TrustRadius Insights for Splunk Enterprise Security (ES) are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.
Pros
Intuitive User Interface: Users have consistently found the user interface of the product intuitive and easy to use, allowing for quick completion of tasks. Many reviewers praised its simplicity and user-friendly design.
Efficient Log Correlation: The automation capabilities in XDR were highly appreciated by users as they enable efficient log correlation and turning data into meaningful insights. Several reviewers mentioned that this feature saves them time and enhances their overall productivity.
Comprehensive Security Monitoring: Users highlighted the product's ability to monitor firewall traffic, mail systems, and AWS infrastructure, providing comprehensive security monitoring. This feature was commended for its effectiveness in identifying potential threats from various sources.
Loading Reviews List....
Splunk Enterprise Security Reviews
24 Reviews
Mid-sized Companies (51-1,000 employees)
Search is temporarily unavailable. Filters are still applied.
It's easy to build queries & integrate with other systems and applications. There are a lot of add ons you can integrate to Splunk that can save you a lot of time. Correlation and investigation are easy due to Splunk's effective data parsing capability. There are endless options to customize searching. It provides a very accurate Data Analytics platform that can be adopted by users of all levels. E.x. From tools like Data Tables for Novices to Splunk's Web Framework for Experts.
Pros
It gives visuals to the client when we select a graphical portrayal, enabling us to change signs into visual outlines, for example, pie outlines, diagrams, tables, and so on.
Dashboard UI is intuitive and exceptionally educational, so one can easily find whatever they are looking for.
Cons
Sometimes, it's very, very slow! It also takes a long time to refresh.
UI for pattern searching can be a little better.
Likelihood to Recommend
Well Suited: What we admire most about Splunk is the significant improvements and capabilities it brings to the software with every major release. It is simply mind-blowing and easy to set up from a backend developer's point of view, as it is compatible with existing popular enterprise frameworks using microservice architecture (Spring Boot). Less Suited: Their enterprise plans are frankly costly. Cost wise, maybe it won't be suitable for small startups.
Our scope is actually quite large as my team is responsible for the protection of tens of thousands of devices. This is accomplished with the use of Enterprise Security, which we have used for the past several years to great effect. Enterprise Security enables us to detect and respond to threats in real time, monitor our environment's overall security compliance, and provide timely and insightful reports and metrics to management.
Automated response limitations - requires SOAR to unlock its full potential.
Likelihood to Recommend
Splunk Enterprise Security is a great fit for an organization that also utilizes Splunk in its environment. While there is a learning curve, if users and admins are already familiar with Splunk, it should be a straightforward task to get Enterprise Security up and running. It makes even more sense if the organization is already utilized Splunk Security Essentials. This is like Enterprise Security Lite - but much of the setup and configuration carries directly over to Enterprise Security.
Splunk Intelligence Management has enhanced our company's security threat detection and mitigation security management using predictive analytics built on our risk analysis. It is a great ally of the firewall, intrusion, spam and e-mail protection system. In these two years of use we identified many vulnerable targets in our network and fixed the problem. We were able to automate security processes that are repetitive so that they happen automatically and generating logs for later consultation. The system is quite robust, comprehensive and allows creating many features to protect the network from threats.
Pros
Risk Analysis Dashboard.
Perfect for identifying security risks and targets in internal systems.
Process automation with intelligence to detect and combat threats.
Easy to use and configure interface.
Cons
Requires advanced learning to know all the features and configure in the best possible way.
Likelihood to Recommend
Splunk Intelligence Management can be used by any company that is looking to improve its threat management system with system automation to detect and combat threats based on company-specific risk rules. It is super simple to configure them on the platform and create monitoring, analysis and incident response routines. The reports are customizable and full of data by day, week, month and year with the event response. It is a cost-effective solution.
VU
Verified User
Analyst in Information Technology (51-200 employees)
Splunk Enterprise Security is an intelligent and highly investigative solution, that assists the business in coordinating all the systems, and bringing a solid reporting of the attacks and possible cyber security challenges in a company system. Besides, Splunk Enterprise Security investigates all the possible threats or activities both on the cloud and on the premise/offline, and this ensures every action has the stipulated security improvements. Finally, Splunk Enterprise Security set the strategies that improve the security apparatus of a company system.
Pros
Detailed security or threat detectors for systems.
Credible cloud and on premise security check and monitoring.
Focused security remedies on our systems.
Cons
Demands a documentation that is comprehensive and sufficiently enhanced.
Better scenario case examples for practicability.
Other security remedies are efficient and engaging.
