# Best Security Orchestration, Automation, and Response (SOAR) Software

*By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)*


Security orchestration, automation, and response (SOAR) software products are tools used to help integrate security technologies and automate incident-related tasks. These tools integrate with a company’s existing security solutions to help users build and automate workflows, simplifying the incident response process and reducing the amount of human intervention necessary to handle security incidents. Companies use these tools to create a centralized system complete with visibility into a company’s security software and operational processes. These tools also reduce the time it takes to respond to incidents, as well as the potential for human error in remediating security threats and vulnerabilities.

SOAR platforms combine aspects of [vulnerability management](https://www.g2.com/categories/vulnerability-management), [incident response](https://www.g2.com/categories/incident-response), and [security information and event management (SIEM)](https://www.g2.com/categories/security-information-and-event-management-siem) solutions. SOAR products are designed to provide some of each tool’s respective functionality or integrate with third-party tools. Once integrated, processes can be designed to identify incidents and automate remediation tasks.

To qualify for inclusion in the Security Orchestration, Automation, and Response (SOAR) category, a product must:

- Integrate security information and incident response tools
- Allow security professionals to build response workflows
- Automate incident management and response tasks within workflows
- Provide formalized incident, workflow, and performance reports






## G2 Grid® for Security Orchestration, Automation, and Response (SOAR) Software
![G2 Grid® for Security Orchestration, Automation, and Response (SOAR) Software plotting products by satisfaction and market presence](https://www.g2.com/categories/security-orchestration-automation-and-response-soar/grids.png?focus%5B%5D=98376&focus%5B%5D=120746&focus%5B%5D=139264&focus%5B%5D=164907&focus%5B%5D=122123&focus%5B%5D=55254&focus%5B%5D=58203&focus%5B%5D=30500)
Highlighted products: Tines, n8n, KnowBe4 PhishER/PhishER Plus, Torq AI SOC Platform, Microsoft Sentinel, ServiceNow Security Operations, Check Point Infinity Platform, and Google Security Operations.
Underlying data: [Grid® JSON](https://www.g2.com/categories/security-orchestration-automation-and-response-soar/grids.json?focus%5B%5D=tines&amp;focus%5B%5D=n8n&amp;focus%5B%5D=knowbe4-phisher-phisher-plus&amp;focus%5B%5D=torq-ai-soc-platform&amp;focus%5B%5D=microsoft-sentinel&amp;focus%5B%5D=servicenow-security-operations&amp;focus%5B%5D=check-point-infinity-platform&amp;focus%5B%5D=google-security-operations)


## How Many Security Orchestration, Automation, and Response (SOAR) Software Products Does G2 Track?
**Total Products under this Category:** 80

### Category Stats (Jul 2026)
- **Average Rating**: 4.53/5 The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: Forescout Platform (+0.74%) - Among all products in this category, Forescout Platform recorded the largest rating increase compared to last month
*Last updated: July 16, 2026*


## How Does G2 Rank Security Orchestration, Automation, and Response (SOAR) Software Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 3,400+ Authentic Reviews
- 80+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


## Which Security Orchestration, Automation, and Response (SOAR) Software Is Best for Your Use Case?

- **Leader:** [Tines](https://www.g2.com/products/tines/reviews)
- **Highest Performer:** [Barracuda Incident Response](https://www.g2.com/products/barracuda-incident-response/reviews)
- **Easiest to Use:** [Torq AI SOC Platform](https://www.g2.com/products/torq-ai-soc-platform/reviews)
- **Top Trending:** [n8n](https://www.g2.com/products/n8n/reviews)
- **Best Free Software:** [Tines](https://www.g2.com/products/tines/reviews)


---

**Sponsored**

### Visitly

Visitly is the enterprise visitor security platform built for organizations that can&#39;t afford gaps in compliance, identity, or site control. SOC 2 Type II certified. ISO 27001 certified. ITAR and C-TPAT audit-ready. GDPR, CCPA, and HIPAA-ready. Trusted by security leaders at SentinelOne, Firework, Tia Health, Delta Airlines, Alstom Transport, United Renewable Energy — deployed across 500+ organizations in 25+ countries, in days not months, at a fraction of the cost of legacy VMS platforms. Security &amp; Watchlist Screening Stop threats before they enter. Visitly runs real-time watchlist screening, Sex Offender Registry checks, and Smart ID Validation against government-issued IDs — with facial recognition watchlists and off-hours access controls. Hosts approve or deny entry in real time. Every entry decision is audit-logged, timestamped, and exportable — so your security posture is always defensible. Emergency &amp; Evacuation Management Know exactly who is on site — at every location — when it matters most. Visitly&#39;s real-time evacuation tools provide accurate headcounts across all facilities instantly, reducing risk and keeping your organization prepared for any emergency. Compliance &amp; Audit Readiness Pass audits with zero manual effort. Every visitor interaction generates a complete, exportable audit log. ITAR and C-TPAT audit trail support for defense and regulated facilities. Data retention controls auto-purge records to meet regulatory requirements. SOC 2 Type II certified. ISO 27001 certified. GDPR, CCPA, and HIPAA-ready. Visitor Management Enforce consistent security protocols at every entry point. Customizable check-in flows, contactless QR code sign-in, facial recognition for returning visitors, digital NDA and document signing, automatic badge printing, and pre-registration for groups up to 200. Hosts are notified instantly via Slack, Microsoft Teams, Google Chat, or Webex. Contractor Management Centralize contractor and vendor oversight across every facility. Contractors follow custom compliance flows with document capture, approval tracking, and automated recordkeeping. Maintain a complete, audit-ready record of every contractor, document, and approval — across every facility, at all times. Multi-Location Management One dashboard. Every location. Manage check-in flows, branding, security rules, and device settings across 1 site or 500+ from a centralized portal. Consistent security protocols and watchlist rules enforced automatically across every location — no manual coordination required. Role-based access ensures the right people have the right controls globally. Most multi-site deployments complete in under two weeks. Integrations API-first architecture with SCIM provisioning, SAML2 SSO, and role-based access controls — no manual directory management, no shadow IT. Okta, Microsoft Entra ID, OneLogin, and Google Workspace for identity. Slack, Microsoft Teams, Google Chat, and Webex for host notifications. Cisco Meraki and Arista Networks for guest WiFi. Webhooks and API for custom integrations with any system. More than 60 integrations. See the full list at visitly.io/integrations. Built for security teams, facility directors, and IT leaders who manage complexity at scale. Schedule your demo at visitly.io/schedule-demo



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=2178&amp;secure%5Bchosen_at%5D=2026-07-16T22%3A51%3A32Z&amp;secure%5Bdisplayable_resource_id%5D=358&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=retargeted_product&amp;secure%5Bplacement_resource_ids%5D%5B%5D=70822&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=70822&amp;secure%5Bresource_id%5D=2178&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fsecurity-orchestration-automation-and-response-soar&amp;secure%5Btoken%5D=cca87f9a0716454d2bc55e4af892f12c1a01e6e641d06e8e4fdffeae22419c91&amp;secure%5Burl%5D=https%3A%2F%2Fwww.visitly.io%2Fenterprise-lp%2F%3Futm_source%3Dg2%26utm_medium%3Dppc%26utm_campaign%3Dg2ppc%26utm_term%3Dvisitormanagement&amp;secure%5Burl_type%5D=custom_url)

---

## What Are the Top-Rated Security Orchestration, Automation, and Response (SOAR) Software Products in 2026?
### 1. [Tines](https://www.g2.com/products/tines/reviews)
Tines is the intelligent workflow platform trusted by the world&#39;s most advanced organizations. Companies like Coinbase, Databricks, Mars, Reddit, and SAP use Tines to power their most important workflows. With Tines, they’ve built a secure, flexible foundation to operationalize AI agents and intelligent workflows, unlocking productivity, moving faster, and future-proofing how work gets done. You can start building right away, by signing up for our always-free Community Edition and importing one of our pre-built workflows from the library.


**Average Rating:** 4.7/5.0
**Total Reviews:** 396
**How Do G2 Users Rate Tines?**

- **Automated Remediation:** 9.3/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.6/10 (Category avg: 9.0/10)
- **Ease of Admin:** 9.2/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.6/10 (Category avg: 8.8/10)

**Who Is the Company Behind Tines?**

- **Seller:** [Tines](https://www.g2.com/sellers/tines)
- **Company Website:** https://www.tines.com/
- **Year Founded:** 2018
- **HQ Location:** Dublin, IE
- **LinkedIn® Page:** https://www.linkedin.com/company/tines-io/ (568 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Engineer, Software Engineer
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 39% Mid-Market, 36% Enterprise


#### What Are Tines's Pros and Cons?

**Pros:**

- Ease of Use (49 reviews)
- Automation (38 reviews)
- Customer Support (31 reviews)
- Easy Integrations (22 reviews)
- Integrations (22 reviews)

**Cons:**

- Missing Features (10 reviews)
- Learning Curve (9 reviews)
- Lack of Features (8 reviews)
- Expensive (7 reviews)
- Complexity (6 reviews)


### What Do G2 Reviewers Say About Tines?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Tines&#39; **ease of use** exceptional, enabling automation without needing extensive technical skills.
- Users find Tines makes **automation effortless** , streamlining tasks and enabling integration without the need for coding skills.
- Users praise Tines for its **exceptional customer support** , highlighting quick responses and personalized assistance that enhance their experience.
- Users highlight the **easy integrations** of Tines, simplifying automation and enhancing team collaboration effortlessly.
- Users value Tines for its **seamless integrations** and exceptional support, enabling quick and efficient workflow automation.

**Cons:**

- Users note the **missing features** in Tines, particularly in script editing and code review capabilities.
- Users face a **steep learning curve** with Tines, particularly in mastering APIs and automation interactions.
- Users feel the **lack of advanced features** in Tines hampers development and impacts workflow complexity negatively.
- Users find Tines to be **expensive** , making it challenging for smaller teams to fully benefit from its features.
- Users find the **complexity** of Tines daunting at first, as mastering its powerful features requires significant effort.

#### What Are Recent G2 Reviews of Tines?

**"[AI orchestration with Drag-and-Drop development tool](https://www.g2.com/survey_responses/tines-review-12620879)"**

**Rating:** 4.5/5.0 stars
*— Dinesh  K.*

[Read full review](https://www.g2.com/survey_responses/tines-review-12620879)

---

**"[Streamlined Automation, Minimal Coding Required](https://www.g2.com/survey_responses/tines-review-12640960)"**

**Rating:** 5.0/5.0 stars
*— Shubham B.*

[Read full review](https://www.g2.com/survey_responses/tines-review-12640960)

---


#### What Are G2 Users Discussing About Tines?

- [How do you use Tines?](https://www.g2.com/discussions/how-do-you-use-tines)
- [Is tines a soar?](https://www.g2.com/discussions/is-tines-a-soar) - 1 comment
- [What does Tines do?](https://www.g2.com/discussions/what-does-tines-do) - 1 comment
- [What is Tines automation?](https://www.g2.com/discussions/what-is-tines-automation) - 2 comments

### 2. [n8n](https://www.g2.com/products/n8n/reviews)
n8n is a workflow automation platform built for technical teams operationalizing AI. Built for technical teams, it offers 500+ integrations, custom code flexibility, and self-hosting options. With 180k+ Github Stars and a thriving community, n8n enables teams to build production-ready automation workflows that bridge AI with real business processes.


**Average Rating:** 4.7/5.0
**Total Reviews:** 285
**How Do G2 Users Rate n8n?**

- **Automated Remediation:** 8.2/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.1/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.4/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.4/10 (Category avg: 8.8/10)

**Who Is the Company Behind n8n?**

- **Seller:** [n8n GmbH](https://www.g2.com/sellers/n8n-gmbh)
- **Company Website:** https://n8n.io
- **Year Founded:** 2019
- **HQ Location:** Berlin, Berlin
- **Twitter:** @n8n_io (81,824 Twitter followers)
- **LinkedIn® Page:** https://linkedin.com/company/n8n (999 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CEO, Founder
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 78% Small-Business, 18% Mid-Market


#### What Are n8n's Pros and Cons?

**Pros:**

- Ease of Use (77 reviews)
- Automation (72 reviews)
- Integrations (42 reviews)
- Workflow Management (36 reviews)
- Features (35 reviews)

**Cons:**

- Learning Curve (39 reviews)
- Difficult Learning (23 reviews)
- Missing Features (17 reviews)
- Limitations (14 reviews)
- Poor Interface Design (14 reviews)


### What Do G2 Reviewers Say About n8n?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find n8n&#39;s **ease of use** exceptional, enhancing workflow automation with its intuitive visual editor and support tools.
- Users appreciate the **flexible and powerful automation** capabilities of n8n, streamlining complex workflows easily.
- Users value the **extensive integrations** of n8n, enabling seamless connections across numerous tools for enhanced automation.
- Users love the **flexibility and user-friendly workflow builder** of n8n, enhancing productivity and privacy management.
- Users celebrate n8n for its **all-in-one capabilities** , facilitating learning and streamlining diverse automation tasks effortlessly.

**Cons:**

- Users find n8n&#39;s **steep learning curve** challenging, especially for non-developers dealing with complex workflows.
- Users find the **difficult learning curve** of n8n challenging, especially for those without coding experience.
- Users find the **missing features** in n8n lead to unexpected costs and hinder the learning experience significantly.
- Users are frustrated by the **limited features of the cloud service** and the technical complexity for non-technical users.
- Users criticize the **poor interface design** of n8n, finding it challenging and lacking essential coding features.

