IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform Reviews & Product Details

IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform Overview

What is IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform?

The IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform is the leading platform for orchestrating and automating incident response processes. IBM Resilient SOAR Platform quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.

IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform Details
Languages Supported
German, English, French, Japanese, Spanish, Chinese (Simplified)
Product Description

IBM Resilient Security Orchestration, Automation and Response (SOAR) is a platform for orchestrating and automating incident response processes.


Seller Details
Seller
IBM
Ownership
SWX:IBM
Company Website
Phone
1-866-277-7488
Year Founded
1911
HQ Location
Armonk, NY
Total Revenue (USD mm)
$77,147
Twitter
@IBM
617,859 Twitter followers
LinkedIn® Page
www.linkedin.com
519,733 employees on LinkedIn®
Description

IBM offers a wide range of technology and consulting services; a broad portfolio of middleware for collaboration, predictive analytics, software development and systems management; and the world's most advanced servers and supercomputers.


Overview Provided by:
Show More

IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform Screenshots

Answer a few questions to help the IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform community
Have you used IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform before?
Yes

IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform Reviews

Write a Review
Filter reviews

LinkedIn®
Connections
Popular Mentions
Showing 15 IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform reviews
Popular Mentions
Showing 15 reviews
Filter Reviews
Filter Reviews
Sort by
Ratings
Company Size
User Role
For Category
All Industries
Review Type
Region
Already have IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform?
Write a Review
Validated Reviewer
Review source: Invitation from G2
What do you like best?

IBM resilient soar is good platform when we consider automation in process. We have integrated this tool with IBM Qradar. Best part is that it can automate the security incidents directly without human interference. We can do part of automation which we want to automate, their are lots of functionalities in this tool itself. Incidents can be created automatically or manually. We can integrate the other API also. This tool helps in saving the time and meeting the SLA. Review collected by and hosted on G2.com.

What do you dislike?

This tool is best when all the configuration is done correctly otherwise you will face number of small problems. It's a powerful but it needs time for proper setup. As we have integrated resilient with Qradar, when we do some changes in Qradar, resilient stops working because of some error. This happens frequently. So we have to fix this number of times. Sometimes Qradar data tables not generate in resilient so that creation of incidents stops for a while. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Resilient is best automation tool for the quick generation of incidents. It helps in creation of major and critical incidents generation within SLA. But we cannot compare it with human analysis and investigation. It helps only generation of incidents with some details. After that analyst have to do actual investigation for the case. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Sometimes resilient fails to fetch data from Qradar which stops the incident creation. This problem we are solving with the resilient. Review collected by and hosted on G2.com.

Show More
Show Less
AI
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from the seller
Business partner of the seller or seller's competitor, not included in G2 scores.
What do you like best?

We recently built a Resilient solution in the IBM cloud. The Resilient tool is being used to demonstrate capabilities and train our internal personnel for the internal production SOAR deployment too. The set up was easy and within just a couple days we were already realizing the value of Resilient. Review collected by and hosted on G2.com.

What do you dislike?

I wish there was more guidance for the use of the Resilient SOAR tool. The documentation is lacking is some areas and is rudimentary. We need more guidance around how to set up playbooks, use of functions and workflows, how integrations can be further developed. There is a heavy reliance on GitHub and community development that can be difficult to find, validate and implement if inexperienced with the tool. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We immediately realized time savings benefits for SOC analysts. The threat intelligence was easy to set up and showed value very quickly. Review collected by and hosted on G2.com.

Show More
Show Less
Validated Reviewer
Verified Current User
Review source: Invitation from the seller
Business partner of the seller or seller's competitor, not included in G2 scores.
What do you like best?

Process Oriented ! Product allow to build and use dynamic workflow with very useful. Resilient is very powerful from the user interface to the integration of functions in a BMMN like view. Products integrate a privacy module (have to pay) wich is very helpful too for internationals company and for the DPO. Review collected by and hosted on G2.com.

What do you dislike?

