Anomali ThreatStream vs. Splunk Enterprise

Anomali ThreatStream

Splunk Enterprise

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
Anomali ThreatStream	Score 7.0 out of 10	N/A	ThreatStream from Anomali in Redwood City speeds detection of threats by uniting security solutions under one platform and providing tools to operationalize threat intelligence. ThreatStream also automates many of the tasks typically assigned to security professionals, freeing analysts to quickly handle threats. ThreatStream collects threat intelligence data from hundreds of third party sources.	N/A
Splunk Enterprise	Score 8.4 out of 10	N/A	Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.	N/A

Pricing

Anomali ThreatStream

Splunk Enterprise

Editions & Modules

No answers on this topic

Offerings

Pricing Offerings
Anomali ThreatStream	Splunk Enterprise
Free Trial
No	Yes
Free/Freemium Version
No	Yes
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

Additional Details

—

More Pricing Information

Community Pulse
	Anomali ThreatStream	Splunk Enterprise
Considered Both Products	Anomali ThreatStream Verified User Team Lead Chose Anomali ThreatStream I think they both have their own pros and cons. However, I like Anomali ThreatStream better because of its strong local presence in MENA market which renders great support from the vendor during needy times. I have also figured out that IOC integration with SIEM solutions is … Incentivized Helpful?	Splunk Enterprise No answer on this topic
Top Pros	Pro Threat intelligence Pro Time saving Pro Record keeping	Pro Real time Pro Easy to use Pro Set up
Top Cons	Minus Customer service Minus Multi tasking Minus Not find	Minus Learning curve Minus Steep learning curve Minus Ability to create

Features

Anomali ThreatStream

Splunk Enterprise

Security Information and Event Management (SIEM)

Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
	Anomali ThreatStream - Ratings	Splunk Enterprise 7.4 54 Ratings 6% below category average
Centralized event and log data collection	00 Ratings	6.553 Ratings
Correlation	00 Ratings	6.052 Ratings
Event and log normalization/management	00 Ratings	6.053 Ratings
Deployment flexibility	00 Ratings	7.549 Ratings
Integration with Identity and Access Management Tools	00 Ratings	7.549 Ratings
Custom dashboards and workspaces	00 Ratings	8.554 Ratings
Host and network-based intrusion detection	00 Ratings	7.037 Ratings
Data integration/API management	00 Ratings	8.35 Ratings
Behavioral analytics and baselining	00 Ratings	7.84 Ratings
Rules-based and algorithmic detection thresholds	00 Ratings	7.84 Ratings
Response orchestration and automation	00 Ratings	6.94 Ratings
Reporting and compliance management	00 Ratings	7.94 Ratings
Incident indexing/searching	00 Ratings	8.95 Ratings

Best Alternatives
	Anomali ThreatStream	Splunk Enterprise
Small Businesses	AlienVault USM Score 8.0 out of 10	AlienVault USM Score 8.0 out of 10
Medium-sized Companies	CrowdStrike Falcon Score 9.1 out of 10	InsightIDR Score 8.6 out of 10
Enterprises	CrowdStrike Falcon Score 9.1 out of 10	Microsoft Sentinel Score 8.4 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	Anomali ThreatStream	Splunk Enterprise
Likelihood to Recommend	8.9 (3 ratings)	7.0 (70 ratings)
Likelihood to Renew	- (0 ratings)	10.0 (17 ratings)
Usability	- (0 ratings)	9.0 (3 ratings)
Availability	- (0 ratings)	10.0 (1 ratings)
Support Rating	- (0 ratings)	8.4 (17 ratings)
Online Training	- (0 ratings)	8.0 (1 ratings)
Implementation Rating	- (0 ratings)	9.0 (2 ratings)
Product Scalability	- (0 ratings)	9.1 (1 ratings)