#### What Are Recent G2 Reviews of n8n?

**"[Open-Source Powerhouse with Great MCP Integration and a Massive Community](https://www.g2.com/survey_responses/n8n-review-12845138)"**

**Rating:** 4.5/5.0 stars
*— Harsh S.*

[Read full review](https://www.g2.com/survey_responses/n8n-review-12845138)

---

**"[Powerful Low-Code Automation With Flexible App Connections](https://www.g2.com/survey_responses/n8n-review-13089884)"**

**Rating:** 4.0/5.0 stars
*— Juan Jose C.*

[Read full review](https://www.g2.com/survey_responses/n8n-review-13089884)

---


#### What Are G2 Users Discussing About n8n?

- [How do you use N8N?](https://www.g2.com/discussions/how-do-you-use-n8n)
- [Who uses n8n?](https://www.g2.com/discussions/who-uses-n8n)
- [Is n8n open source?](https://www.g2.com/discussions/is-n8n-open-source)
- [What does n8n do?](https://www.g2.com/discussions/what-does-n8n-do) - 3 comments

### 3. [KnowBe4 PhishER/PhishER Plus](https://www.g2.com/products/knowbe4-phisher-phisher-plus/reviews)
KnowBe4 PhishER Plus delivers automated incident response to eliminate SOC noise and remediate malicious emails across your organization simultaneously. It leverages AI to categorize reported messages across email and Microsoft Teams, automatically responding to reporters, flagging high-risk messages, and removing threats across all mailboxes. SOC teams can even flip malicious messages into training simulations to see who would have fallen victim. Customers report saving upwards of 99% of triage time, highly praising the platform&#39;s intuitive, user-friendly interface that transforms overwhelming manual workflows into fast, consistent actions. This layer of defense reviews threats slipping past other security layers, offering a single pane of glass view with leading third-party integrations like CrowdStrike, Webroot, and VirusTotal. PhishER Plus turns manual email triaging into a proactive, automated security posture.


**Average Rating:** 4.5/5.0
**Total Reviews:** 567
**How Do G2 Users Rate KnowBe4 PhishER/PhishER Plus?**

- **Automated Remediation:** 8.7/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.2/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.9/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.6/10 (Category avg: 8.8/10)

**Who Is the Company Behind KnowBe4 PhishER/PhishER Plus?**

- **Seller:** [KnowBe4, Inc.](https://www.g2.com/sellers/knowbe4-inc)
- **Company Website:** https://www.knowbe4.com
- **Year Founded:** 2010
- **HQ Location:** Clearwater, FL
- **Twitter:** @KnowBe4 (16,161 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2225282/ (2,606 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** IT Manager, Director of IT
- **Top Industries:** Financial Services, Primary/Secondary Education
- **Company Size:** 75% Mid-Market, 13% Enterprise


#### What Are KnowBe4 PhishER/PhishER Plus's Pros and Cons?

**Pros:**

- Phishing Prevention (50 reviews)
- Email Security (29 reviews)
- Automation (24 reviews)
- Security (22 reviews)
- Ease of Use (20 reviews)

**Cons:**

- False Positives (9 reviews)
- Ineffective Email Security (8 reviews)
- Email Management (7 reviews)
- Learning Curve (7 reviews)
- Setup Difficulty (7 reviews)


### What Do G2 Reviewers Say About KnowBe4 PhishER/PhishER Plus?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **customizable phishing tests** and user-friendly features of KnowBe4 PhishER/PhishER Plus for efficient threat management.
- Users value the **ability to quickly respond to email threats** , enhancing overall email security and protection.
- Users appreciate the **automation features** of PhishER, enabling timely responses and efficient email management.
- Users value the **enhanced security features** of KnowBe4 PhishER, ensuring rapid identification and response to threats.
- Users appreciate the **ease of use** of KnowBe4 PhishER/PhishER Plus, making it simple and effective for all.

**Cons:**

- Users experience frequent **false positives** , leading to wasted time on manual reviews and complicating automation efforts.
- Users find the **ineffective email security** of PhishER frustrating, as it lacks timely filtering and quarantine automation.
- Users find the **email management lacks clarity** , often missing critical threats and requiring manual intervention for consistency.
- Users find the **learning curve intimidating** for setup, requiring additional assistance for effective use of PhishER/PhishER Plus.
- Users found the **setup process challenging** , requiring additional support and time for configuration and adjustments.

#### What Are Recent G2 Reviews of KnowBe4 PhishER/PhishER Plus?

**"[PhishER Simplifies Phishing Review and Stops Threats Organization-Wide](https://www.g2.com/survey_responses/knowbe4-phisher-phisher-plus-review-13078008)"**

**Rating:** 5.0/5.0 stars
*— Weston G.*

[Read full review](https://www.g2.com/survey_responses/knowbe4-phisher-phisher-plus-review-13078008)

---

**"[User friendly and great support!](https://www.g2.com/survey_responses/knowbe4-phisher-phisher-plus-review-7661687)"**

**Rating:** 4.0/5.0 stars
*— Scott W.*

[Read full review](https://www.g2.com/survey_responses/knowbe4-phisher-phisher-plus-review-7661687)

---


#### What Are G2 Users Discussing About KnowBe4 PhishER/PhishER Plus?

- [What is phishing explain with example?](https://www.g2.com/discussions/what-is-phishing-explain-with-example)
- [Is KnowBe4 com legit?](https://www.g2.com/discussions/is-knowbe4-com-legit) - 2 comments
- [What is KnowBe4 Phish?](https://www.g2.com/discussions/what-is-knowbe4-phish) - 1 comment
- [What is a PhishER&#39;s tool?](https://www.g2.com/discussions/what-is-a-phisher-s-tool) - 4 comments

### 4. [Torq AI SOC Platform](https://www.g2.com/products/torq-ai-soc-platform/reviews)
Torq is transforming cybersecurity with the Torq AI SOC Platform. Torq empowers enterprises to instantly and precisely detect and respond to security events at scale. Torq’s customer base includes major multinational enterprise customers, including Abnormal Security, Armis, Check Point Security, Chipotle Mexican Grill, Inditex (Zara, Bershka, and Pull &amp; Bear), Informatica, Kyocera, PepsiCo, Procter &amp; Gamble, Siemens, Telefónica, Valvoline, Virgin Atlantic, and Wiz.


**Average Rating:** 4.8/5.0
**Total Reviews:** 149
**How Do G2 Users Rate Torq AI SOC Platform?**

- **Automated Remediation:** 9.2/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.6/10 (Category avg: 9.0/10)
- **Ease of Admin:** 9.5/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.3/10 (Category avg: 8.8/10)

**Who Is the Company Behind Torq AI SOC Platform?**

- **Seller:** [torq](https://www.g2.com/sellers/torq)
- **Company Website:** https://torq.io/
- **Year Founded:** 2020
- **HQ Location:** New York, US
- **Twitter:** @torq_io (1,944 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/torqio/mycompany (441 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 50% Mid-Market, 29% Small-Business


#### What Are Torq AI SOC Platform's Pros and Cons?

**Pros:**

- Ease of Use (67 reviews)
- Security (61 reviews)
- Automation (59 reviews)
- Features (55 reviews)
- Threat Detection (41 reviews)

**Cons:**

- Difficult Learning (18 reviews)
- Learning Curve (17 reviews)
- Missing Features (10 reviews)
- Improvement Needed (8 reviews)
- Poor Interface Design (8 reviews)


### What Do G2 Reviewers Say About Torq AI SOC Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Torq AI SOC Platform, making it accessible for all skill levels.
- Users value the **streamlined security process** of Torq AI SOC Platform, enhancing efficiency and rapid response to threats.
- Users appreciate the **automation capabilities** of Torq AI SOC Platform, enhancing efficiency and prioritizing critical vulnerabilities.
- Users praise the **no-code automation capabilities** of Torq AI SOC Platform, simplifying security workflows and enhancing efficiency.
- Users commend the **real-time threat detection** capabilities of Torq, enhancing incident response and overall security management.

**Cons:**

- Users face challenges with **difficult learning** due to a steep learning curve and complex documentation in Torq AI SOC Platform.
- Users face a significant **learning curve** with Torq, requiring time and training to effectively use the platform.
- Users note the **missing features** in Torq AI SOC Platform, particularly the lack of built-in playbooks and diverse widgets.
- Users suggest that **improvement is needed** in grouping findings and enhancing integration for better threat management.
- Users find the **poor interface design** of Torq AI SOC Platform challenging, affecting usability and navigation experience.

#### What Are Recent G2 Reviews of Torq AI SOC Platform?

**"[Efficient Automation with Robust Integrations](https://www.g2.com/survey_responses/torq-ai-soc-platform-review-12301239)"**

**Rating:** 5.0/5.0 stars
*— Orlando  M.*

[Read full review](https://www.g2.com/survey_responses/torq-ai-soc-platform-review-12301239)

---

**"[Centralized Incident Management That Exceeds Expectations](https://www.g2.com/survey_responses/torq-ai-soc-platform-review-12121506)"**

**Rating:** 5.0/5.0 stars
*— Octave P.*

[Read full review](https://www.g2.com/survey_responses/torq-ai-soc-platform-review-12121506)

---



### 5. [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews)
Microsoft Sentinel lets you see and stop threats before they cause harm, with SIEM reinvented for a modern world. Microsoft Sentinel is your birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make your threat detection and response smarter and faster with artificial intelligence (AI). Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can: - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft -Respond to incidents rapidly with built-in orchestration and automation of common tasks


**Average Rating:** 4.4/5.0
**Total Reviews:** 273
**How Do G2 Users Rate Microsoft Sentinel?**

- **Automated Remediation:** 8.7/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.5/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.3/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.4/10 (Category avg: 8.8/10)

**Who Is the Company Behind Microsoft Sentinel?**

- **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft)
- **Year Founded:** 1975
- **HQ Location:** Redmond, Washington
- **Twitter:** @microsoft (13,091,739 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (231,632 employees on LinkedIn®)
- **Ownership:** MSFT

**Who Uses This Product?**
- **Who Uses This:** Security Analyst, Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 42% Enterprise, 31% Mid-Market


#### What Are Microsoft Sentinel's Pros and Cons?

**Pros:**

- Real-time Monitoring (27 reviews)
- Alerting (23 reviews)
- Dashboard Usability (21 reviews)
- Response Time (16 reviews)
- Data Management (15 reviews)

**Cons:**

- Cloud Dependency (12 reviews)
- Complex Configuration (12 reviews)
- Configuration Issues (11 reviews)
- Difficult Setup (10 reviews)
- Poor Interface Design (9 reviews)


### What Do G2 Reviewers Say About Microsoft Sentinel?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **real-time monitoring** feature of Microsoft Sentinel, enabling swift detection and response to security threats.
- Users value the **automated alert response** feature in Microsoft Sentinel, enhancing security and streamlining monitoring processes.
- Users appreciate the **intuitive dashboard usability** of Microsoft Sentinel, enabling efficient tracking and management of security analytics.
- Users value the **fast threat response** of Microsoft Sentinel, enhancing security and minimizing risks effectively.
- Users value the **seamless data management** features of Microsoft Sentinel, enhancing security and streamlining workflows efficiently.

**Cons:**

- Users express concerns about **cloud dependency** , noting connectivity issues and a reliance on Microsoft software.
- Users find the **complex configuration** of Microsoft Sentinel challenging without dedicated technical expertise, leading to a steep learning curve.
- Users face **configuration issues** with Microsoft Sentinel, requiring technical expertise and time for effective setup and integration.
- Users find the **difficult setup** of Microsoft Sentinel challenging, often requiring dedicated experts and training for effective use.
- Users face challenges with the **poor interface design** of Microsoft Sentinel, making navigation and understanding features difficult.

#### What Are Recent G2 Reviews of Microsoft Sentinel?

**"[Easy Log Ingestion Across Formats with Seamless Sentinel Integrations](https://www.g2.com/survey_responses/microsoft-sentinel-review-13073395)"**

**Rating:** 4.5/5.0 stars
*— Sandip K.*

[Read full review](https://www.g2.com/survey_responses/microsoft-sentinel-review-13073395)

---

**"[Strong Centralized Visibility and Scalable Detection for Faster SOC Response](https://www.g2.com/survey_responses/microsoft-sentinel-review-12823175)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/microsoft-sentinel-review-12823175)

---


#### What Are G2 Users Discussing About Microsoft Sentinel?

- [What is Microsoft Sentinel used for?](https://www.g2.com/discussions/what-is-microsoft-sentinel-used-for) - 3 comments, 2 upvotes
- [Why should I use Azure Sentinel?](https://www.g2.com/discussions/why-should-i-use-azure-sentinel) - 1 comment
- [Which feature provides the extended detection and response capabilities of Azure Sentinel?](https://www.g2.com/discussions/which-feature-provides-the-extended-detection-and-response-capabilities-of-azure-sentinel)
- [What is the difference between Azure security Center and Azure Sentinel?](https://www.g2.com/discussions/what-is-the-difference-between-azure-security-center-and-azure-sentinel)
- [What does Azure Sentinel provide?](https://www.g2.com/discussions/what-does-azure-sentinel-provide)

### 6. [ServiceNow Security Operations](https://www.g2.com/products/servicenow-security-operations/reviews)
ServiceNow Security Operations is a sophisticated software solution designed to enhance threat and vulnerability management as well as incident response for organizations. By leveraging artificial intelligence, this platform empowers security teams to operate more efficiently and effectively, allowing for streamlined collaboration across IT, security, and risk management departments. The primary goal of ServiceNow Security Operations is to simplify complex security processes while minimizing risks associated with cybersecurity threats. Targeted at security teams within organizations of various sizes, ServiceNow Security Operations addresses the need for a cohesive approach to managing security incidents and vulnerabilities. It is particularly beneficial for organizations that utilize multiple security tools, as it integrates security and vulnerability data from these existing systems. This integration enables teams to respond to threats more rapidly by automating critical workflows and processes, thus reducing the manual effort traditionally required in incident response. Key features of ServiceNow Security Operations include intelligent workflows that automate routine tasks, allowing security professionals to focus on more strategic initiatives. The platform’s AI-driven capabilities facilitate the automatic correlation of threat intelligence from diverse sources, such as the MITRE ATT&amp;CK framework. This feature enhances situational awareness and enables teams to prioritize threats effectively based on real-time data. Additionally, the ability to take action within other security or IT management tools from a centralized console streamlines operations, ensuring that teams can respond to incidents without unnecessary delays. Moreover, the use of digital security workflows and orchestration significantly accelerates tasks such as analysis, prioritization, and remediation. By automating these processes, organizations can not only improve their response times but also enhance their overall cybersecurity posture. The integration of AI-driven automation within the ServiceNow AI Platform® further strengthens the platform&#39;s capabilities, enabling organizations to drive cyber resilience and reduce their exposure to potential threats. In summary, ServiceNow Security Operations is a comprehensive solution that addresses the complexities of modern cybersecurity challenges. By automating and simplifying threat and vulnerability management, it empowers security teams to respond more effectively, thereby enhancing the overall security framework of an organization.