From the action / circuits part (function implementations) you have to download what you need and implement it on your own, you don't to select it directly from the product. Maybe some improvement to do on reporting scheduling. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Very usefull for incident response, and most of all, to get orchestration and fast answer for the analyst with SI integrations. In the point of Management (dashboard/report) and for the analyst, user. For DevSecOps the API is well documented. Review collected by and hosted on G2.com.

Show More
Show Less
Validated Reviewer
Review source: G2 Gives Campaign
What do you like best?

IBM Security Resilient is a very powerful platform because of the openness of Python and architecture of the product. Resilient makes it easy to develop custom integrations, on top of the 150+ they already have pre-built. The Community is helpful and growing each day. It's easy to get support for the product from the official IBM Support portal as well. Resilient is very configurable and can be used to do about anything in the SOAR realm. Great product overall, and I continue to see it getting better and being built up. Review collected by and hosted on G2.com.

What do you dislike?

Integrations are a bit lackluster in some cases, and often require tailoring to suite needs better.

Resilient is powerful, but this means that it requires time be dedicated to building it out, it's not a quick and easy job necessarily due to its current architecture. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Great platform. I definitely recommend IBM Resilient, and especially if you have time and some Python programming resources to put into the product (hire an intern!). Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Major FTE productivity gains were realized with Resilient, saving analysts 20-30 minutes per hour of doing tedious or manual work.

Resilient also organizes incident response and makes it easier to report information to leadership. Review collected by and hosted on G2.com.

Show More
Show Less
Senior Consultant
Information Technology and Services
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Organic
Validated Reviewer
Review source: Organic
What do you like best?

We are using this product for the past 6 months in our healthcare initiatives projects. We are currently using the Resilient platform version of IBM-26

1. Delivers critical incident to Support analysts instantly.

2. create incidents from QRadar: manually, and automatically.

3. Notes and closing events are synchronized bi-directionally between the systems.

4. Automatically Closing Incidents due to update task, which runs every 2 minutes.

5. Initial installation is easy due to IBM guide available for everyone at free of cost while purchasing the licenses.

6. Availablity of IBM support analysts are more in the market and business is easy to do with for support

analysts for deployment of projects. Review collected by and hosted on G2.com.

What do you dislike?

Only Dislike is learning since we are moving from other prioduct and installation will take its own time. As well its not an open source tool and we have to migrate all our existing data of incident back to Qradar tool. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

1. Installation is easy once we procured the licenses for the accounting team.

2. Cost wise its much better than other tools in the market.

3. Response time is ease of knowledge and analysts will get to know the incidents in quick period of time. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Major business benefits in my project are:

Real-time incident dashboards and metrics that help security managers assess, measure, and improve IR capabilities. Due to that we have a good amount of reporting informations which stats information on Incidents. Automated enrichment that provides critical incident data that enables faster and more accurate decision making.

Review collected by and hosted on G2.com.

Show More
Show Less
Lead Analyst - Incident Handling and Response - Allstate SOC
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

The ability to custom code the interface any way we like, we are able to create effective tasks, intake is good. The ability to plugin to our primary intakes such as splunk. The ability to automate process and procedures with Phantom integration. Although intensive to setup, it is highly customizable. API integration with other products and good reporting will allow us to achieve our goals. Review collected by and hosted on G2.com.

What do you dislike?

There does not appear to be any way of changing some of the default fields. The task based system is ok, but we would like the ability to create custom frames, that when clicked, would allow an analyst to move on in the task list. The interface can be very overwhelming for a junior analyst, even when we strip out a lot of content. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Plan properly before deployment, I cannot stress this enough. If you do not know what you want the product to do for you, it will be significantly harder to create the right dashboards and intakes. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Moving to a single pane of glass implementation will help us respond faster, gather better metrics, and get an overall better feel of the types of incidents our staff have to deal with on a daily basis We realize a huge benefit over our existing system, as we did not have good metadata during incident response. Resilient has allowed us to capture this info better. Review collected by and hosted on G2.com.

Show More
Show Less
Validated Reviewer
Verified Current User
Review source: Organic
What do you like best?