User Testimonials
	Anomali ThreatStream	Splunk Enterprise
Likelihood to Recommend	Anomali Anomali ThreatStream is excellent in scenarios where we deliver Managed Security Services to customers. It offers exhaustive volumes of information in the form of threat bulletins, IOCs, Threat Actor profiling, and details related to campaigns in the wild which can be used to a great extent by MSSPs. For an enterprise SOC, I believe it is a little less suited purely because of the pricing aspect as it is slightly towards the expensive side of the spectrum. Incentivized Verified User Anonymous Read full review	Splunk Pros: Splunk is very well suited if you have multiple log sources of related data. All of them can be correlated and tasks can be automated based on the requirement. Other than alerts, Splunk can also run a specific script of your choice, based on some defined conditions. Cons: If you have a few logs but a large number of log sources, Splunk can be very expensive. Incentivized Kuntal Das Security Analyst Read full review
Pros	Anomali Indicators of Compromise Signatures Community Sharing Incentivized Verified User Anonymous Read full review	Splunk Real-time + Scheduled alerts - i-e you can set up alerts which are actively monitoring your logs Pretty good response time for search results. With our key/value logging, Splunk makes it blazing fast to query the data. Dashboards provide insights into historical data Love how Splunk indexes all of the data and provides keys to search on Incentivized Pooja Gada Engineering Tech Lead Read full review
Cons	Anomali The user interface, perhaps there is some room for improvement although it is good already. Confidence assigning process for IOCs needs to be more robust and transparent. While integration with SIEM solutions is a cakewalk, there is definitely added value if SIGMA rule conversion and YARA rule creation are provided from the platform. Incentivized Verified User Anonymous Read full review	Splunk At times some queries can run slowly if indices are not on a portion of the query you use. Setup time initially can be difficult if your logs aren't stored in common locations or in a common way to write the log. Ability to ingest logs from different locations without having to change code to put logs in a certain place (pro and con). Searches can be a bit more difficult to look through if your log isn't pulled in a manner that is easy to read through splunk. Incentivized Verified User Anonymous Read full review
Likelihood to Renew	Anomali No answers on this topic	Splunk We are using Splunk extensively in our projects and we have recently upgraded to Splunk version 6.0 which is quite efficient and giving expected results. We keep track of updates and new features Splunk introduces periodically and try to introduce those features in our day to day activities for improvement in our reporting system and other tasks. Verified User Anonymous Read full review
Usability	Anomali No answers on this topic	Splunk You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all. Incentivized Kenneth Taitingfong Splunk Architect / Engineer Read full review
Reliability and Availability	Anomali No answers on this topic	Splunk When properly setup and configured, Splunk is extremely reliable. Incentivized Verified User Anonymous Read full review
Support Rating	Anomali No answers on this topic	Splunk Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method. Incentivized Verified User Anonymous Read full review
Online Training	Anomali No answers on this topic	Splunk The online course was simple clear and described the main capabilities of the solution. There is also an initial module that can be done for free so anyone can familiarize themselves with the functionality of this solution. On the other hand, however, there could be more free online courses. Maybe even with a certificate, this would broaden the group of people who are familiar with the platform while increasing familiarity with the solution itself. Verified User Anonymous Read full review
Implementation Rating	Anomali No answers on this topic	Splunk Smooth without too many major issues. Incentivized Verified User Anonymous Read full review
Alternatives Considered	Anomali Many of the products that can be used to be ingested into a security event management software can be cumbersome with threat streamThere are many opportunities to continue fine-tuning the environment and providing great context in regards to threat research. When compared to other products threat stream stands out from usability and features. Incentivized Verified User Anonymous Read full review	Splunk I wanted to learn a new language that I can quickly master and implement. Splunk is easy, fun to use and best of all, it can be developed in hours not days or weeks. Splunk is fundamentally a programming language that is minimal but yet powerful enough to collect, analyze and visualize data. Incentivized Verified User Anonymous Read full review
Scalability	Anomali No answers on this topic	Splunk Splunk can scale in to the petabyte per day range which of course is awesome Rick Yetter Regional Director Read full review
Return on Investment	Anomali After the Initial startup cost, it has overall had a positive impact by increasing efficiency of the team and freeing up analysts to do manual threat hunting Incentivized Verified User Anonymous Read full review	Splunk Overall very positive. It has provided visibility to what is going on within our network. One drawback is the time it takes to get up to speed with the application, but this is up to the user, and Splunk education is excellent. In my field, IT Security, there are few other friends to have in your back pocket better than Splunk. They are just that good. Incentivized Verified User Anonymous Read full review
ScreenShots