**Average Rating:** 4.4/5.0
**Total Reviews:** 70
**How Do G2 Users Rate ServiceNow Security Operations?**

- **Automated Remediation:** 8.8/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.5/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.3/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.5/10 (Category avg: 8.8/10)

**Who Is the Company Behind ServiceNow Security Operations?**

- **Seller:** [ServiceNow](https://www.g2.com/sellers/servicenow)
- **Company Website:** https://www.servicenow.com/
- **Year Founded:** 2004
- **HQ Location:** Santa Clara, CA
- **Twitter:** @servicenow (55,548 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/29352/ (35,081 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 50% Enterprise, 22% Mid-Market


#### What Are ServiceNow Security Operations's Pros and Cons?

**Pros:**

- Integration Capabilities (11 reviews)
- Integration Support (10 reviews)
- Ease of Use (9 reviews)
- Integrations (8 reviews)
- Incident Management (7 reviews)

**Cons:**

- Difficult Setup (4 reviews)
- Integration Issues (4 reviews)
- Licensing Issues (3 reviews)
- Complexity (2 reviews)
- Difficult Customization (2 reviews)


### What Do G2 Reviewers Say About ServiceNow Security Operations?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **remarkable integration capabilities** of ServiceNow Security Operations, streamlining workflows and enhancing productivity.
- Users appreciate the **seamless integration capabilities** of ServiceNow Security Operations, enhancing incident management and efficiency significantly.
- Users appreciate the **ease of use** of ServiceNow Security Operations, enjoying seamless integration and quick setup for enhanced productivity.
- Users value the **seamless integration capabilities** of ServiceNow Security Operations, enhancing efficiency and productivity in incident management.
- Users value the **comprehensive incident management** features of ServiceNow, making security operations efficient and streamlined.

**Cons:**

- Users find the **difficult setup** and complex licensing of ServiceNow Security Operations challenging and often expensive.
- Users face **integration issues** due to difficult setups and limited field mapping capabilities, impacting overall functionality.
- Users find the **licensing issues** in ServiceNow Security Operations restrictive, impacting playbook access and efficiency in remediation.
- Users face **complexity in building playbooks** within ServiceNow Security Operations, making the setup process challenging and costly.
- Users find it challenging to manage **difficult customization** in ServiceNow Security Operations, hindering their ability to create effective playbooks.

#### What Are Recent G2 Reviews of ServiceNow Security Operations?

**"[Strong platform for centralized security operations and incident response](https://www.g2.com/survey_responses/servicenow-security-operations-review-12737410)"**

**Rating:** 4.5/5.0 stars
*— Dharamveer p.*

[Read full review](https://www.g2.com/survey_responses/servicenow-security-operations-review-12737410)

---

**"[Unifies Security and IT with Efficient Threat Response and Automation](https://www.g2.com/survey_responses/servicenow-security-operations-review-13059971)"**

**Rating:** 5.0/5.0 stars
*— Anshul S.*

[Read full review](https://www.g2.com/survey_responses/servicenow-security-operations-review-13059971)

---


#### What Are G2 Users Discussing About ServiceNow Security Operations?

- [What is ServiceNow sir?](https://www.g2.com/discussions/what-is-servicenow-sir)
- [What is service now in cyber security?](https://www.g2.com/discussions/what-is-service-now-in-cyber-security)
- [What are the typical functions of the Security Operations Center SOC analysts?](https://www.g2.com/discussions/what-are-the-typical-functions-of-the-security-operations-center-soc-analysts)
- [What can ServiceNow security operations do?](https://www.g2.com/discussions/what-can-servicenow-security-operations-do)

### 7. [Check Point Infinity Platform](https://www.g2.com/products/check-point-infinity-platform/reviews)
Check Point Infinity is the only fully consolidated cyber security architecture that provides unprecedented protection against Gen V mega-cyber attacks as well as future cyber threats across all networks, endpoint, cloud and mobile. The architecture is designed to resolve the complexities of growing connectivity and inefficient security.


**Average Rating:** 4.6/5.0
**Total Reviews:** 109
**How Do G2 Users Rate Check Point Infinity Platform?**

- **Quality of Support:** 8.8/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.6/10 (Category avg: 8.5/10)

**Who Is the Company Behind Check Point Infinity Platform?**

- **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies)
- **Year Founded:** 1993
- **HQ Location:** Redwood City, CA
- **Twitter:** @CheckPointSW (70,955 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,554 employees on LinkedIn®)
- **Ownership:** NASDAQ:CHKP

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 44% Enterprise, 37% Mid-Market


#### What Are Check Point Infinity Platform's Pros and Cons?

**Pros:**

- Cloud Security (20 reviews)
- Cloud Integration (16 reviews)
- Detection (16 reviews)
- Comprehensive Security (14 reviews)
- Cloud Services (13 reviews)

**Cons:**

- Learning Curve (10 reviews)
- Complexity (6 reviews)
- Improvement Needed (6 reviews)
- Poor Support Services (6 reviews)
- Limited Customization (5 reviews)


### What Do G2 Reviewers Say About Check Point Infinity Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **advanced security features** of Check Point Infinity Platform, effectively preventing future attacks on cloud applications.
- Users value the **cloud security features** of Check Point Infinity Platform for efficient audits and seamless management.
- Users highlight the **proactive threat detection** of Check Point Infinity Platform, ensuring robust security for cloud applications.
- Users appreciate the **comprehensive security** features of Check Point Infinity Platform, ensuring robust protection for cloud environments.
- Users appreciate the **advanced cloud security features** of Check Point Infinity, ensuring robust protection and ease of use.

**Cons:**

- Users find the **steep learning curve** challenging, particularly due to the complex setup and limited documentation.
- Users find the **complexity** of Check Point Infinity Platform&#39;s setup and documentation a challenge for effective management.
- Users feel the **improvement needed** in security shifting and support affects the effectiveness of the Check Point Infinity Platform.
- Users find the **poor support services** of Check Point Infinity Platform to be lacking and in need of improvement.
- Users find **limited customization** of rulesets and metrics hampers their ability to assess environments effectively.

#### What Are Recent G2 Reviews of Check Point Infinity Platform?

**"[Excellent option  Harmony Platform for security central](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11868343)"**

**Rating:** 4.5/5.0 stars
*— Tania V.*

[Read full review](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11868343)

---

**"[Seamless Hybrid Security Integration Across All Environments](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11954684)"**

**Rating:** 4.5/5.0 stars
*— Sonu S.*

[Read full review](https://www.g2.com/survey_responses/check-point-infinity-platform-review-11954684)

---


#### What Are G2 Users Discussing About Check Point Infinity Platform?

- [How does Check Point Infinity help customers?](https://www.g2.com/discussions/how-does-check-point-infinity-help-customers)
- [What are the benefits of Check Point unified security architecture?](https://www.g2.com/discussions/what-are-the-benefits-of-check-point-unified-security-architecture)
- [What are the 4 components of the Infinity architecture?](https://www.g2.com/discussions/what-are-the-4-components-of-the-infinity-architecture)
- [What is Infinity Total protection?](https://www.g2.com/discussions/what-is-infinity-total-protection)

### 8. [Google Security Operations](https://www.g2.com/products/google-security-operations/reviews)
Google Security Operations offers a unified experience across SIEM, SOAR, and threat intelligence to drive better detection, investigation, and response. Collect security telemetry data, apply threat intel to identify high priority threats, drive response with playbook automation, case management, and collaboration. It also provides Gemini-native agentic defense to help autonomously handle workflows like alert triage, threat hunting, and detection engineering. Google Security Operations also supports AI Threat Defense to monitor, detect, and respond to threats from code you do not own or cannot patch.


**Average Rating:** 4.4/5.0
**Total Reviews:** 47
**How Do G2 Users Rate Google Security Operations?**

- **Automated Remediation:** 9.8/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.3/10 (Category avg: 9.0/10)
- **Ease of Admin:** 7.8/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.8/10 (Category avg: 8.8/10)

**Who Is the Company Behind Google Security Operations?**

- **Seller:** [Google](https://www.g2.com/sellers/google)
- **Year Founded:** 1998
- **HQ Location:** Mountain View, CA
- **Twitter:** @google (31,899,995 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1441/ (341,888 employees on LinkedIn®)
- **Ownership:** NASDAQ:GOOG

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 42% Enterprise, 39% Mid-Market


#### What Are Google Security Operations's Pros and Cons?

**Pros:**

- Security (8 reviews)
- Ease of Use (6 reviews)
- Threat Detection (5 reviews)
- Comprehensive Security (3 reviews)
- Easy Integrations (3 reviews)

**Cons:**

- Expensive (6 reviews)
- Learning Curve (4 reviews)
- Complexity (3 reviews)
- Learning Difficulty (2 reviews)
- Limited Customization (2 reviews)


### What Do G2 Reviewers Say About Google Security Operations?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Google Security Operations to provide **excellent cybersecurity** with its user-friendly interface and scalable performance.
- Users love the **ease of use** of Google Security Operations, appreciating its straightforward threat detection and secure integration.
- Users appreciate the **high-speed threat detection** capabilities of Google Security Operations, facilitating swift and secure incident response.
- Users value the **comprehensive security features** of Google Security Operations for threat detection and response.
- Users value the **easy integrations** of Google Chronicle Security, enhancing their security management with seamless compatibility.

**Cons:**

- Users find the service **expensive** and complex, especially for large organizations requiring more time for training and setup.
- Users face a **steep learning curve** with Google Security Operations, especially if unfamiliar with Google Cloud services.
- Users find the **complexity of implementation** in Google Security Operations challenging and time-consuming for organizations.
- Users find the **learning difficulty** to be challenging, taking more time to master compared to other tools.
- Users find the **limited customization** options in Google Security Operations hinder adaptability to specific security needs.

#### What Are Recent G2 Reviews of Google Security Operations?

**"[Google SecOps: Intuitive UI and Powerful AI-Driven Detection with Gemini](https://www.g2.com/survey_responses/google-security-operations-review-11259633)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Insurance*

[Read full review](https://www.g2.com/survey_responses/google-security-operations-review-11259633)

---

**"[Fast, Scalable Platform That Speeds Up Security Investigations](https://www.g2.com/survey_responses/google-security-operations-review-12789503)"**

**Rating:** 4.5/5.0 stars
*— Ankith T.*

[Read full review](https://www.g2.com/survey_responses/google-security-operations-review-12789503)

---



### 9. [Palo Alto Networks Cortex XSOAR](https://www.g2.com/products/palo-alto-networks-cortex-xsoar/reviews)
Palo Alto Networks&#39; Cortex XSOAR is a comprehensive Security Orchestration, Automation, and Response (SOAR) platform designed to streamline and enhance security operations. By integrating automation, case management, real-time collaboration, and threat intelligence management, Cortex XSOAR empowers security teams to respond to incidents more efficiently and effectively. Key Features and Functionality: - Process Standardization and Automation: Cortex XSOAR offers over 270 out-of-the-box playbooks, enabling the automation of numerous security use cases. These playbooks orchestrate response actions across more than 350 third-party products, facilitating seamless integration and operational consistency. - Security-Focused Case Management: The platform unifies alerts, incidents, and indicators from various sources into a single case management framework. This consolidation accelerates incident response by providing a comprehensive view of security events. - Real-Time Collaboration: Cortex XSOAR includes a Virtual War Room equipped with built-in ChatOps and a command-line interface. This feature allows security teams to collaborate in real time, execute commands across the entire product stack, and manage incidents more effectively. - Threat Intelligence Management: The platform aggregates disparate threat intelligence sources, customizes and scores feeds, and matches indicators against the organization&#39;s specific environment. This capability enables security teams to take informed actions swiftly. Primary Value and Problem Solving: Cortex XSOAR addresses the challenges faced by security teams, such as the overwhelming volume of alerts and the need for rapid incident response. By automating repetitive tasks and standardizing processes, the platform reduces the time spent on incidents by up to 90%, allowing analysts to focus on critical threats. The integration of threat intelligence management with SOAR capabilities ensures that organizations can operationalize threat feeds effectively, enhancing their overall security posture. Additionally, the platform&#39;s extensive integration ecosystem, with over 360 third-party integrations, enables organizations to orchestrate complex workflows across their existing security infrastructure without extensive custom development.


**Average Rating:** 4.6/5.0
**Total Reviews:** 28
**How Do G2 Users Rate Palo Alto Networks Cortex XSOAR?**

- **Automated Remediation:** 9.0/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.5/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.9/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.9/10 (Category avg: 8.8/10)

**Who Is the Company Behind Palo Alto Networks Cortex XSOAR?**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,951 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (22,313 employees on LinkedIn®)
- **Ownership:** NYSE: PANW

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security
- **Company Size:** 50% Enterprise, 32% Mid-Market


#### What Are Palo Alto Networks Cortex XSOAR's Pros and Cons?

**Pros:**

- Incident Management (3 reviews)
- User Interface (2 reviews)
- Accuracy of Information (1 reviews)
- Automation (1 reviews)
- Customer Support (1 reviews)

**Cons:**

- Learning Curve (2 reviews)
- Limited Customization (1 reviews)
- Logging Issues (1 reviews)
- Log Management Issues (1 reviews)
- Poor Reporting (1 reviews)


### What Do G2 Reviewers Say About Palo Alto Networks Cortex XSOAR?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **powerful automation** capabilities of Cortex XSOAR for effective incident response and detection.
- Users appreciate the **great UI** of Cortex XSOAR, which enhances their experience with its powerful automation features.
- Users appreciate the **accuracy of information** provided by Cortex XSOAR, enhancing their efficiency and security in operations.
- Users appreciate the **powerful task automation** capabilities of Palo Alto Networks Cortex XSOAR for incident response.
- Users appreciate the **direct customer support** of Palo Alto Networks Cortex XSOAR, enhancing their incident response experience.

