IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform Reviews & Product Details

IBM resilient soar is good platform when we consider automation in process. We have integrated this tool with IBM Qradar. Best part is that it can automate the security incidents directly without human interference. We can do part of automation which we want to automate, their are lots of functionalities in this tool itself. Incidents can be created automatically or manually. We can integrate the other API also. This tool helps in saving the time and meeting the SLA. Review collected by and hosted on G2.com.

This tool is best when all the configuration is done correctly otherwise you will face number of small problems. It's a powerful but it needs time for proper setup. As we have integrated resilient with Qradar, when we do some changes in Qradar, resilient stops working because of some error. This happens frequently. So we have to fix this number of times. Sometimes Qradar data tables not generate in resilient so that creation of incidents stops for a while. Review collected by and hosted on G2.com.

We recently built a Resilient solution in the IBM cloud. The Resilient tool is being used to demonstrate capabilities and train our internal personnel for the internal production SOAR deployment too. The set up was easy and within just a couple days we were already realizing the value of Resilient. Review collected by and hosted on G2.com.

I wish there was more guidance for the use of the Resilient SOAR tool. The documentation is lacking is some areas and is rudimentary. We need more guidance around how to set up playbooks, use of functions and workflows, how integrations can be further developed. There is a heavy reliance on GitHub and community development that can be difficult to find, validate and implement if inexperienced with the tool. Review collected by and hosted on G2.com.

Process Oriented ! Product allow to build and use dynamic workflow with very useful. Resilient is very powerful from the user interface to the integration of functions in a BMMN like view. Products integrate a privacy module (have to pay) wich is very helpful too for internationals company and for the DPO. Review collected by and hosted on G2.com.

From the action / circuits part (function implementations) you have to download what you need and implement it on your own, you don't to select it directly from the product. Maybe some improvement to do on reporting scheduling. Review collected by and hosted on G2.com.

IBM Security Resilient is a very powerful platform because of the openness of Python and architecture of the product. Resilient makes it easy to develop custom integrations, on top of the 150+ they already have pre-built. The Community is helpful and growing each day. It's easy to get support for the product from the official IBM Support portal as well. Resilient is very configurable and can be used to do about anything in the SOAR realm. Great product overall, and I continue to see it getting better and being built up. Review collected by and hosted on G2.com.

Integrations are a bit lackluster in some cases, and often require tailoring to suite needs better.

Resilient is powerful, but this means that it requires time be dedicated to building it out, it's not a quick and easy job necessarily due to its current architecture. Review collected by and hosted on G2.com.

We are using this product for the past 6 months in our healthcare initiatives projects. We are currently using the Resilient platform version of IBM-26

1. Delivers critical incident to Support analysts instantly.

2. create incidents from QRadar: manually, and automatically.

3. Notes and closing events are synchronized bi-directionally between the systems.

4. Automatically Closing Incidents due to update task, which runs every 2 minutes.

5. Initial installation is easy due to IBM guide available for everyone at free of cost while purchasing the licenses.

6. Availablity of IBM support analysts are more in the market and business is easy to do with for support

analysts for deployment of projects. Review collected by and hosted on G2.com.

Only Dislike is learning since we are moving from other prioduct and installation will take its own time. As well its not an open source tool and we have to migrate all our existing data of incident back to Qradar tool. Review collected by and hosted on G2.com.

The ability to custom code the interface any way we like, we are able to create effective tasks, intake is good. The ability to plugin to our primary intakes such as splunk. The ability to automate process and procedures with Phantom integration. Although intensive to setup, it is highly customizable. API integration with other products and good reporting will allow us to achieve our goals. Review collected by and hosted on G2.com.

There does not appear to be any way of changing some of the default fields. The task based system is ok, but we would like the ability to create custom frames, that when clicked, would allow an analyst to move on in the task list. The interface can be very overwhelming for a junior analyst, even when we strip out a lot of content. Review collected by and hosted on G2.com.

I have used a lot of incident response platform tool over the years called Consumer call management and many more, but this one has infrastructure integration with directory,endpoint and network controls and also easy collaboration of email and web forms which makes it stand out and i could drill down by incident timeline status and type order and also dashboard reports which is quite easier Review collected by and hosted on G2.com.

Sometimes the incident escalation ticket requests and follow up are out of sync and threat intelligence for DDOS attacks are not perfect since they dont track them ideally step by step and i have to redefine the process to find them Review collected by and hosted on G2.com.

Easy to navigate, no experience needed! Review collected by and hosted on G2.com.

Nothing that I can think of it’s a very well rounded project. Review collected by and hosted on G2.com.

I had been using this product for my time for a longer time duration and i got to say that it has got whatever we need and in terms of preparation,eradication,recovery and also ensuring that no threat remains and bringing them back into the production environment ,this is vital and every time the incident documentation is perfectly updated in the portal and i can just prepare my team for potential incidents Review collected by and hosted on G2.com.

Sometimes it takes a lot of time to get back the damaged systems back into the fully functional mode and its a long-tiresome cumbersome process and cannot be done in a single step and has to be charted one step at a time and also to improve future response effects we need to limit the number of requests ,and also it takes a lot of time notifying about the plan to stakeholders Review collected by and hosted on G2.com.

It makes integration very easy with real time dashboard. Review collected by and hosted on G2.com.

There nothing that I dislike about this system. Review collected by and hosted on G2.com.

Its functionality is great! Lots of functions are powerful and very great. The true ideas behind those functions are really awesome and helpful a lot for our use at our company. Review collected by and hosted on G2.com.

The interface no really is convenient. But can be significantly improved. The ease of use is critical for its future use. I really think since its functionality is a lot, they should provide better technical support to lower the learning curve. This will be important for its growth in near future. The GUI really sometimes is confusing and just not really response. But can be better a lot hopefully. Review collected by and hosted on G2.com.

Cloud Integrated, Backup protection, BCP, Data center services Review collected by and hosted on G2.com.

Maintenance, Expensive, lot of steps involved in system recovery. Review collected by and hosted on G2.com.

The capability of orchestrating and automating incident response processes Review collected by and hosted on G2.com.

would be better if integration is simplified and optimized as other tools like sniffer network incidents can integrate to IBM Resilient tool Review collected by and hosted on G2.com.

Easy to navigate when I am in a pinch. Review collected by and hosted on G2.com.

Slow response time when I have customers waiting on a response. Review collected by and hosted on G2.com.