We are using Swimlane for automation purposes and security orchestration.

We are using Swimlane's Playbook Automation. One of the major playbooks that we use in Swimlane is for phishing email automation, so whenever there is a phishing email delivered to a user inbox, Swimlane will automatically sandbox that.

We integrate Swimlane with third-party tools such as CrowdStrike, VirusTotal, URL Proofpoint, and all other different tools we have, so that we get various enrichment of any alerts to make sure that the analyst doesn't spend much time doing manual tasks and gets all the information from the tools in the Swimlane console itself.

We use the case management feature in Swimlane as well. This case management feature is helpful because, in security, we don't want our security incidents to be visible to end users. For example, if I am using ServiceNow, I have to impose many restrictions on the backend table to ensure that whatever incidents are created and written into that table are not available to any end users or other IT team members. We use case management for that purpose so that our security alerts are isolated and only the security team has visibility on them. Whenever we need any remediation, we integrate it with ServiceNow, so if I need to raise a remediation ticket for re-imaging the system, we can create a ticket in ServiceNow from the Swimlane console or from the case management itself with all the proper information.

We do utilize the analytics aspect in Swimlane, and we use their Hero AI module as well.

We also use customizable dashboards in Swimlane because many clients, including CISOs, whom we manage need an executive-level view of what is happening over Swimlane. We create dashboards for them that provide proper information, such as how many alerts were created, what was the mean time to triage, and mean time to respond; we cover all these as KPI metrics in the executive dashboard.

The biggest advantage of Swimlane for us is that it saves time, which in turn helps us in cost-saving.

One of the disadvantages of Swimlane is that to manage the platform, we need hardcore developers. We have recently seen new products such as Tines and Blink Ops coming into the market, where a person with a good knowledge of APIs and JSON format can manage the platform and create playbooks. Even a security analyst can create some playbooks on those platforms. However, on Swimlane, it's difficult for security analysts since they must mandatorily know Python to create the playbooks.

In terms of pricing, Swimlane is on the slightly expensive side.

Swimlane is scalable in general, but there are some limitations. It involves maintenance overhead because you need a complete engineer who knows the product in and out to scale it for the on-prem environment, while in a SaaS model, it works without many problems.

Installation can be quite complex, especially when we have to use Kubernetes, and if we need to create load balancing. In those situations, it requires a good engineer to deploy the platform.

In relation to bugs, sometimes the enrichment playbook we have does not enrich the alert, resulting in missing details, so in those scenarios, the automation team has to manually run the playbook again.

Improvements could be made in terms of quality, particularly.

I have been working with Swimlane for almost seven years.

Swimlane is scalable in general, but there are some limitations. It involves maintenance overhead because you need a complete engineer who knows the product in and out to scale it for the on-prem environment, while in a SaaS model, it works without many problems.

I would rate technical support from Swimlane a seven on a scale where ten is the best.

Positive

Installation can be quite complex, especially when we have to use Kubernetes, and if we need to create load balancing. In those situations, it requires a good engineer to deploy the platform.

We see these savings approximately close to 30-35%.

In terms of pricing, Swimlane is on the slightly expensive side.

We have recently seen new products such as Tines and Blink Ops coming into the market, where a person with a good knowledge of APIs and JSON format can manage the platform and create playbooks. Even a security analyst can create some playbooks on those platforms. However, on Swimlane, it's difficult for security analysts since they must mandatorily know Python to create the playbooks.

I would rate Swimlane a seven out of ten as a product.

On-premises

Other

Swimlane is used for tasks that need multiple task owners. For instance, with bank applications, if you're opening a new account or need KYC, the application might undergo several stages - from submission to bank manager approval, back to verification, and finally to signers for signature purposes. Swimlane allows the movement of tasks to multiple users, being assigned to a single person, a specific user, a group of people, or a customized role.

Moreover, once a task is assigned using Swimlane, it's visible on the portal of each group member, allowing any of them to perform an action on the task.

Swimlane's persisting feature makes managing tasks very easy. When a task is assigned, it remains visible to all members it's assigned to, making it easy to manage and follow. Its integration within Appian allows tasks to stay active and notify users regularly.

Another benefit is it reduces workload with minimal coding, requiring just drag-and-drop for setting assignments. It's both time and manpower efficient.

Swimlane should enhance its integration features beyond the current task assignment, reaction, and persistence capabilities. It should support integrations with multiple signals or queues.

Additionally, Swimlane's tight coupling with Appian standalone applications limits its scalability. It should be exposed so external clients can use it without needing a local setup. This would improve its dynamic adaptability and scalability.

I have been working with Appian for around 8 years.

If you have already used your tool inside any Appian Studio, which is already built on Appian technology, then the Swimlane will be available to it, and it's a component you can integrate very easily. It is just a drag and drop thing. Drag and drop and assign some values.