**Cons:**

- Users find the **steep learning curve** of Palo Alto Networks Cortex XSOAR challenging, requiring significant time to master.
- Users desire more **customization options** in reporting to enhance their experience with Cortex XSOAR.
- Users struggle with **logging issues** , as data logs are difficult to read quickly without opening new tabs.
- Users face **log management issues** as data logs are hard to read quickly, requiring new tabs for clarity.
- Users feel the **reporting features** could be enhanced and desire greater customization options for better usability.

#### What Are Recent G2 Reviews of Palo Alto Networks Cortex XSOAR?

**"[Powerful Tool with Clean Data and Seamless Integrations](https://www.g2.com/survey_responses/palo-alto-networks-cortex-xsoar-review-11967977)"**

**Rating:** 5.0/5.0 stars
*— Pablo V.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-networks-cortex-xsoar-review-11967977)

---

**"[Unlocking Security Operations automation with Cortex XSOAR](https://www.g2.com/survey_responses/palo-alto-networks-cortex-xsoar-review-10447892)"**

**Rating:** 5.0/5.0 stars
*— Jai P.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-networks-cortex-xsoar-review-10447892)

---


#### What Are G2 Users Discussing About Palo Alto Networks Cortex XSOAR?

- [What is Palo Alto Networks Cortex XSOAR used for?](https://www.g2.com/discussions/what-is-palo-alto-networks-cortex-xsoar-used-for)

### 10. [Barracuda Incident Response](https://www.g2.com/products/barracuda-incident-response/reviews)
No email defense technology can protect against increasingly advanced email threats 100 percent of the time. Some advanced social engineering attacks like business email compromise will reach users’ mailboxes. And when they do, you need to respond quickly and accurately to minimize the scope and severity of damage. Barracuda Incident Response lets you respond to threats quickly and effectively, by automating investigative workflows and enabling direct removal of malicious emails


**Average Rating:** 4.5/5.0
**Total Reviews:** 16
**How Do G2 Users Rate Barracuda Incident Response?**

- **Automated Remediation:** 9.2/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.4/10 (Category avg: 9.0/10)
- **Ease of Admin:** 9.6/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.6/10 (Category avg: 8.8/10)

**Who Is the Company Behind Barracuda Incident Response?**

- **Seller:** [Barracuda](https://www.g2.com/sellers/barracuda)
- **Year Founded:** 2002
- **HQ Location:** Campbell, CA
- **Twitter:** @Barracuda (15,239 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/barracuda-networks/ (2,248 employees on LinkedIn®)
- **Ownership:** Private

**Who Uses This Product?**
- **Company Size:** 50% Mid-Market, 25% Enterprise


#### What Are Barracuda Incident Response's Pros and Cons?

**Pros:**

- Email Security (2 reviews)
- Cybersecurity (1 reviews)
- Features (1 reviews)
- Incident Management (1 reviews)
- Security (1 reviews)

**Cons:**

- Email Management (1 reviews)


### What Do G2 Reviewers Say About Barracuda Incident Response?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **instant email threat removal** feature, allowing quick action against potential risks and threats.
- Users find Barracuda Incident Response to be an **incredible tool** for effective remediation and investigation in cybersecurity.
- Users value the **email search and removal** capability in Barracuda Incident Response for its efficiency and effectiveness.
- Users find Barracuda Incident Response to be an **invaluable tool** for effective remediation and investigation in cybersecurity.
- Users appreciate the **instant threat removal** capability of Barracuda Incident Response, preventing larger issues from arising.

**Cons:**

- Users wish the **email blocking capability** was more comprehensive across all gateway levels for better management.

#### What Are Recent G2 Reviews of Barracuda Incident Response?

**"[Instant Email Threat Removal That Makes a Big Difference](https://www.g2.com/survey_responses/barracuda-incident-response-review-12340166)"**

**Rating:** 4.5/5.0 stars
*— Jose C.*

[Read full review](https://www.g2.com/survey_responses/barracuda-incident-response-review-12340166)

---

**"[Amazing product](https://www.g2.com/survey_responses/barracuda-incident-response-review-12337161)"**

**Rating:** 5.0/5.0 stars
*— Peter E.*

[Read full review](https://www.g2.com/survey_responses/barracuda-incident-response-review-12337161)

---


#### What Are G2 Users Discussing About Barracuda Incident Response?

- [What is Barracuda Incident Response used for?](https://www.g2.com/discussions/what-is-barracuda-incident-response-used-for)

### 11. [Proofpoint Threat Response](https://www.g2.com/products/proofpoint-threat-response/reviews)
Proofpoint Threat Response takes the manual labor and guesswork out of incident response to help you resolve threats faster and more efficiently.


**Average Rating:** 4.6/5.0
**Total Reviews:** 17
**How Do G2 Users Rate Proofpoint Threat Response?**

- **Automated Remediation:** 9.0/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.8/10 (Category avg: 9.0/10)
- **Ease of Admin:** 9.3/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.0/10 (Category avg: 8.8/10)

**Who Is the Company Behind Proofpoint Threat Response?**

- **Seller:** [Proofpoint](https://www.g2.com/sellers/proofpoint)
- **Year Founded:** 2002
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @proofpoint (31,157 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/proofpoint (5,146 employees on LinkedIn®)
- **Ownership:** NASDAQ: PFPT

**Who Uses This Product?**
- **Company Size:** 56% Mid-Market, 22% Small-Business


#### What Are Proofpoint Threat Response's Pros and Cons?

**Pros:**

- Email Security (2 reviews)
- Automated Response (1 reviews)
- Phishing Prevention (1 reviews)
- Security (1 reviews)
- Threat Detection (1 reviews)

**Cons:**

- Email Management (1 reviews)
- False Positives (1 reviews)
- Learning Curve (1 reviews)


### What Do G2 Reviewers Say About Proofpoint Threat Response?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise the **automatic recall of suspicious emails** by Proofpoint Threat Response, enhancing their company&#39;s email security.
- Users appreciate the **automated recall of suspicious emails** , enhancing their email security and peace of mind.
- Users appreciate the **automatic recall of suspicious emails** in Proofpoint Threat Response for enhanced phishing prevention.
- Users benefit from the **comprehensive security tools** of Proofpoint Threat Response, ensuring their company&#39;s safety.
- Users appreciate the **comprehensive tools for threat detection** that enhance their company&#39;s security effectively.

**Cons:**

- Users report frequent **false positives** causing numerous emails to be recalled and replaced, impacting email management efficiency.
- Users report encountering **numerous false positives** , leading to significant disruptions with email recalls and replacements.
- Users note that while there&#39;s a **steep learning curve** , Proofpoint offers ample training and support resources.

#### What Are Recent G2 Reviews of Proofpoint Threat Response?

**"[Quick Alerts and Clear, Detailed Summaries for Suspicious Emails](https://www.g2.com/survey_responses/proofpoint-threat-response-review-12478488)"**

**Rating:** 5.0/5.0 stars
*— Casey M.*

[Read full review](https://www.g2.com/survey_responses/proofpoint-threat-response-review-12478488)

---

**"[Takes time to learn, but Great product!](https://www.g2.com/survey_responses/proofpoint-threat-response-review-9471662)"**

**Rating:** 4.0/5.0 stars
*— Joshua B.*

[Read full review](https://www.g2.com/survey_responses/proofpoint-threat-response-review-9471662)

---



### 12. [Palo Alto Cortex XSIAM](https://www.g2.com/products/palo-alto-cortex-xsiam/reviews)
Product Description: Palo Alto Networks&#39; Cortex XSIAM is an AI-driven security operations platform designed to transform traditional Security Operations Centers by integrating and automating key functions such as data centralization, threat detection, and incident response. By leveraging machine learning and automation, it enables organizations to detect and respond to threats more efficiently, reducing manual workloads and improving overall security posture. Key Features and Functionality: - Data Centralization: Aggregates data from various sources into a unified platform, providing comprehensive visibility across the enterprise. - AI-Powered Threat Detection: Utilizes machine learning algorithms to identify anomalies and potential threats in real-time. - Automated Incident Response: Streamlines response processes through automation, enabling rapid mitigation of security incidents. - Integrated SOC Capabilities: Combines functions such as Extended Detection and Response , Security Orchestration, Automation, and Response , Attack Surface Management , and Security Information and Event Management into a cohesive platform, eliminating the need for multiple disparate tools. - Scalability: Designed to handle large volumes of data and adapt to the evolving needs of modern enterprises. Primary Value and Problem Solved: Cortex XSIAM addresses the challenges of disjointed data, weak threat defense, and heavy reliance on manual work in traditional SOCs. By centralizing data and automating security operations, it simplifies processes, enhances threat detection accuracy, and accelerates incident response times. This transformation enables organizations to proactively outpace threats, reduce operational costs, and achieve a more robust security posture.


**Average Rating:** 4.4/5.0
**Total Reviews:** 64
**How Do G2 Users Rate Palo Alto Cortex XSIAM?**

- **Automated Remediation:** 7.3/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.1/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.0/10 (Category avg: 8.5/10)
- **Workflow Automation:** 7.5/10 (Category avg: 8.8/10)

**Who Is the Company Behind Palo Alto Cortex XSIAM?**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Company Website:** https://www.paloaltonetworks.com
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,951 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (22,313 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 49% Enterprise, 29% Mid-Market


#### What Are Palo Alto Cortex XSIAM's Pros and Cons?

**Pros:**

- Ease of Use (50 reviews)
- Threat Detection (37 reviews)
- Integrations (28 reviews)
- Cybersecurity (27 reviews)
- Features (27 reviews)

**Cons:**

- Expensive (28 reviews)
- Difficult Learning (17 reviews)
- Complexity (14 reviews)
- Integration Issues (14 reviews)
- UX Improvement (12 reviews)


### What Do G2 Reviewers Say About Palo Alto Cortex XSIAM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Palo Alto Cortex XSIAM to be **easy to understand and user-friendly** , enhancing their security product integration experience.
- Users value the **effective threat detection** capabilities of Palo Alto Cortex XSIAM, identifying both known and unknown risks.
- Users value the **easy integrations** with multiple systems, enhancing the functionality and efficiency of Palo Alto Cortex XSIAM.
- Users value the **rapid incident response capabilities** of Palo Alto Cortex XSIAM, enhancing overall cybersecurity effectiveness.
- Users appreciate the **intuitive dashboard and easy threat detection** features of Cortex XSIAM, enhancing overall security management.

**Cons:**

- Users find the **cost of Palo Alto Cortex XSIAM to be prohibitively expensive** , affecting its overall value and accessibility.
- Users find the **difficult learning** curve of Palo Alto Cortex XSIAM challenging, especially for non-technical users.
- Users find the **complexity** of Palo Alto Cortex XSIAM overwhelming, requiring significant time and expertise to effectively manage.
- Users face significant **integration issues** with Palo Alto Cortex XSIAM, affecting overall usability and performance negatively.
- Users face **significant UX challenges** with Palo Alto Cortex XSIAM, citing a less intuitive interface and limited customization.

#### What Are Recent G2 Reviews of Palo Alto Cortex XSIAM?

**"[Palo Alto Cortex XSIAM Streamlines SOC Work with Smart Noise Reduction and Automation](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-12626074)"**

**Rating:** 5.0/5.0 stars
*— Rohan K.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-12626074)

---

**"[Streamlines Security Operations with Automation](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-13067964)"**

**Rating:** 4.0/5.0 stars
*— Ronald D.*

[Read full review](https://www.g2.com/survey_responses/palo-alto-cortex-xsiam-review-13067964)

---


#### What Are G2 Users Discussing About Palo Alto Cortex XSIAM?

- [What is IBM Security ReaQta used for?](https://www.g2.com/discussions/what-is-ibm-security-reaqta-used-for)
- [What does QRadar stand for?](https://www.g2.com/discussions/what-does-qradar-stand-for) - 1 comment, 1 upvote
- [How do I use IBM QRadar?](https://www.g2.com/discussions/how-do-i-use-ibm-qradar) - 1 comment
- [What are the key component of IBM QRadar?](https://www.g2.com/discussions/what-are-the-key-component-of-ibm-qradar) - 1 comment
- [What is IBM QRadar Siem?](https://www.g2.com/discussions/what-is-ibm-qradar-siem) - 1 comment

### 13. [Splunk SOAR (Security Orchestration, Automation and Response)](https://www.g2.com/products/splunk-soar-security-orchestration-automation-and-response/reviews)
Splunk SOAR provides security orchestration, automation and response capabilities that allow security analysts to work smarter by automating repetitive tasks; respond to security incidents faster with automated detection, investigation, and response; increase productivity, efficiency and accuracy; and strengthen defenses by connecting and coordinating complex workflows across their team and tools. Splunk SOAR also supports a broad range of security operations center (SOC) functions including event and case management, integrated threat intelligence, collaboration tools and reporting.