I have used a lot of incident response platform tool over the years called Consumer call management and many more, but this one has infrastructure integration with directory,endpoint and network controls and also easy collaboration of email and web forms which makes it stand out and i could drill down by incident timeline status and type order and also dashboard reports which is quite easier Review collected by and hosted on G2.com.

What do you dislike?

Sometimes the incident escalation ticket requests and follow up are out of sync and threat intelligence for DDOS attacks are not perfect since they dont track them ideally step by step and i have to redefine the process to find them Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Tap the finest potential of it and also explore the nuances of what it has to offer Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Mainly with dynamic request to incident adaptations and gives suggestive action which is really ideal being an end user and the special customer service ticketing platform gives a lot of edge for all SIEM & IRP requests Review collected by and hosted on G2.com.

Show More
Show Less
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Easy to navigate, no experience needed! Review collected by and hosted on G2.com.

What do you dislike?

Nothing that I can think of it’s a very well rounded project. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

I benefit in learning a new softaware that enables me to work at a quicker and steadier pace. Review collected by and hosted on G2.com.

Show More
Show Less
Software developer
Information Technology and Services
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

I had been using this product for my time for a longer time duration and i got to say that it has got whatever we need and in terms of preparation,eradication,recovery and also ensuring that no threat remains and bringing them back into the production environment ,this is vital and every time the incident documentation is perfectly updated in the portal and i can just prepare my team for potential incidents Review collected by and hosted on G2.com.

What do you dislike?

Sometimes it takes a lot of time to get back the damaged systems back into the fully functional mode and its a long-tiresome cumbersome process and cannot be done in a single step and has to be charted one step at a time and also to improve future response effects we need to limit the number of requests ,and also it takes a lot of time notifying about the plan to stakeholders Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Use it to recover from breach when detected Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

When the critical central repository system was just about to fail,there was a lot of chaos and confusion in the background running process and we were kind of unsure on the next steps,but i was able to use IRP to fasttrack,detect and limit the effects of a potential information with ease Review collected by and hosted on G2.com.

Show More
Show Less
CI
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

It makes integration very easy with real time dashboard. Review collected by and hosted on G2.com.

What do you dislike?

There nothing that I dislike about this system. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It has made decision making very effective as it guides the time through best responses. Review collected by and hosted on G2.com.

Show More
Show Less
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Its functionality is great! Lots of functions are powerful and very great. The true ideas behind those functions are really awesome and helpful a lot for our use at our company. Review collected by and hosted on G2.com.

What do you dislike?

The interface no really is convenient. But can be significantly improved. The ease of use is critical for its future use. I really think since its functionality is a lot, they should provide better technical support to lower the learning curve. This will be important for its growth in near future. The GUI really sometimes is confusing and just not really response. But can be better a lot hopefully. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Do better bargain. The price could be lower. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Sales platform Review collected by and hosted on G2.com.

Show More
Show Less
Infra Specialist
Hospital & Health Care
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best?

Cloud Integrated, Backup protection, BCP, Data center services Review collected by and hosted on G2.com.

What do you dislike?

Maintenance, Expensive, lot of steps involved in system recovery. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Life cycle steps generated during system failure and notification to all stack holders in each phase of system failure till recovery. Review collected by and hosted on G2.com.

Show More
Show Less
Validated Reviewer
Review source: Invitation from G2
What do you like best?

The capability of orchestrating and automating incident response processes Review collected by and hosted on G2.com.

What do you dislike?

would be better if integration is simplified and optimized as other tools like sniffer network incidents can integrate to IBM Resilient tool Review collected by and hosted on G2.com.

Recommendations to others considering the product:

recommend prospects to try out Resilient IRP quickly with organization’s existing security and IT investments. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Resilient IRP quickly and easily integrates with your organization’s existing security and IT investments.

Overall Quality of product is excellent and helps improve business goals and objectives Review collected by and hosted on G2.com.

Show More
Show Less
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Easy to navigate when I am in a pinch. Review collected by and hosted on G2.com.

What do you dislike?

Slow response time when I have customers waiting on a response. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

N/a Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

The opportunity to solve serious issues without leaving it in the hands of people that aren’t able to actually help. Review collected by and hosted on G2.com.

Show More
Show Less