If the event is written correctly, then Swimlane is a hundred percent accurate. It will always determine which person to assign, and what to do, for that claiming thing. I haven't seen any production issue or anything coming up because of Swimlane.

Swimlane is not scalable because it is not exposed. Currently, it's a manual component that requires configuration through coding. If it were exposed or ported to a cloud platform, it could achieve better scalability. Swimlane should have the capability to be moved out of Appian and integrated with other platforms.

Appian community is there for technical support. You can raise a ticket or incident, and it gets addressed based on priority. Additionally, working with a firm that has a dedicated person for support is beneficial.

If the primary support contact is unable to assist, tickets must be created within the Appian community, though sometimes response times extend for weeks.

Positive

If we consider options outside of Appian, Java has many similar solutions, but within Appian, the task assignment capability is uniquely provided by Swimlane.

For the initial setup, the licensing needs to be handled appropriately. Existing applications wanting integration must have their process structures within Appian, as Swimlane isn't exposed. A process image is necessary in Appian to use Swimlane, which can be a drawback.

The best part of Swimlane is the persistent notifications and its ease of integration, requiring minimal coding. While it lacks response features, it can be integrated with messaging or queue services to achieve this. Any incident response requires additional integration since Swimlane itself doesn't react to incidents.

Real-time data in terms of persistence is configurable, and without config, tasks persist indefinitely until completion. If using Appian versions below 11, integration features for Swimlane aren't available. By default, Swimlane lacks built-in intelligence, needing coding for integration.

Although the Swimlane is beneficial and reduces manpower requirements, it's hindered by its lack of exposure. If exposed through services or endpoints, its functionality could be accessed without needing a local standalone application.

On a scale of one to ten, this solution deserves a rating of nine.

We are using it for a SOAR platform at a Cyber Security company which is MSSP. We are providing services to other companies, and we are utilizing it as a SOAR platform.

It has not impacted our organization positively, as we are using it primarily as a ticketing system. Normally, there should be some AI platform to include it and add alert traffic or other functionality, but it currently serves just as a ticketing system, which is not perfect.

I have used many different SOAR platforms, and I think Swimlane needs to upgrade and improve itself significantly.

Swimlane's search bar is not working effectively, and there is no option to differentiate between two cases at the same time. When cases become incidents, they should be marked with a different color to visualize escalations better. Our platform has some issues that do not disappear, and they have an unsupportive team. Their AI functionality exists but is not helpful. Sometimes there are glitches and problems with performance.

I have been using it for almost two years.

Swimlane has experienced problems with bugs and breakdowns.

My impressions of Swimlane's scalability are average. We are using it for different customers, and while we have numerous clients, the scalability is adequate.

I would rate their support a three out of ten due to both knowledge and response time.

Neutral

We are currently looking for different SOAR platforms.

The initial setup was moderately complex but manageable.

We implemented it ourselves without using an integrator or reseller.

I am evaluating other options at the moment.

Swimlane is in the middle class range in terms of expense.

I am not the decision maker, but I do not think it is worth the money to have as a tool.

I would not recommend using Swimlane.

On a scale of 1-10, I rate this solution a 5.

We use Swimlane primarily to design the entire architecture of the customer journey from onboarding to settlement. As a multinational IT service company in India, we work with many channel partners, both external and internal, with numerous components and vendors. Swimlane helps us assign respective work to the right teams, making it clear which team does what work, how they will do it, and where they will get the data. Additionally, Swimlane helps us confirm the roles and responsibilities of each component or company involved.

I find Swimlane very trendy and easy to design with. As a solution architect, I use various software, and the most important thing is that Swimlane is an easily designed and learnable software. I can make designs quickly, and it is very user-friendly.

I would prefer to have more colors added to represent different risks or notations, which can be used for the prioritization of risks and the significance of information.

I have been using Swimlane for around four years.

We don't do any setups or integrations. We use Swimlane directly from Google to work on it.

It is always stable.

Swimlane is highly scalable.

Before Swimlane, I used MS Visio and draw.io, and BPMN diagrams for automation and orchestration.

There is no initial setup required. We access it directly from Google.

Swimlane saves us 80 to 90 percent of our time by quickly helping us design the journey and efficiently passing information to various components.

I would rate Swimlane eight out of ten. I recommend it to others because it is very easy to learn, easy to express information with, and it significantly saves time and enhances overall efficiency.

Public Cloud

Google

I have been in software IT for more than seventeen years, writing technical documentation, including those for developers. While writing, I often need to create Swimlane diagrams to explain and document workflows. In particular, when there are multi-user workflows involved, I use Swimlane to depict the sequence of events, who initiates an action, where it goes, any approval required, and the subsequent actions.

Swimlane is a very effective way to represent workflows involving multiple users. It provides a clear visual representation of the flow, user actions, and the stages these actions occur at. It helps in clearly identifying the roles, timeline, and actions involved in the workflow, offering a comprehensive depiction of the entire process.