**Average Rating:** 4.4/5.0
**Total Reviews:** 39
**How Do G2 Users Rate Splunk SOAR (Security Orchestration, Automation and Response)?**

- **Automated Remediation:** 8.6/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.8/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.1/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.7/10 (Category avg: 8.8/10)

**Who Is the Company Behind Splunk SOAR (Security Orchestration, Automation and Response)?**

- **Seller:** [Cisco](https://www.g2.com/sellers/cisco)
- **Year Founded:** 1984
- **HQ Location:** San Jose, CA
- **Twitter:** @Cisco (720,366 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,545 employees on LinkedIn®)
- **Ownership:** NASDAQ:CSCO

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Consulting
- **Company Size:** 40% Mid-Market, 35% Enterprise


#### What Are Splunk SOAR (Security Orchestration, Automation and Response)'s Pros and Cons?

**Pros:**

- Automation (16 reviews)
- Security (13 reviews)
- Features (9 reviews)
- Threat Detection (8 reviews)
- Ease of Use (7 reviews)

**Cons:**

- Expensive (16 reviews)
- Learning Curve (7 reviews)
- Difficult Learning (6 reviews)
- Complexity (5 reviews)
- Poor Interface Design (4 reviews)


### What Do G2 Reviewers Say About Splunk SOAR (Security Orchestration, Automation and Response)?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **automation capabilities** of Splunk SOAR, enhancing real-time threat response and reducing human error.
- Users value the **effective incident management** capabilities of Splunk SOAR, enhancing their security response and automation efficiency.
- Users value the **flexibility and effectiveness** of Splunk SOAR in analyzing threats and orchestrating workflows seamlessly.
- Users value the **easy threat detection** capabilities of Splunk SOAR, enhancing their security analysis and response strategies.
- Users appreciate the **ease of use** in Splunk SOAR, with simple customization and integration for security needs.

**Cons:**

- Users find Splunk SOAR **too expensive** , making it challenging for normal users to afford and implement effectively.
- Users find the **learning curve steep** , requiring extensive knowledge and training to navigate Splunk SOAR effectively.
- Users find the **difficult learning curve** of Splunk SOAR challenging, especially for beginners in automation platforms.
- Users find the **complexity** of Splunk SOAR challenging, especially for beginners, impacting their learning curve.
- Users find the **poor interface design** of Splunk SOAR challenging, particularly for beginners navigating its features.

#### What Are Recent G2 Reviews of Splunk SOAR (Security Orchestration, Automation and Response)?

**"[Splunk SOAR is an awesome automation and security software](https://www.g2.com/survey_responses/splunk-soar-security-orchestration-automation-and-response-review-9922387)"**

**Rating:** 5.0/5.0 stars
*— Noor  Z.*

[Read full review](https://www.g2.com/survey_responses/splunk-soar-security-orchestration-automation-and-response-review-9922387)

---

**"[Splunk SOAR is a good software for automation](https://www.g2.com/survey_responses/splunk-soar-security-orchestration-automation-and-response-review-9922172)"**

**Rating:** 5.0/5.0 stars
*— Dheeraj T.*

[Read full review](https://www.g2.com/survey_responses/splunk-soar-security-orchestration-automation-and-response-review-9922172)

---


#### What Are G2 Users Discussing About Splunk SOAR (Security Orchestration, Automation and Response)?

- [What is Splunk SOAR (Security Orchestration, Automation and Response) used for?](https://www.g2.com/discussions/what-is-splunk-soar-security-orchestration-automation-and-response-used-for)

### 14. [Blink](https://www.g2.com/products/blink-ops-blink/reviews)
Automate Everything Security in the Blink of AI Blink is a security workflow automation platform designed to make building, collaborating, and scaling all things security &amp; beyond effortless using generative AI. Whether you prefer code, low-code, or no-code, Blink has got you covered. Easily drag and drop the actions you want into a workflow, leveraging the over 30,000 integrations available in the automation library, or use Blink Copilot to generate a workflow with a natural language prompt. Use Blink as an automation hub, where security teams go to quickly develop, collaborate, and automate their security ideas. Leverage the platform’s 10,000+ workflows that come out of the box to quickly build workflows for real-time remediation. Generate automation workflows for standalone use cases or build an end-to-end proactive automation strategy, streamlining security responses across your entire organization.


**Average Rating:** 4.7/5.0
**Total Reviews:** 19
**How Do G2 Users Rate Blink?**

- **Automated Remediation:** 9.0/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.8/10 (Category avg: 9.0/10)
- **Ease of Admin:** 9.5/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.6/10 (Category avg: 8.8/10)

**Who Is the Company Behind Blink?**

- **Seller:** [Blink Ops](https://www.g2.com/sellers/blink-ops)
- **Company Website:** https://www.blinkops.com
- **Year Founded:** 2021
- **HQ Location:** Austin, US
- **Twitter:** @getBlinkOps (706 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/blink-ops/ (126 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software
- **Company Size:** 63% Mid-Market, 21% Enterprise


#### What Are Blink's Pros and Cons?

**Pros:**

- Ease of Use (2 reviews)
- Automation (1 reviews)
- Customer Support (1 reviews)
- Easy Setup (1 reviews)
- Features (1 reviews)

**Cons:**

- Limitations (2 reviews)
- Limited Features (1 reviews)


### What Do G2 Reviewers Say About Blink?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend the **ease of use** of Blink, simplifying setup and enhancing the overall experience significantly.
- Users value the **effective automation** with Blink, leading to impressive security outcomes and significant cost efficiency.
- Users commend the **exceptional customer support** of Blink, enhancing ease of use and driving powerful security outcomes.
- Users appreciate the **easy setup** of Blink, enabling a quick and seamless introduction to its features.
- Users value the **seamless JavaScript execution** of Blink, enhancing their web project workflows significantly.

**Cons:**

- Users note **limited extensibility** in Blink, particularly problematic for large and complex projects.
- Users find Blink&#39;s **limited extensibility** problematic, especially for large and complex projects.

#### What Are Recent G2 Reviews of Blink?

**"[Collaboration with Blink, focusing on outcomes over possibilities](https://www.g2.com/survey_responses/blink-review-9911596)"**

**Rating:** 5.0/5.0 stars
*— Uriel A.*

[Read full review](https://www.g2.com/survey_responses/blink-review-9911596)

---

**"[Compatibility Champion, Limited Extensibility](https://www.g2.com/survey_responses/blink-review-11995069)"**

**Rating:** 4.5/5.0 stars
*— VISHNU S.*

[Read full review](https://www.g2.com/survey_responses/blink-review-11995069)

---



### 15. [IBM QRadar SOAR](https://www.g2.com/products/ibm-qradar-soar/reviews)
IBM QRadar® SOAR is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides your team in resolving incidents by codifying established incident response processes into dynamic playbooks. The open and agnostic platform helps accelerate and orchestrate their response by automating actions with intelligence and integrating with other security tools. IBM QRadar SOAR is available on AWS Marketplace.


**Average Rating:** 4.0/5.0
**Total Reviews:** 25
**How Do G2 Users Rate IBM QRadar SOAR?**

- **Automated Remediation:** 7.5/10 (Category avg: 8.6/10)
- **Quality of Support:** 7.9/10 (Category avg: 9.0/10)
- **Ease of Admin:** 6.7/10 (Category avg: 8.5/10)
- **Workflow Automation:** 7.4/10 (Category avg: 8.8/10)

**Who Is the Company Behind IBM QRadar SOAR?**

- **Seller:** [IBM](https://www.g2.com/sellers/ibm)
- **Year Founded:** 1911
- **HQ Location:** Armonk, New York, United States
- **Twitter:** @IBMSecurity (74,660 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (328,202 employees on LinkedIn®)
- **Ownership:** SWX:IBM

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services
- **Company Size:** 72% Enterprise, 21% Mid-Market


#### What Are IBM QRadar SOAR's Pros and Cons?

**Pros:**

- Ease of Use (5 reviews)
- Automation (3 reviews)
- Easy Integrations (3 reviews)
- Integrations (3 reviews)
- Customer Support (2 reviews)

**Cons:**

- Integration Issues (3 reviews)
- Complexity (2 reviews)
- Limited Integration (2 reviews)
- System Limitations (2 reviews)
- Bug Issues (1 reviews)


### What Do G2 Reviewers Say About IBM QRadar SOAR?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of IBM QRadar SOAR, enabling quick customization and integration with tools.
- Users value the **automation capabilities** of IBM QRadar SOAR, significantly reducing manual work in security operations.
- Users value the **easy integrations** with various tools, simplifying workflows and enhancing security processes effectively.
- Users value the **seamless integration** of IBM QRadar SOAR with various tools, enhancing efficiency in security operations.
- Users appreciate the **responsive customer support** from IBM, highlighting quick resolutions and user-friendly console experiences.

**Cons:**

- Users face **integration issues** with IBM QRadar SOAR, finding it difficult to connect with necessary applications and systems.
- Users find the **complexity of IBM QRadar SOAR** daunting at first, requiring time to adapt to its features.
- Users note the **limited integration** options in IBM QRadar SOAR, making complex implementations challenging and inefficient.
- Users experience **system limitations** with IBM QRadar SOAR, particularly in advanced transformations and integration challenges.
- Users often face **bug issues** with workflows, including errors and lagging, impacting their productivity.

#### What Are Recent G2 Reviews of IBM QRadar SOAR?

**"[Analyze Soar Qradar](https://www.g2.com/survey_responses/ibm-qradar-soar-review-9842312)"**

**Rating:** 5.0/5.0 stars
*— Aparecido A.*

[Read full review](https://www.g2.com/survey_responses/ibm-qradar-soar-review-9842312)

---

**"[IBM Security QRadar SOAR](https://www.g2.com/survey_responses/ibm-qradar-soar-review-9696782)"**

**Rating:** 4.5/5.0 stars
*— Prashanth K.*

[Read full review](https://www.g2.com/survey_responses/ibm-qradar-soar-review-9696782)

---



### 16. [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews)
Sumo Logic, Inc. unifies and analyzes enterprise data, translating it into actionable insights through one AI-powered cloud-native log analytics platform. This single source of truth enables Dev, Sec and Ops teams to simplify complexity, collaborate efficiently and accelerate data-driven decisions that drive business value. Customers around the world rely on the Sumo Logic SaaS Log Analytics Platform for trusted insights to ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. For more information, visit: SUMOLOGIC.COM


**Average Rating:** 4.3/5.0
**Total Reviews:** 391
**How Do G2 Users Rate Sumo Logic?**

- **Automated Remediation:** 8.8/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.5/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.4/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.3/10 (Category avg: 8.8/10)

**Who Is the Company Behind Sumo Logic?**

- **Seller:** [Sumo Logic](https://www.g2.com/sellers/sumo-logic)
- **Company Website:** https://www.sumologic.com
- **Year Founded:** 2010
- **HQ Location:** Redwood City, CA
- **Twitter:** @SumoLogic (6,542 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1037816/ (838 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Senior Software Engineer
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 48% Mid-Market, 37% Enterprise


#### What Are Sumo Logic's Pros and Cons?

**Pros:**

- Ease of Use (54 reviews)
- Log Management (44 reviews)
- Features (32 reviews)
- Insights (30 reviews)
- Real-time Monitoring (29 reviews)

**Cons:**

- Expensive (18 reviews)
- Difficult Learning (16 reviews)
- Learning Curve (16 reviews)
- Learning Difficulty (16 reviews)
- Slow Performance (16 reviews)


### What Do G2 Reviewers Say About Sumo Logic?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** in Sumo Logic, appreciating its simple learning curve and effective configurations.
- Users value the **ease of searching and configuring logs** with Sumo Logic, enhancing their monitoring experience.
- Users appreciate the **Continuous Intelligence feature** of Sumo Logic for transforming data into actionable insights rapidly.
- Users value the **powerful visualization and flexible analytics** of Sumo Logic, enhancing operational efficiency and responsiveness.
- Users appreciate the **real-time monitoring** capabilities of Sumo Logic, which enhance insights and simplify data management.

**Cons:**

- Users cite Sumo Logic as **expensive** , raising concerns over whether the high cost is justified by its benefits.
- Users find the **difficult learning** curve with Sumo Logic hampers their ability to use its features efficiently.
- Users find the **steep learning curve** of Sumo Logic challenging, especially with complex queries and setup requirements.
- Users face a **steep learning curve** with Sumo Logic, especially when mastering its complex query language and analytics setup.
- Users experience **slow performance** with Sumo Logic, facing delays in alerts and a cumbersome interface that hinders efficiency.

#### What Are Recent G2 Reviews of Sumo Logic?

**"[Centralized Logging with Intuitive Dashboards](https://www.g2.com/survey_responses/sumo-logic-review-12948839)"**

**Rating:** 4.5/5.0 stars
*— Sudarshan B.*

[Read full review](https://www.g2.com/survey_responses/sumo-logic-review-12948839)

---

**"[AI Activity Monitoring That Makes Auditing and Debugging Easy](https://www.g2.com/survey_responses/sumo-logic-review-12888562)"**

**Rating:** 4.5/5.0 stars
*— Vishal S.*

[Read full review](https://www.g2.com/survey_responses/sumo-logic-review-12888562)

---


#### What Are G2 Users Discussing About Sumo Logic?

- [What is Cloud SOAR used for?](https://www.g2.com/discussions/what-is-cloud-soar-used-for) - 1 comment, 1 upvote
- [Is Sumo Logic a SIEM?](https://www.g2.com/discussions/is-sumo-logic-a-siem)
- [What is Sumo Logic used for?](https://www.g2.com/discussions/what-is-sumo-logic-used-for)
- [Who are Sumo Logic competitors?](https://www.g2.com/discussions/who-are-sumo-logic-competitors) - 1 comment
- [How much does Sumo Logic cost?](https://www.g2.com/discussions/how-much-does-sumo-logic-cost)

### 17. [Demisto](https://www.g2.com/products/demisto/reviews)
Demisto is a platform that provides automated and collaborative security solutions.


