)

---

**"[The best security operation platform](https://www.g2.com/survey_responses/d3-security-review-3110773)"**

**Rating:** 5.0/5.0 stars
*— George K.*

[Read full review](https://www.g2.com/survey_responses/d3-security-review-3110773)

---




## What Is Security Orchestration, Automation, and Response (SOAR) Software?

[System Security Software](https://www.g2.com/categories/system-security)

## What Software Categories Are Similar to Security Orchestration, Automation, and Response (SOAR) Software?

- [Security Information and Event Management (SIEM) Software](https://www.g2.com/categories/security-information-and-event-management-siem)
- [Incident Response Software](https://www.g2.com/categories/incident-response)
- [AI SOC Agents](https://www.g2.com/categories/ai-soc-agents)


---

## How Do You Choose the Right Security Orchestration, Automation, and Response (SOAR) Software?

### What You Should Know About Security, Orchestration, Automation, and Response (SOAR) Software

### What is Security, Orchestration, Automation, and Response (SOAR) Software?

Security orchestration, automation, and response (SOAR) software helps coordinate, execute, and automate tasks between various IT workers and tools. SOAR tools allow organizations to respond quickly to cybersecurity attacks and observe, understand, and prevent future incidents.

SOAR software gives organizations a comprehensive view of their existing security systems while centralizing the security data. By automating security responses and reducing manual tasks, SOAR helps to generate a faster and more accurate response to security attacks. It also helps better coordinate and route incident response to the most appropriate IT worker in real time.

**What Does SOAR Stand For?**

SOAR stands for security orchestration, automation, and response. SOAR software significantly contributes to identifying potential future security threats.

### What are the Common Features of Security, Orchestration, Automation, and Response (SOAR) Software?

Usually, a SOAR software offering operates under three primary software capabilities:

**Threat and vulnerability management:** Threat and vulnerability management examines key assets and prioritizes efforts to reduce risk. Working with other security teams, threat and vulnerability management helps prevent attacks by threat actors.

**Security incident response:** Security incident response addresses and manages the aftermath of a security breach, cyberattack, computer incident, or security incident. Security incident response is to handle the aftermath of a security breach in a way that limits damage, reduces recovery time, and reduces cost.

**Security operations automation:** Security operations automation is the technology that enables the automation and orchestration of security tasks. This can include both administrative duties and incident detection and response.

### What are the Benefits of Security, Orchestration, Automation, and Response (SOAR) Software?

The benefits of using a SOAR tool are that it lessens the impact of security incidents and reduces the risk of legal liability. SOAR software helps companies’ security teams by enabling them to:

**Maintain a central view:** One of the benefits of SOAR software is that it gives security staff a central view and enables control of existing security systems while centralizing data collection to improve a company&#39;s security posture, operational efficiency, and productivity.&amp;nbsp;

**Automate manual tasks:** As with most software today, users are looking for help in terms of automation. SOAR software helps to manage and automate all aspects of a security incident lifecycle. This removes manual tasks, gives security staff more time to be productive, and allows them to focus on more mission-critical security tasks that do not require manual tasks.

**Define incident and response procedures:** SOAR software helps security systems define incident and response procedures. This helps to route security incidents to the correct security staff. SOAR can also prioritize and standardize the security response processes in a consistent, transparent, and documented way.&amp;nbsp;

**Optimize incident response** : Because SOAR software helps security staff define incident and response procedures, incident response is more accurate. This accuracy enables security systems and staff to have improved responses where they may have to contain, eradicate, or recover crucial data.&amp;nbsp;

**Identify and assign incident severity levels:** SOAR software helps to identify and assign incident severity levels. Severity levels in cybersecurity measure how severely a security incident impacts various parts of the organization. SOAR software automatically identifies and assigns severity levels, enabling the right security system and staff to respond appropriately. This means both can respond immediately to security incidents that may negatively affect an organization, such as networks, software, employee or customer data, etc.

**Support collaboration and unstructured investigations:** SOAR software supports collaboration and unstructured investigations in real time, helping route each security incident to the security system and security staff best suited to respond. Collaboration with other IT teams for tasks such as remediation or other departments such as legal is possible.&amp;nbsp;

**Streamline operations:** By using SOAR software, organizations can streamline security operations for threat and vulnerability management, security incident response, and security operations automation. SOAR software connects these security elements while integrating disparate security systems. SOAR software’s playbooks allow users to orchestrate, streamline and automate tasks. Playbooks also codify the process workflows that streamline the SOAR software functions.

### Who Uses Security, Orchestration, Automation, and Response (SOAR) Software?

**IT and cybersecurity staff:** They use SOAR software to handle security alerts such as phishing, which includes looking for threat feed data from endpoints, failed user logins, logins from unusual locations, malicious VPN access attempts, and so on. It&#39;s also used to hunt for threats and respond to incidents from attached files for malware analysis, cloud-aware incident response, and automate data enrichment. Cybersecurity staff who assign incident severity and check other products for vulnerability scores also use SOAR platforms.

### Challenges with Security, Orchestration, Automation, and Response (SOAR) software

There are a number of challenges with SOAR software that IT teams can encounter.

**Skill gaps:** While there is the misconception that SOAR software could replace security staff, the tool is meant to augment security teams, allowing them to work efficiently and effectively but not replacing them. However, there still may be a skills gap as the security team must be able to create detailed workflows of their processes.