Swimlane is currently two-dimensional. If a third dimension could be added, it might be more useful.

I have been in the software IT field for more than seventeen years, during which time I have been using Swimlane for various tasks.

I have not experienced any stability or performance issues with Swimlane.

Swimlane is scalable. It can support various projects involving multiple users efficiently.

I have not specifically worked with tech support, but I have created content for it.

Neutral

I have previously worked with UML diagrams and sequence diagrams.

I primarily use free tools provided by my company, like PPT or diagrams.net, for creating diagrams.

I have previously worked with UML diagrams and sequence diagrams.

I would recommend Swimlane to individuals who document processes and flows. It is a valuable tool for providing a visual representation. I would rate Swimlane as an eight out of ten. My rating for the overall solution is 8 out of 10.

On-premises

I use Swimlane as a SecOps automation platform. I utilize it for automating alert triages, phishing triages, and case and incident management. It streamlines the work for analysts and facilitates automating security processes.

Swimlane enables two SOC analysts to work efficiently as much as ten analysts would without Swimlane, which translates to significant manpower savings.

Swimlane is highly customizable. I can do anything in the platform, from integrating my email inbox to automating tasks and creating cases for analysts. It is easy to integrate with multiple tools due to its drag-and-drop connectors. The marketplace offers more than two thousand playbooks and components, easing the configuration of SOC solutions.

I would like to see improvements in the minor bugs that occur with each update, as some features might have issues. Additionally, in the orchestration tab, it would be helpful to have a list of playbooks where a particular asset or connector is used.

I have been using Swimlane for one year.

Due to Swimlane's high customization capabilities, initial setup depends on specific requirements. It might require time to customize and deploy. However, Swimlane allows for tailored solutions as per our needs.

I have not experienced any stability issues with Swimlane.

Swimlane is highly scalable since it is deployed in the cloud. Its scalability automatically adjusts based on usage.

Customer service is commendable. When I raise a ticket, they reply within half an hour with an initial response, signifying that an agent has been assigned and is working on the issue.

Positive

Swimlane is my first and best experience ever.

The initial setup was straightforward due to Swimlane's customization capabilities. They provide standard solutions, but adjustments are needed based on requirements.

Swimlane offers technical account managers based on the purchased package, assisting with the deployment process.

Swimlane performs well on both Windows and Mac. On a scale of one to ten, I would rate Swimlane as nine.

Public Cloud

Amazon Web Services (AWS)

We have been using Swimlane for security automation within our company. All the ingestions, automations, and everything within our department goes through Swimlane.

Swimlane is easy to start with, as it requires minimal prior knowledge to get started. It is flexible, providing room for users to set up specific incident response flows. Additionally, its integration capabilities allow connections to various platforms, enhancing its usability. Swimlane has helped reduce analyst time, contributing to operational efficiency.

There is a need for enhanced version control in Swimlane. Currently, our version does not support it, making it tough to move changes between environments during significant updates. Furthermore, despite being advertised as a no-code tool, it remains code-reliant, demanding users to build solutions through coding.

We have been using Swimlane for the past three years.

I would rate the stability of Swimlane as a seven. We encountered issues requiring multiple restarts, which suggests that stability could be optimized further.

Swimlane is very scalable, and I would rate it a nine. We did not encounter issues even when managing thousands of alerts, as scalability is only limited by our instance's server capacity.

Swimlane's technical support is very good. They are attentive, responsive, and work to resolve issues efficiently.

Neutral

We previously used Splunk SOAR, but switched to Swimlane due to cost considerations. Swimlane was more cost-effective.

The initial setup of Swimlane is easy to learn but requires customers to design their solutions. Deployment of Swimlane took us three to four months, which involved migrating existing playbooks.

Around ten people from Swimlane and five from our team were involved in the implementation.

I wasn't part of the initial evaluation process. Still, we had some evaluations of other SOAR solutions within our company after migrating to Swimlane.

I would recommend Swimlane for those proficient with code and prepared for the maintenance efforts required. On a scale of one to ten, I rate Swimlane a seven.

Public Cloud

Other

I use the solution for receiving alerts and case creation. It is used as a ticketing system.

It provides us with a single portal for our logs from different solutions.

We faced a lot of issues with the product’s stability. Sometimes we find bugs in the plug-ins. We experience some latency when we have a huge amount of data.

I have been using the solution for six to eight months.

I rate the tool’s stability a five or six out of ten.

I rate the tool’s scalability a seven out of ten. When we add some users, the platform becomes unstable. In my organization, 20 people use the solution.

The response time depends on the support person. The resolution of our issues depends upon the problem and the support person.

Positive

The product is deployed on the cloud.

Overall, I rate the product a seven out of ten.