**Average Rating:** 4.5/5.0
**Total Reviews:** 15
**How Do G2 Users Rate Demisto?**

- **Automated Remediation:** 10.0/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.8/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.7/10 (Category avg: 8.5/10)
- **Workflow Automation:** 10.0/10 (Category avg: 8.8/10)

**Who Is the Company Behind Demisto?**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,951 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (22,313 employees on LinkedIn®)
- **Ownership:** NYSE: PANW

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services
- **Company Size:** 53% Mid-Market, 40% Small-Business



#### What Are Recent G2 Reviews of Demisto?

**"[great tool for a SOC center](https://www.g2.com/survey_responses/demisto-review-4499570)"**

**Rating:** 5.0/5.0 stars
*— Parth P.*

[Read full review](https://www.g2.com/survey_responses/demisto-review-4499570)

---

**"[Great Product for SOC Team](https://www.g2.com/survey_responses/demisto-review-8594931)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Banking*

[Read full review](https://www.g2.com/survey_responses/demisto-review-8594931)

---



### 18. [Exabeam New-Scale Platform](https://www.g2.com/products/exabeam-exabeam-new-scale-platform/reviews)
The Exabeam New-Scale Security Operations Platform is built to help organizations detect, investigate, and respond to insider threats tied to both human users and non-human identities. It brings together behavioral analytics, automation, and AI-driven workflows to help security operations teams reduce risk and maintain operational integrity. The platform supports AI agent-powered threat detection, investigation, and response (TDIR) by automating high-friction tasks and applying behavioral context to every signal. By combining proactive risk identification with fast, guided response, the New-Scale Platform helps teams move from alert handling to informed decision-making. Designed for enterprise security operations teams, the New-Scale Platform supports organizations that need consistent visibility into internal risk without adding operational overhead. Analysts use behavioral analytics to understand what is normal for a user or agent, then quickly spot meaningful deviations. This approach is especially valuable in data-sensitive industries such as finance, healthcare, and technology, where internal misuse, compromised credentials, or agent misuse can create immediate business impact. At the core of the New-Scale Platform is advanced behavioral analytics. The platform analyzes activity patterns across identities, devices, and services to establish baselines of normal behavior. When activity deviates from those baselines, dynamic risk scoring helps security teams focus on the activity most likely to indicate misuse or compromise. This reduces alert noise and shortens the time it takes to understand what is happening and why. The New-Scale Platform also extends user and entity behavior analytics (UEBA) to non-human identities through Agent Behavior Analytics (ABA). ABA applies the same behavior-based approach as UEBA to service accounts, APIs, automation tools, and AI agents. By monitoring how agents typically interact with data and systems, the platform helps teams detect misuse, drift, or compromise that traditional controls often miss. Automation plays a central role in improving day-to-day operations. The New-Scale Platform automates investigation steps, enrichment, and response actions within TDIR workflows, allowing analysts to spend less time on repetitive tasks and more time validating risk and containing incidents. Behavioral context and AI-driven prioritization help teams address the most relevant threats first, improving response consistency without increasing workload. With the Exabeam New-Scale Platform, security teams can benchmark and prove the value of their security program against peers and measurable outcomes. Outcomes Navigator translates raw security data into business-relevant insights to demonstrate progress against the most strategic use cases, MITRE ATT&amp;CK TTPs, and compliance initiatives. Together, user and entity behavior analytics (UEBA), Agent Behavior Analytics (ABA), and agent-powered automated TDIR workflows help security operations teams detect insider risk earlier, investigate faster, and respond with greater precision. The New-Scale Platform gives organizations a practical way to manage insider threats tied to people and agents, accelerate security operations, and prove security impact over time.


**Average Rating:** 4.6/5.0
**Total Reviews:** 14
**How Do G2 Users Rate Exabeam New-Scale Platform?**

- **Automated Remediation:** 10.0/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.1/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.8/10 (Category avg: 8.5/10)
- **Workflow Automation:** 10.0/10 (Category avg: 8.8/10)

**Who Is the Company Behind Exabeam New-Scale Platform?**

- **Seller:** [Exabeam](https://www.g2.com/sellers/exabeam)
- **Company Website:** https://www.exabeam.com
- **Year Founded:** 2013
- **HQ Location:** Broomfield, CO
- **Twitter:** @exabeam (5,374 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/exabeam (793 employees on LinkedIn®)

**Who Uses This Product?**
- **Company Size:** 57% Enterprise, 29% Mid-Market


#### What Are Exabeam New-Scale Platform's Pros and Cons?

**Pros:**

- Ease of Use (5 reviews)
- Detection Accuracy (3 reviews)
- Features (3 reviews)
- Security (3 reviews)
- Automation (2 reviews)

**Cons:**

- Complexity (2 reviews)
- Complex Setup (2 reviews)
- Difficult Setup (2 reviews)
- Parsing Issues (2 reviews)
- Software Complexity (2 reviews)


### What Do G2 Reviewers Say About Exabeam New-Scale Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Exabeam New-Scale Platform, facilitating smooth integration and efficient incident management.
- Users commend the **detection accuracy** of Exabeam New-Scale Platform, enhancing security team efficiency and response times.
- Users appreciate the **easy integration and robust security features** of Exabeam New-Scale Platform, enhancing their security management.
- Users praise the **world-class security features** of Exabeam New-Scale Platform, ensuring comprehensive monitoring and visibility.
- Users value the **automation capabilities** of Exabeam, enhancing efficiency in threat response and reducing manual efforts.

**Cons:**

- Users face challenges due to the **complexity** of Exabeam&#39;s platform, requiring significant expertise for effective management.
- Users find the **complex setup** challenging, requiring significant expertise for effective management and configuration.
- Users find the **difficult setup** of Exabeam New-Scale Platform cumbersome, requiring significant expertise for effective management.
- Users find the **parsing issues** of Exabeam New-Scale Platform challenging, impacting user-friendliness and functionality.
- Users find the **software complexity** of Exabeam New-Scale Platform challenging, needing expertise for effective setup and management.

#### What Are Recent G2 Reviews of Exabeam New-Scale Platform?

**"[Gives Security Teams Their Time Back with Smart Threat Visibility](https://www.g2.com/survey_responses/exabeam-new-scale-platform-review-9889355)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Computer Software*

[Read full review](https://www.g2.com/survey_responses/exabeam-new-scale-platform-review-9889355)

---

**"[The perfect SIEM](https://www.g2.com/survey_responses/exabeam-new-scale-platform-review-10644742)"**

**Rating:** 5.0/5.0 stars
*— Jorge T.*

[Read full review](https://www.g2.com/survey_responses/exabeam-new-scale-platform-review-10644742)

---


#### What Are G2 Users Discussing About Exabeam New-Scale Platform?

- [What are the components of SIEM?](https://www.g2.com/discussions/what-are-the-components-of-siem) - 1 comment
- [What are three characteristics of SIEM?](https://www.g2.com/discussions/what-are-three-characteristics-of-siem) - 1 comment

### 19. [SIRP](https://www.g2.com/products/sirp/reviews)
SIRP is an AI-native Autonomous SOC platform designed to evolve traditional Security Orchestration, Automation, and Response (SOAR) into governed, decision-driven security operations. Unlike legacy SOAR tools that rely on static playbooks and workflow automation, SIRP enables intelligent AI agents to analyze alerts, compute risk, execute response actions, and continuously learn from outcomes within defined policy boundaries. The platform combines contextual reasoning, real-time intelligence, and adaptive learning to reduce manual triage, minimize alert fatigue, and accelerate incident response while maintaining governance, auditability, and control. SIRP supports enterprise SOC teams and MSSPs seeking to operate at machine speed without sacrificing human oversight for high-impact decisions.


**Average Rating:** 4.7/5.0
**Total Reviews:** 22
**How Do G2 Users Rate SIRP?**

- **Automated Remediation:** 9.2/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.8/10 (Category avg: 9.0/10)
- **Ease of Admin:** 10.0/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.3/10 (Category avg: 8.8/10)

**Who Is the Company Behind SIRP?**

- **Seller:** [SIRP](https://www.g2.com/sellers/sirp)
- **Year Founded:** 2017
- **HQ Location:** Bethesda, Maryland
- **Twitter:** @sirp_io (74 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/13684515/ (57 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services
- **Company Size:** 41% Small-Business, 37% Mid-Market


#### What Are SIRP's Pros and Cons?

**Pros:**

- Automation (1 reviews)
- Customer Support (1 reviews)
- Ease of Use (1 reviews)
- Easy Integrations (1 reviews)
- Features (1 reviews)



### What Do G2 Reviewers Say About SIRP?
*AI-generated summary from verified user reviews*

**Pros:**

- Users admire the **automation capabilities** of SIRP, enhancing security processes with seamless orchestration and response tools.
- Users commend the **excellent customer support** provided by SIRP, enhancing their overall experience with the tool.
- Users value the **ease of use** of SIRP, enhancing their experience with robust support and integration options.
- Users value the **easy integrations** offered by SIRP, enhancing their security automation and response capabilities effortlessly.
- Users highlight the **ease of use and excellent support** of SIRP, enhancing their security automation experience.


#### What Are Recent G2 Reviews of SIRP?

**"[SIRP increased our SOC capabilities by 10x. Amazing automation with even better support team](https://www.g2.com/survey_responses/sirp-review-7612417)"**

**Rating:** 5.0/5.0 stars
*— Mushtaq Ahmed K.*

[Read full review](https://www.g2.com/survey_responses/sirp-review-7612417)

---

**"[Data Aggregation, Ease of Access and Quick Reporting](https://www.g2.com/survey_responses/sirp-review-4217597)"**

**Rating:** 4.5/5.0 stars
*— Iqra Z.*

[Read full review](https://www.g2.com/survey_responses/sirp-review-4217597)

---



### 20. [Blumira Automated Detection &amp; Response](https://www.g2.com/products/blumira-automated-detection-response/reviews)
Blumira is an integrated security operations platform built for growing teams and the partners supporting them to gain complete visibility into their environment, identify and address risk faster, and deliver advanced security and compliance. The platform includes: - Managed Detections for automated threat hunting to identify attacks early - AI Investigation with 98.5% accurate, human-in-the-loop triage validated against real cases - Rapid Response with automation and 1-click actions to contain and block threats immediately - One Year of Data Retention with unlimited log ingestion to satisfy compliance requirements - Advanced Reporting and dashboards for forensics and easy investigation - Endpoint &amp; Identity Protection (EDR/ITDR) for real-time remediation across devices and users - 24/7 Security Operations support for critical priority issues


**Average Rating:** 4.6/5.0
**Total Reviews:** 122
**How Do G2 Users Rate Blumira Automated Detection &amp; Response?**

- **Automated Remediation:** 7.5/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.5/10 (Category avg: 9.0/10)
- **Ease of Admin:** 9.0/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.7/10 (Category avg: 8.8/10)

**Who Is the Company Behind Blumira Automated Detection &amp; Response?**

- **Seller:** [Blumira](https://www.g2.com/sellers/blumira)
- **Company Website:** https://www.blumira.com
- **Year Founded:** 2018
- **HQ Location:** Ann Arbor, Michigan
- **Twitter:** @blumira (1 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/blumira/ (67 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** IT Manager
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 51% Mid-Market, 36% Small-Business


#### What Are Blumira Automated Detection &amp; Response's Pros and Cons?

**Pros:**

- Ease of Use (33 reviews)
- Customer Support (20 reviews)
- Setup Ease (20 reviews)
- Alerting (16 reviews)
- Alert Management (16 reviews)

**Cons:**

- Limited Customization (11 reviews)
- Alert System (7 reviews)
- Expensive (6 reviews)
- Faulty Detection (6 reviews)
- Inefficient Alert System (6 reviews)


### What Do G2 Reviewers Say About Blumira Automated Detection &amp; Response?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Blumira, finding workflows intuitive for quick problem-solving and support.
- Users commend Blumira&#39;s **excellent customer support** , enhancing integration and simplifying security processes with effective alerts.
- Users appreciate the **easy setup** of Blumira, making integration with core services quick and hassle-free.
- Users find the **valuable email alerts** of Blumira essential for enhancing security awareness and user training.
- Users value the **valuable and clear email alerts** from Blumira, enhancing their security awareness and response actions.

**Cons:**

- Users find the **limited customization** in Blumira&#39;s workflows restricts flexibility for unique security needs.
- Users feel that the **customization of alerts** needs improvement to manage false positives effectively and reduce frustration.
- Users find Blumira&#39;s pricing model to be **prohibitively expensive** , limiting its accessibility for some customers.
- Users face issues with **faulty detection** , experiencing false positives that frustrate and waste time during reviews.
- Users find the **inefficient alert system** cumbersome, as false positives waste time and cause unnecessary frustration.