**Effective deployment:** Another challenge of SOAR software is that it must be deployed to the enterprise but also connected to the other applications and technologies, which can be very complicated. An organization must also have staff with enough skills to deploy and maintain the platform. The applications and technologies used by the enterprise must also be able to support or be integrated into the SOAR software. One of SOAR software’s greatest strengths is to connect and orchestrate other technologies; however, if each technology is unable to be integrated, it hampers the benefits of deploying SOAR software.

### How to Buy Security, Orchestration, Automation, and Response Software

#### Requirements Gathering (RFI/RFP) for Security, Orchestration, Automation, and Response (SOAR) Software

If an organization is just starting out and looking to purchase SOAR software, g2.com can help select the best one.

Most business pain points might be related to all of the manual work that must be completed. If the company is large and has a lot of networks, data, or devices in its organization, they may need to shop for a SOAR software that can grow with its organization. Users should think about the pain points in security to help create a checklist of criteria. Additionally, the buyer must determine the number of employees who will need to use the SOAR software and if they currently have the skills to administer it.&amp;nbsp;

Taking a holistic overview of the business and identifying pain points can help the team springboard into creating a checklist of criteria. The checklist serves as a detailed guide that includes both necessary and nice-to-have features, including budget, features, number of users, integrations, security staff skills, cloud or on-premises solutions, and more.

Depending on the scope of the deployment, it might be helpful to produce an RFI, a one-page list with a few bullet points describing what is needed from SOAR software.

#### Compare Security, Orchestration, Automation, and Response (SOAR) Software

**Create a long list**

Vendor evaluations are an essential part of the software buying process from meeting the business functionality needs to implementation. For ease of comparison, after all demos are complete, it helps to prepare a consistent list of questions regarding specific needs and concerns to ask each vendor.

**Create a short list**

From the long list of vendors, it is helpful to narrow down the list of vendors and come up with a shorter list of contenders, preferably no more than three to five. With this list in hand, businesses can produce a matrix to compare the features and pricing of the various solutions.

**Conduct demos**

To ensure the comparison is comprehensive, the user should demo each solution on the shortlist with the same use cases. This will allow the business to evaluate like for like and see how each vendor stacks up against the competition.&amp;nbsp;

#### Selection of Security, Orchestration, Automation, and Response (SOAR) Software

**Choose a selection team**

Before getting started, creating a winning team that will work together throughout the entire process, from identifying pain points to implementation, is crucial. The software selection team should consist of organization members with the right interest, skills, and time to participate in this process. A good starting point is to aim for three to five people who fill roles such as the main decision maker, project manager, process owner, system owner, or staffing subject matter expert, as well as a technical lead, head administrator, or security administrator. In smaller companies, the vendor selection team may be smaller, with fewer participants multitasking and taking on more responsibilities.

**Compare notes**

The selection team should compare notes and facts and figures which they noted during the process, such as costs, security capabilities, and alert and incident response times.

**Negotiation**

Just because something is written on a company’s pricing page does not mean it&#39;s final. It is crucial to open up a conversation regarding pricing and licensing. For example, the vendor may be willing to give a discount for multi-year contracts or for recommending the product to others.

**Final decision**

After this stage, and before going all in, it is recommended to roll out a test run or pilot program to test adoption with a small sample size of users. If the tool is well used and well received, the buyer can be confident that the selection was correct. If not, it might be time to go back to the drawing board.

### What does Security, Orchestration, Automation, and Response (SOAR) Software cost?

SOAR is considered a long-term investment. This means there must be a careful evaluation of vendors, and the software should be tailored to each organization&#39;s specific requirements. Once a SOAR solution is purchased, deployed, and integrated into an organization’s security system, the cost could be high, which is why the evaluation stage of selecting SOAR software is so crucial. The notion of rip-and-replace cost can be high. The SOAR vendor chosen should continue to provide support for the SOAR solution with flexibility and open integration.

#### Return on Investment (ROI)

Organizations decide to purchase SOAR software with some type of return on investment (ROI). As they want to recoup the money spent on the software, it is critical to understand the costs that will be saved in terms of efficiency.

SOAR software saves security staff costs by eliminating manual tasks. For example, SOAR software automatically investigates the scenario of email phishing attacks which is very common, so this task can be very repetitive and consumes security staff time if it is done manually. A large enterprise used actual data from its SOAR software deployment and compared it to the cost of handling email phishing investigations automatically using SOAR software versus handling them manually. The enterprise found that the reduction in staff time required to handle phishing emails equated to savings of over $680,000 per year.

### Security, Orchestration, Automation, and Response (SOAR) Software Trends

**Enterprises:** Due to the requirements to maintain such large-scale IT and network infrastructure, organizations such as large enterprises tend to be more interested in purchasing SOAR software. Having such large networks and more complex IT makes such organizations more vulnerable to security threats which is another drive to purchase SOAR software. Also, larger organizations have more employees with more devices, which increases threats if they are accessing workplace applications on these devices.

**Retail and e-commerce:** These industries have increased interest in SOAR software due to the vulnerabilities in PoS)transactions and online purchases. It is the processing of these monetary transactions which creates a security risk, especially there personal and financial information of customers. Adopting technologies such as location-based marketing for these types of purchases also makes the retail industry more vulnerable to security threats.




