Check Point Software Technologies provides threat intelligence via the Check Point ThreatCloud.
N/A
Splunk SOAR
Score 9.0 out of 10
N/A
Splunk now offers a security orchestration, automation, and response (SOAR) platform via its acquisition of Phantom. Splunk Security Orchestration and Automation (Splunk SOAR) provides playbook automation and is available as a standalone solution.
N/A
Pricing
Check Point ThreatCloud
Splunk SOAR
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Check Point ThreatCloud
Splunk SOAR
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Check Point ThreatCloud
Splunk SOAR
Considered Both Products
Check Point ThreatCloud
Verified User
Anonymous
Chose Check Point ThreatCloud
If you have the Checkpoint firewalls, the only real solution is the Check Point ThreatCloud to be used. If you have PAN - Autofocus or Fortinet-fortiguard. One advantage of Check Point ThreatCloud is the elimination of web security services, as the checkpoint with the threat …
As Checkpoint next generation firewalls were already implemented in the network, ThreatCloud was easy to implement and had better features and reputation than competitors.
Splunk SOAR is one of the more easier to use SOAR products because it gives you the ability to basically write a python script directly as a playbook rather than having to have logic steps built for each decision and only run one thing at a time. I have had previous SOAR …
Splunk SOAR is one of the more easier to use SOAR products because it gives you the ability to basically write a python script directly as a playbook rather than having to have logic steps built for each decision and only run one thing at a time. I have had previous SOAR …
If you use Splunk SIEM, you might wanna use Splunk soar, too. one vendor for SIEM and SOAR, and you do not need to think about integration, etc. Easy to use if we compare to other SOARs, chat and war rooms are great, and almost every action that we need is already created in …
Simple to utilize GUI, you'll have with you possess add-ons, Numerous integrations in existing arrangements and tools. It could be an extraordinary organizational tool that can be utilized for any kind of coordination, not as it were security.
Splunk Phantom integrates well with Splunk ES and has many integrations. One thing that I liked about XSOAR as compared to Phantom is that it has an "app-store" where you can download not only app integrations (similar to Phantom) but Playbooks and dashboards as well.
Splunk SOAR has multi vendor friendly design that suits our MSP model. Qradar on the other hand has deployment complexity and dependency on IBM's Qradar, which is less appealing for us since our clients run everything from Sentinel to elastic
As I'm working for the banking sector, our utmost importance is the security of the network. Check Point ThreatCloud helps to ensure the security by making sure the threats are monitored and treated according to the Bank's IT policy. When it comes to the ATM Network, Check Point ThreatCloud plays a severe role.
Our company has very complex and dynamic security operations because of the large number of security tools and systems that we need to manage and coordinate. Moreover, it helps us to meet many regulatory and compliance requirements because it helps us to automate and document our security operations. We also use it to streamline our security operations and improve our response to potential threats.
A lack of instruction It can be difficult to contact the support staff. Limited experience from current users.
It takes some effort to set up and learn new technology at first. More assistance is required from the support staff. The product's price needs to go down.
As we already have a lot of clients being catered with Splunk SOAR and because Splunk SOAR is robust and efficient, we are already using it, and we have understood the product to a certain extent, I feel we are personally more enticed to use and scale it to a lot of business.
Building playbooks through the visual editor is fine for basic tasks, but once you start chaining complex logic or integrating 3rd party APIs you hit a wall that requires deep scripting knowledge.
It has APIs that are useful for integration with third party solutions as well as for absorbing large volumes of data from our servers, networks and apps. Splunk SOAR offers a variety of playbooks that we use in automating workflows for migrating data and for analyzing the data to ensure its security.
If you have the Checkpoint firewalls, the only real solution is the Check Point ThreatCloud to be used. If you have PAN - Autofocus or Fortinet-fortiguard. One advantage of Check Point ThreatCloud is the elimination of web security services, as the checkpoint with the threat cloud replaces the web security solutions with its vast features. Check Point products are very easy to use, and operation costs are much lower than the other vendors.
If you use Splunk SIEM, you might wanna use Splunk soar, too. one vendor for SIEM and SOAR, and you do not need to think about integration, etc. Easy to use if we compare to other SOARs, chat and war rooms are great, and almost every action that we need is already created in Splunk SOAR.
High score rates [are] seen on breach systems after deploying systems integrated with [Check Point] ThreatCloud
Catch rates are very high compared to other vendors
One missing thing is the detection for localized URLs and IPs
Purchasing within the 3-year perspective is cheap compared to other solutions; ROI is generally six months
[Check Point] ThreatCloud eliminates the need [for] other additional services that may need to be deployed like dedicated IPS, Dedicated Sandbox, DNS solution, etc.
The playbooks are valuable. They are the core component. Being able to implement and build a code process to work through and scale out what we want to do is valuable
Before its use, analyzing each email would take at least 15 to 20 minutes, with some complex cases taking up to 30 minutes...With the automation provided by Splunk Phantom, we could significantly reduce the amount of time and human effort required to complete this task