#### What Are Recent G2 Reviews of Blumira Automated Detection &amp; Response?

**"[Breeze From Sales to Onboarding With an Intuitive, Easy-to-Configure UI](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-12984186)"**

**Rating:** 5.0/5.0 stars
*— Blake C.*

[Read full review](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-12984186)

---

**"[A well-rounded detection system with fantastic support](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-10479545)"**

**Rating:** 5.0/5.0 stars
*— Jeremy A.*

[Read full review](https://www.g2.com/survey_responses/blumira-automated-detection-response-review-10479545)

---


#### What Are G2 Users Discussing About Blumira Automated Detection &amp; Response?

- [What are the benefits and drawbacks of using Blumira for threat detection?](https://www.g2.com/discussions/what-are-the-benefits-and-drawbacks-of-using-blumira-for-threat-detection)
- [What is cloud SIEM?](https://www.g2.com/discussions/what-is-cloud-siem)
- [What does the term Siem stand for?](https://www.g2.com/discussions/what-does-the-term-siem-stand-for)
- [What does Blumira do?](https://www.g2.com/discussions/what-does-blumira-do)
- [What is Blumira automated detection &amp; response?](https://www.g2.com/discussions/what-is-blumira-automated-detection-response)

### 21. [Swimlane](https://www.g2.com/products/swimlane/reviews)
Swimlane automates the work security teams hate. As the leader in agentic AI security automation, Swimlane unifies operations across the SOC and beyond with its platform, Swimlane Turbine. The problem is real: over three million SecOps roles sit unfilled, and analysts drown in alerts while juggling 30+ disconnected tools, each with its own schema and quirks. Meanwhile, the average breach now costs $4.5 million. Swimlane closes that gap. Swimlane Hero AI, embedded within the Turbine platform, turns natural-language prompts into automated investigations and responses, cutting MTTR by 75%. Analysts trigger remediation with one click, backed by NIST-aligned case management. Turbine Canvas lets teams build playbooks and agents with no, low, or full code, so automation doesn&#39;t wait on a developer&#39;s calendar. The Swimlane Marketplace adds a growing library of agents, integrations, and playbooks, built on demand at no cost, ending vendor lock-in for good. Under the hood, Swimlane&#39;s Active Sensing Fabric ingests data at scale, pushing capability beyond traditional SOAR. Cloud-native architecture backs it up: one customer runs 25 million automated actions a day at 75,000 actions per minute. That&#39;s not a demo number. That&#39;s production. Analysts get customizable dashboards and AI-augmented reporting that turn raw activity into KPIs executives actually read, proving ROI without a translation layer. The market has taken notice. Independent evaluations against 15+ competitors all point the same direction: Swimlane leads. Inc. named it Best in Business. Customers at Northern Power, Toshiba, Weedmaps, and InComm Payments back that up, citing customizable playbooks, dashboards, and a professional services team that shows up when it counts. Swimlane doesn&#39;t just orchestrate security tasks. It gives every security function, from vulnerability management to compliance to business continuity, a way to move faster than the threats they&#39;re chasing.


**Average Rating:** 4.5/5.0
**Total Reviews:** 45
**How Do G2 Users Rate Swimlane?**

- **Automated Remediation:** 9.2/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.1/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.5/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.3/10 (Category avg: 8.8/10)

**Who Is the Company Behind Swimlane?**

- **Seller:** [Swimlane](https://www.g2.com/sellers/swimlane)
- **Year Founded:** 2014
- **HQ Location:** Boulder, US
- **Twitter:** @swimlane (1,628 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/4807837/ (266 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 60% Mid-Market, 31% Small-Business


#### What Are Swimlane's Pros and Cons?

**Pros:**

- Ease of Use (6 reviews)
- Easy Integrations (6 reviews)
- Features (6 reviews)
- Integrations (6 reviews)
- Automation (5 reviews)

**Cons:**

- Complexity (2 reviews)
- Learning Curve (2 reviews)
- Limited Resources (2 reviews)
- Poor Customer Support (2 reviews)
- Poor Interface Design (2 reviews)


### What Do G2 Reviewers Say About Swimlane?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Swimlane&#39;s **ease of use** exceptional, enabling seamless integration and automation across their security operations.
- Users value the **easy integrations** of Swimlane, enhancing security operations through seamless compatibility with various tools.
- Users appreciate the **versatility and support** of Swimlane, making workflow creation simple and effective.
- Users praise Swimlane for its **seamless integration capabilities** , enhancing security and simplifying automation across various tools.
- Users value the **low-code automation** of Swimlane, enabling limitless possibilities across the security landscape and enhancing integration.

**Cons:**

- Users find Swimlane&#39;s setup **confusing and complex** initially, requiring time and skill to navigate effectively.
- Users find the **learning curve steep** initially, requiring time and possibly developer assistance for effective setup.
- Users face **limited resources** for support and documentation, making deployment and maintenance challenging for Swimlane.
- Users experience **poor customer support** with slow responses and issues requiring engineers for upgrades and maintenance.
- Users find Swimlane&#39;s interface to have **poor design** , leading to cluttered, hard-to-navigate workflow pages.

#### What Are Recent G2 Reviews of Swimlane?

**"[Powerful Automation with Swimlane](https://www.g2.com/survey_responses/swimlane-review-8782607)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Financial Services*

[Read full review](https://www.g2.com/survey_responses/swimlane-review-8782607)

---

**"[I have used swimlane as an analyst and have had a little experience working with the backend.](https://www.g2.com/survey_responses/swimlane-review-8789592)"**

**Rating:** 4.5/5.0 stars
*— Maguire S.*

[Read full review](https://www.g2.com/survey_responses/swimlane-review-8789592)

---


#### What Are G2 Users Discussing About Swimlane?

- [What is Swimlane used for?](https://www.g2.com/discussions/what-is-swimlane-used-for)

### 22. [CrowdSec](https://www.g2.com/products/crowdsec/reviews)
CrowdSec is an open-source security stack that detects aggressive behaviors and prevents them from accessing your systems. Its user-friendly design and ease of integration into your current security infrastructure offer a low technical entry barrier and a high-security gain. Once an unwanted behavior is detected, it is automatically blocked. The aggressive IP, scenario triggered and the timestamp is sent for curation, to avoid poisoning &amp; false positives. If verified, this IP is then redistributed to all CrowdSec users running the same scenario. By sharing the threat they faced, all users are protecting each other.


**Average Rating:** 4.7/5.0
**Total Reviews:** 85
**How Do G2 Users Rate CrowdSec?**

- **Automated Remediation:** 9.1/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.9/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.8/10 (Category avg: 8.5/10)
- **Workflow Automation:** 7.8/10 (Category avg: 8.8/10)

**Who Is the Company Behind CrowdSec?**

- **Seller:** [CrowdSec](https://www.g2.com/sellers/crowdsec)
- **Year Founded:** 2020
- **HQ Location:** Paris, FR
- **Twitter:** @Crowd_Security (19,491 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/crowdsec/?originalSubdomain=fr (30 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 69% Small-Business, 20% Mid-Market



#### What Are Recent G2 Reviews of CrowdSec?

**"[It&#39;s a real life-saver in terms of hosting stuff](https://www.g2.com/survey_responses/crowdsec-review-8191423)"**

**Rating:** 5.0/5.0 stars
*— Rei B.*

[Read full review](https://www.g2.com/survey_responses/crowdsec-review-8191423)

---

**"[Crowdsec best endpoint in SMB](https://www.g2.com/survey_responses/crowdsec-review-11691179)"**

**Rating:** 5.0/5.0 stars
*— Pramod s.*

[Read full review](https://www.g2.com/survey_responses/crowdsec-review-11691179)

---


#### What Are G2 Users Discussing About CrowdSec?

- [What are the benefits and drawbacks of using CrowdSec for cybersecurity, and what do you recommend for improvement?](https://www.g2.com/discussions/what-are-the-benefits-and-drawbacks-of-using-crowdsec-for-cybersecurity-and-what-do-you-recommend-for-improvement)
- [What is CrowdSec used for?](https://www.g2.com/discussions/what-is-crowdsec-used-for) - 1 comment

### 23. [Shuffle](https://www.g2.com/products/shuffle/reviews)
Shuffle is an open source automation platform for security professionals (SOAR). Run it locally: https://github.com/frikky/shuffle Try it out here: https://shuffler.io/register Join the community: https://discord.gg/B2CBzUm


**Average Rating:** 4.8/5.0
**Total Reviews:** 15
**How Do G2 Users Rate Shuffle?**

- **Automated Remediation:** 9.5/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.4/10 (Category avg: 9.0/10)
- **Ease of Admin:** 9.4/10 (Category avg: 8.5/10)
- **Workflow Automation:** 9.8/10 (Category avg: 8.8/10)

**Who Is the Company Behind Shuffle?**

- **Seller:** [Shuffle AS](https://www.g2.com/sellers/shuffle-as)
- **HQ Location:** San Francisco, US
- **LinkedIn® Page:** https://www.linkedin.com/company/getshuffleapp/ (7 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security
- **Company Size:** 67% Mid-Market, 33% Small-Business



#### What Are Recent G2 Reviews of Shuffle?

**"[Shuffle Open-Source SOAR](https://www.g2.com/survey_responses/shuffle-review-8284361)"**

**Rating:** 5.0/5.0 stars
*— Rohan G.*

[Read full review](https://www.g2.com/survey_responses/shuffle-review-8284361)

---

**"[Perfect automation tool for your soc](https://www.g2.com/survey_responses/shuffle-review-10067052)"**

**Rating:** 5.0/5.0 stars
*— Ayush G.*

[Read full review](https://www.g2.com/survey_responses/shuffle-review-10067052)

---


#### What Are G2 Users Discussing About Shuffle?

- [What is Shuffle used for?](https://www.g2.com/discussions/what-is-shuffle-used-for) - 2 comments

### 24. [Guardsix](https://www.g2.com/products/guardsix/reviews)
Guardsix is the sovereign security platform for lean European teams, bringing log management and audit-ready compliance to regulated industries, critical national infrastructure operators, and the Managed Security Service Providers (MSSPs) that serve them throughout Europe and beyond. Headquartered in Copenhagen, Denmark, Guardsix delivers sovereign-by-design security for organisations that carry real operational responsibility. The company employs several hundred cyber security specialists and keeps every organisation it serves in full control of their data, deployment, and operations. Guardsix provides a unified Command Centre platform combining: • Security Information and Event Management (SIEM) • Network Detection and Response (NDR) • Security Orchestration, Automation and Response (SOAR) • Fleet for enabling multi-tenant management • Governance for Healthcare internal risk compliance monitoring The platform is built to support European data sovereignty, regulatory compliance and operational control, with predictable node-based pricing and deployment options spanning on-premises, air-gapped, hybrid and cloud environments. Guardsix solutions help organisations: • Simplify audit readiness for regulations such as NIS2, DORA, and GDPR. • Support lean security teams with efficient log management and simplified workflows. • Scale security operations without increased complexity or ingestion-led pricing surprises. • Keep security data under European jurisdiction and control — where it lives, who operates it, and under whose laws. • Deploy on their own terms, on-prem and in infrastructure they control, keeping migration a real option at every renewal. • See clearly across their whole environment, with SIEM, NDR, SOAR, Fleet, and Governance in one sovereign platform rather than a stack of point tools. Guardsix maintains SOC 2 Type II attestation and designs its solutions in accordance with European data protection requirements. With a strong partner-first model, Guardsix works closely with regional MSSPs and service providers, combining sovereign-by-design security technology with European integrity and deployment flexibility.


**Average Rating:** 4.3/5.0
**Total Reviews:** 105
**How Do G2 Users Rate Guardsix?**

- **Automated Remediation:** 8.5/10 (Category avg: 8.6/10)
- **Quality of Support:** 9.0/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.0/10 (Category avg: 8.5/10)
- **Workflow Automation:** 8.9/10 (Category avg: 8.8/10)

**Who Is the Company Behind Guardsix?**

- **Seller:** [guardsix](https://www.g2.com/sellers/guardsix)
- **Company Website:** https://guardsix.com/
- **Year Founded:** 2001
- **HQ Location:** Copenhagen, Capital Region
- **LinkedIn® Page:** https://linkedin.com/company/guardsix (162 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 44% Mid-Market, 31% Small-Business


#### What Are Guardsix's Pros and Cons?

**Pros:**

- Ease of Use (8 reviews)
- Log Management (5 reviews)
- Customer Support (4 reviews)
- Easy Integrations (4 reviews)
- Efficiency (4 reviews)

**Cons:**

- Poor Interface Design (3 reviews)
- UX Improvement (3 reviews)
- Complexity (2 reviews)
- Confusing Interface (2 reviews)
- Information Deficiency (2 reviews)


### What Do G2 Reviewers Say About Guardsix?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Logpoint&#39;s interface to be **easy to use** , making administration and daily operations effortless and efficient.
- Users appreciate the **effortless log management** of Guardsix, making data analysis straightforward and intuitive across systems.
- Users commend the **excellent customer support** of Guardsix, which enhances overall user experience and satisfaction.
- Users value the **easy integrations** of Guardsix, enhancing compatibility with existing tools in their tech ecosystem.
- Users commend the **efficiency** of Guardsix, especially in managing incidents quickly and effectively, enhancing daily workflows.

**Cons:**

- Users find the **poor interface design** of Guardsix frustrating, impacting ease of use and functionality.
- Users are frustrated with the **poorly designed logs and slow interface** , detracting from their overall experience with Guardsix.
- Users find the **complexity of the interface** challenging, but hope for improvements in the future.
- Users find the **interface confusing and slow** , making it difficult to navigate and use effectively.
- Users find a lack of **technical information** for effective appliance design, leading to potential resource overkill.

#### What Are Recent G2 Reviews of Guardsix?

**"[Context-Driven SIEM That Enhances Incident Response](https://www.g2.com/survey_responses/guardsix-review-11985484)"**

**Rating:** 4.5/5.0 stars
*— Simon A.*

[Read full review](https://www.g2.com/survey_responses/guardsix-review-11985484)

---

**"[Review](https://www.g2.com/survey_responses/guardsix-review-11378057)"**

**Rating:** 4.0/5.0 stars
*— Ronny K.*

[Read full review](https://www.g2.com/survey_responses/guardsix-review-11378057)

---


#### What Are G2 Users Discussing About Guardsix?

- [What is your experience with Logpoint for SIEM, and what do you recommend for new users?](https://www.g2.com/discussions/what-is-your-experience-with-logpoint-for-siem-and-what-do-you-recommend-for-new-users)
- [What is LogPoint used for?](https://www.g2.com/discussions/what-is-logpoint-used-for)

### 25. [Intezer](https://www.g2.com/products/intezer-intezer/reviews)
Intezer automates the entire alert triage process, like an extension of your team handling Tier 1 SOC tasks for every alert at machine-speed. Intezer monitors incoming incidents from endpoint, reported phishing pipelines, or SIEM tools, then autonomously collects evidence, investigates, makes triage decisions, and escalates only the serious threats to your team for human intervention. Power your SOC with artificial intelligence that makes sure every alert is deeply analyzed (including every single artifact like files, URLs, endpoint memory, etc.), detecting malicious code in memory and other evasive threats. Fast set up and integrations with your SOC team&#39;s workflows (EDR, SOAR, SIEM, etc.) means Intezer&#39;s AI can immediately start filtering out false positives, giving you detailed analysis about every threat, and speeding up your incident response time. With Intezer: • Reduce Tier 1 escalation, sending only 4% of alerts on average to your team for immediate action. • Identify up to 97% of false positive alerts without taking any time from your analysts. • Reduce average triage time to 5 minutes or less, while giving your analysts deep context about every alert to prioritize critical treats and respond faster.


