Please share with the community what you think needs improvement with IBM Resilient.
What are its weaknesses? What would you like to see changed in a future version?
This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility.
In terms of the whole analysis aspect, if we can get any additional information and ensure it's contextual information, that would be quite helpful to us. The initial setup is complex.
The product needs a bit more development. We've had some compatibility issues that need to be resolved. There needs to be a bit more research done into that to figure out why it won't work. For example, my customer had some specific requirements, however, due to a lot of compatibility issues, some devices were not available to upgrade or add to the system. They say they are working on adding it to the solution, however, the compatibility still isn't available, and may not be for a while. They are unclear on the timelines. We've had issues surrounding the deployment of the product. The solution needs to try and develop more custom playbooks or documentation to help the customer with the initial setup. Technical support is not pro-active enough and they take too long to provide solutions to problems. The solution needs to have a physical deployment as well. It would be ideal if it wasn't just on the cloud.
The integration could be improved so that it is easy to integrate with other solutions. We need better pricing. It is very expensive to facilitate the students for research purposes for one month.
Its price needs improvement.
IBM Resilient helps the company to automate responses against cyber-attacks using dynamic playbooks by sending actions to other IT solutions like firewalls, antivirus, Microsoft Teams, etc. The concept is to develop functions that you can find in IBM X-Force Exchange, and there are making lot of hard work to develop these functions, but for now, they need to add more functions to respond with other security solutions (Cisco ASA, ForcePoint, WAF...), so for now, all we can do is to wait for these functions, and I see that every month they add more functions.
What do you like most about IBM Resilient?
Thanks for sharing your thoughts with the community!