Likelihood to Recommend
Splunk Enterprise Security governs all the security needs that a firm has, it stipulates the proficiency of every threat detector, and the practical remedies to eliminate different challenges. More so, Splunk Enterprise Security has secured different systems that may have been prone to attacks, which is a fruitful security engagement. The close monitoring of both internal and external systems through proper security checks increases business productivity.
With Splunk Enterprise Security, we have been able to integrate our tools and create content rules, alerts, and dashboards to monitor all our other security tools. It has helped us validate security events and trust more in AI and automate processes.
Pros
Correlation
Automation
Dashboards
Cons
More support on some tools available on the splunkbase
Likelihood to Recommend
Security events and correlations, we got many alerts from our tools but when you get all events correlated you are able to see what else can any harmful event do.
Visibility for our infrastructure including hypervisors, switches, Palo Alto firewall, and clients to meet security requirements. One issue we’ve used this for is looking into packet loss of a particular host in our environment. Saw that one of the fiber ports had gone into err disable due to flaps. We’ve used a different port to resolve the issue.
Pros
Granular
Ease of implementation
Visibility
Cons
SPL assist
Likelihood to Recommend
Security is a great use scenario, but overall a solid all-around product for pretty much anything IT. Again great for having a central point to consolidate your logs.
Splunk Enterprise Security has helped me be able to have detection of threats in real-time, have analysis of alert generation and investigation.Log management and retention. I also use it for data visualization and analysis.
Pros
Superb reporting and visualization abilities.
Offers for creation and customization of dashboards used for file, log, and data monitoring.
Allows for collection of data from multiple sources.
Cons
The only issue I have with this software is that it's pricing is quite high.
Likelihood to Recommend
Splunk Enterprise Security is well suited to departments or organizations that have to deal with issues of real-time alerting to deal with threats ASAP.
I use Splunk Enterprise Security to provide Managed Security Services to our esteemed customers in Saudi Arabia. We are one of the largest and most reputed MSSPs in the region and Splunk Enterprise Security is our choice of SIEM solutions for multiple reasons. Splunk Enterprise Security is a next-gen SIEM tool with log management and correlation capabilities and it provides optimal and efficient results and aids in delivering world-class services. We mainly use it to store customer logs, do correlation on incoming logs and perform threat hunting. Splunk Enterprise Security has native features that enhance overall security monitoring and is a must for all MSSPs.
Pros
Searching for specific events from a large data pool
Needle in the haystack capabilities in finding a specific keyword out of the large volume of data
Turning data into meaningful insights that assist in finding the right thing from a big chink of data
Cons
Scalability is one area that Splunk Enterprise Security can improve upon.
Splunk Enterprise Security required huge compute and storage resources, perhaps these can be minimized.
Splunk support has lot of room for improvement.
Likelihood to Recommend
Splunk Enterprise Security is excellent for Security Monitoring as it has excellent featured and capabilities to support large-scale operations. All kinds of data are well parsed and search results are very fast, all of this is very vital for security monitoring. Perhaps some of the limitations would be in how Splunk Enterprise Security can support multi-tenant environments, which is a challenge.
VU
Verified User
Team Lead in Information Technology (501-1000 employees)
Splunk is mainly used for a single point of correlated data from our security devices, load balancers, networking devices, emails, and proxies. With this, we are able to create dashboards and automation of our XDR technology.
Pros
Log correlation
Automation in XDR
Dashboards with recommendations
Cons
Just a thing that I would like to see differently is for it to provide daily reports of daily unusual behaviors
Likelihood to Recommend
Splunk based on its current established name in SIEM definitely meets the expectation in log management and EDR solutions. Enterprises will be able to provide adequate information to their executives because of how informative the data correlates.
VU
Verified User
Engineer in Information Technology (501-1000 employees)
Spunk business security has aided us in a variety of ways and will continue to do so with its many capabilities. To begin with, it aids us in classifying the various activities in our networks; it also has the capacity to identify risks, do correct diagnostics, and respond accordingly. It gives us a better understanding of our network, allowing us to conduct a complete analysis. Its ability to interact with a variety of platforms sets it apart from other products in its area.
Pros
The network's potential dangers are identified.
Application programs can be integrated.
We can keep track of our application's logs in a systematic way.
Cons
The product's price can be decreased.
Can have a more capable and responsive customer service workforce.
Likelihood to Recommend
We've been using spunk enterprise security for over a year and have had a great experience with it. The areas where I believe it will be most useful are the thorough inspections of your network and the identification of any potentially damaging threats. It is more convenient to use because it is integrated with practically all major platforms. We're having a fantastic time, and I can't say I'm experiencing any difficulties in any of the places; everything has been running smoothly thus far.