**Average Rating:** 4.5/5.0
**Total Reviews:** 187
**How Do G2 Users Rate Intezer?**

- **Automated Remediation:** 9.2/10 (Category avg: 8.6/10)
- **Quality of Support:** 8.6/10 (Category avg: 9.0/10)
- **Ease of Admin:** 8.8/10 (Category avg: 8.5/10)
- **Workflow Automation:** 10.0/10 (Category avg: 8.8/10)

**Who Is the Company Behind Intezer?**

- **Seller:** [Intezer](https://www.g2.com/sellers/intezer)
- **Year Founded:** 2015
- **HQ Location:** New York
- **Twitter:** @IntezerLabs (10,170 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/10656303/ (88 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Student
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 54% Small-Business, 23% Mid-Market


#### What Are Intezer's Pros and Cons?

**Pros:**

- Detection Accuracy (3 reviews)
- Ease of Use (3 reviews)
- Malware Protection (3 reviews)
- Security (3 reviews)
- Security Protection (3 reviews)

**Cons:**

- Complex Interface (2 reviews)
- Poor Interface Design (2 reviews)
- UX Improvement (2 reviews)
- Access Control (1 reviews)
- Data Privacy (1 reviews)


### What Do G2 Reviewers Say About Intezer?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **high detection accuracy** of Intezer, ensuring timely malware protection and system security.
- Users value the **ease of use** of Intezer, which simplifies malware detection and enhances overall security efficiency.
- Users appreciate the **timely detection and blocking of malware** by Intezer, enhancing their system security significantly.
- Users value the **robust security features** of Intezer, ensuring efficient malware detection and system protection.
- Users value the **superior security protection** of Intezer, ensuring timely detection and blocking of malware threats.

**Cons:**

- Users find the **complex interface** of Intezer challenging, with small text and overall GUI issues affecting usability.
- Users find the **poor interface design** of Intezer challenging, with small characters and various GUI issues.
- Users find the **UI challenging and difficult to read** , noting small text and various GUI issues affecting usability.
- Users find it challenging that **access control limitations** sometimes hinder file visibility management, though it promotes peer review.
- Users are concerned about **limited control over file visibility** , impacting their data privacy and security preferences.

#### What Are Recent G2 Reviews of Intezer?

**"[CTI coordinator](https://www.g2.com/survey_responses/intezer-review-5353729)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Banking*

[Read full review](https://www.g2.com/survey_responses/intezer-review-5353729)

---

**"[Effortless Malware Detection and Robust Endpoint Security With Intezer](https://www.g2.com/survey_responses/intezer-review-12060113)"**

**Rating:** 4.5/5.0 stars
*— Franck P.*

[Read full review](https://www.g2.com/survey_responses/intezer-review-12060113)

---


#### What Are G2 Users Discussing About Intezer?

- [What is genetic malware analysis?](https://www.g2.com/discussions/what-is-genetic-malware-analysis) - 1 comment
- [Is Intezer good?](https://www.g2.com/discussions/is-intezer-good) - 1 comment
- [What does Intezer do?](https://www.g2.com/discussions/what-does-intezer-do) - 1 comment
- [What is Intezer analyze?](https://www.g2.com/discussions/what-is-intezer-analyze) - 2 comments


## What Is Security Orchestration, Automation, and Response (SOAR) Software?

[System Security Software](https://www.g2.com/categories/system-security)

## What Software Categories Are Similar to Security Orchestration, Automation, and Response (SOAR) Software?

- [Security Information and Event Management (SIEM) Software](https://www.g2.com/categories/security-information-and-event-management-siem)
- [Incident Response Software](https://www.g2.com/categories/incident-response)
- [AI SOC Agents](https://www.g2.com/categories/ai-soc-agents)


---

## How Do You Choose the Right Security Orchestration, Automation, and Response (SOAR) Software?

### What You Should Know About Security, Orchestration, Automation, and Response (SOAR) Software

### What is Security, Orchestration, Automation, and Response (SOAR) Software?

Security orchestration, automation, and response (SOAR) software helps coordinate, execute, and automate tasks between various IT workers and tools. SOAR tools allow organizations to respond quickly to cybersecurity attacks and observe, understand, and prevent future incidents.

SOAR software gives organizations a comprehensive view of their existing security systems while centralizing the security data. By automating security responses and reducing manual tasks, SOAR helps to generate a faster and more accurate response to security attacks. It also helps better coordinate and route incident response to the most appropriate IT worker in real time.

**What Does SOAR Stand For?**

SOAR stands for security orchestration, automation, and response. SOAR software significantly contributes to identifying potential future security threats.

### What are the Common Features of Security, Orchestration, Automation, and Response (SOAR) Software?

Usually, a SOAR software offering operates under three primary software capabilities:

**Threat and vulnerability management:** Threat and vulnerability management examines key assets and prioritizes efforts to reduce risk. Working with other security teams, threat and vulnerability management helps prevent attacks by threat actors.

**Security incident response:** Security incident response addresses and manages the aftermath of a security breach, cyberattack, computer incident, or security incident. Security incident response is to handle the aftermath of a security breach in a way that limits damage, reduces recovery time, and reduces cost.

**Security operations automation:** Security operations automation is the technology that enables the automation and orchestration of security tasks. This can include both administrative duties and incident detection and response.

### What are the Benefits of Security, Orchestration, Automation, and Response (SOAR) Software?

The benefits of using a SOAR tool are that it lessens the impact of security incidents and reduces the risk of legal liability. SOAR software helps companies’ security teams by enabling them to:

**Maintain a central view:** One of the benefits of SOAR software is that it gives security staff a central view and enables control of existing security systems while centralizing data collection to improve a company&#39;s security posture, operational efficiency, and productivity.&amp;nbsp;

**Automate manual tasks:** As with most software today, users are looking for help in terms of automation. SOAR software helps to manage and automate all aspects of a security incident lifecycle. This removes manual tasks, gives security staff more time to be productive, and allows them to focus on more mission-critical security tasks that do not require manual tasks.

**Define incident and response procedures:** SOAR software helps security systems define incident and response procedures. This helps to route security incidents to the correct security staff. SOAR can also prioritize and standardize the security response processes in a consistent, transparent, and documented way.&amp;nbsp;

**Optimize incident response** : Because SOAR software helps security staff define incident and response procedures, incident response is more accurate. This accuracy enables security systems and staff to have improved responses where they may have to contain, eradicate, or recover crucial data.&amp;nbsp;

**Identify and assign incident severity levels:** SOAR software helps to identify and assign incident severity levels. Severity levels in cybersecurity measure how severely a security incident impacts various parts of the organization. SOAR software automatically identifies and assigns severity levels, enabling the right security system and staff to respond appropriately. This means both can respond immediately to security incidents that may negatively affect an organization, such as networks, software, employee or customer data, etc.

**Support collaboration and unstructured investigations:** SOAR software supports collaboration and unstructured investigations in real time, helping route each security incident to the security system and security staff best suited to respond. Collaboration with other IT teams for tasks such as remediation or other departments such as legal is possible.&amp;nbsp;

**Streamline operations:** By using SOAR software, organizations can streamline security operations for threat and vulnerability management, security incident response, and security operations automation. SOAR software connects these security elements while integrating disparate security systems. SOAR software’s playbooks allow users to orchestrate, streamline and automate tasks. Playbooks also codify the process workflows that streamline the SOAR software functions.

### Who Uses Security, Orchestration, Automation, and Response (SOAR) Software?

**IT and cybersecurity staff:** They use SOAR software to handle security alerts such as phishing, which includes looking for threat feed data from endpoints, failed user logins, logins from unusual locations, malicious VPN access attempts, and so on. It&#39;s also used to hunt for threats and respond to incidents from attached files for malware analysis, cloud-aware incident response, and automate data enrichment. Cybersecurity staff who assign incident severity and check other products for vulnerability scores also use SOAR platforms.

### Challenges with Security, Orchestration, Automation, and Response (SOAR) software

There are a number of challenges with SOAR software that IT teams can encounter.

**Skill gaps:** While there is the misconception that SOAR software could replace security staff, the tool is meant to augment security teams, allowing them to work efficiently and effectively but not replacing them. However, there still may be a skills gap as the security team must be able to create detailed workflows of their processes.

**Effective deployment:** Another challenge of SOAR software is that it must be deployed to the enterprise but also connected to the other applications and technologies, which can be very complicated. An organization must also have staff with enough skills to deploy and maintain the platform. The applications and technologies used by the enterprise must also be able to support or be integrated into the SOAR software. One of SOAR software’s greatest strengths is to connect and orchestrate other technologies; however, if each technology is unable to be integrated, it hampers the benefits of deploying SOAR software.

### How to Buy Security, Orchestration, Automation, and Response Software

#### Requirements Gathering (RFI/RFP) for Security, Orchestration, Automation, and Response (SOAR) Software

If an organization is just starting out and looking to purchase SOAR software, g2.com can help select the best one.

Most business pain points might be related to all of the manual work that must be completed. If the company is large and has a lot of networks, data, or devices in its organization, they may need to shop for a SOAR software that can grow with its organization. Users should think about the pain points in security to help create a checklist of criteria. Additionally, the buyer must determine the number of employees who will need to use the SOAR software and if they currently have the skills to administer it.&amp;nbsp;

Taking a holistic overview of the business and identifying pain points can help the team springboard into creating a checklist of criteria. The checklist serves as a detailed guide that includes both necessary and nice-to-have features, including budget, features, number of users, integrations, security staff skills, cloud or on-premises solutions, and more.

Depending on the scope of the deployment, it might be helpful to produce an RFI, a one-page list with a few bullet points describing what is needed from SOAR software.

#### Compare Security, Orchestration, Automation, and Response (SOAR) Software

**Create a long list**

Vendor evaluations are an essential part of the software buying process from meeting the business functionality needs to implementation. For ease of comparison, after all demos are complete, it helps to prepare a consistent list of questions regarding specific needs and concerns to ask each vendor.

**Create a short list**

From the long list of vendors, it is helpful to narrow down the list of vendors and come up with a shorter list of contenders, preferably no more than three to five. With this list in hand, businesses can produce a matrix to compare the features and pricing of the various solutions.

**Conduct demos**

To ensure the comparison is comprehensive, the user should demo each solution on the shortlist with the same use cases. This will allow the business to evaluate like for like and see how each vendor stacks up against the competition.&amp;nbsp;

#### Selection of Security, Orchestration, Automation, and Response (SOAR) Software

**Choose a selection team**

Before getting started, creating a winning team that will work together throughout the entire process, from identifying pain points to implementation, is crucial. The software selection team should consist of organization members with the right interest, skills, and time to participate in this process. A good starting point is to aim for three to five people who fill roles such as the main decision maker, project manager, process owner, system owner, or staffing subject matter expert, as well as a technical lead, head administrator, or security administrator. In smaller companies, the vendor selection team may be smaller, with fewer participants multitasking and taking on more responsibilities.

**Compare notes**

The selection team should compare notes and facts and figures which they noted during the process, such as costs, security capabilities, and alert and incident response times.

**Negotiation**

Just because something is written on a company’s pricing page does not mean it&#39;s final. It is crucial to open up a conversation regarding pricing and licensing. For example, the vendor may be willing to give a discount for multi-year contracts or for recommending the product to others.

**Final decision**

After this stage, and before going all in, it is recommended to roll out a test run or pilot program to test adoption with a small sample size of users. If the tool is well used and well received, the buyer can be confident that the selection was correct. If not, it might be time to go back to the drawing board.

### What does Security, Orchestration, Automation, and Response (SOAR) Software cost?

SOAR is considered a long-term investment. This means there must be a careful evaluation of vendors, and the software should be tailored to each organization&#39;s specific requirements. Once a SOAR solution is purchased, deployed, and integrated into an organization’s security system, the cost could be high, which is why the evaluation stage of selecting SOAR software is so crucial. The notion of rip-and-replace cost can be high. The SOAR vendor chosen should continue to provide support for the SOAR solution with flexibility and open integration.

#### Return on Investment (ROI)

Organizations decide to purchase SOAR software with some type of return on investment (ROI). As they want to recoup the money spent on the software, it is critical to understand the costs that will be saved in terms of efficiency.

SOAR software saves security staff costs by eliminating manual tasks. For example, SOAR software automatically investigates the scenario of email phishing attacks which is very common, so this task can be very repetitive and consumes security staff time if it is done manually. A large enterprise used actual data from its SOAR software deployment and compared it to the cost of handling email phishing investigations automatically using SOAR software versus handling them manually. The enterprise found that the reduction in staff time required to handle phishing emails equated to savings of over $680,000 per year.

### Security, Orchestration, Automation, and Response (SOAR) Software Trends

**Enterprises:** Due to the requirements to maintain such large-scale IT and network infrastructure, organizations such as large enterprises tend to be more interested in purchasing SOAR software. Having such large networks and more complex IT makes such organizations more vulnerable to security threats which is another drive to purchase SOAR software. Also, larger organizations have more employees with more devices, which increases threats if they are accessing workplace applications on these devices.

**Retail and e-commerce:** These industries have increased interest in SOAR software due to the vulnerabilities in PoS)transactions and online purchases. It is the processing of these monetary transactions which creates a security risk, especially there personal and financial information of customers. Adopting technologies such as location-based marketing for these types of purchases also makes the retail industry more vulnerable to security threats.




