TrustRadius

Attivo IDEntitleX vs. Splunk Enterprise

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Attivo IDEntitleX
Score 6.0 out of 10
N/A
Attivo Networks headquartered in Fremont, California, offers IDEntitleX, an Active Directory security solution. The software provides cloud identity and entitlements visibility as part of the Attivo Identity Security Offerings, reducing the attack surface and limiting exposures across the enterprise.N/A
Splunk Enterprise
Score 8.5 out of 10
N/A
Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.N/A
Pricing
Attivo IDEntitleXSplunk Enterprise
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Attivo IDEntitleXSplunk Enterprise
Free Trial
NoYes
Free/Freemium Version
NoYes
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Attivo IDEntitleXSplunk Enterprise
Features
Attivo IDEntitleXSplunk Enterprise
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
Attivo IDEntitleX
-
Ratings
Splunk Enterprise
8.0
68 Ratings
2% above category average
Centralized event and log data collection00 Ratings9.065 Ratings
Correlation00 Ratings8.266 Ratings
Event and log normalization/management00 Ratings9.067 Ratings
Deployment flexibility00 Ratings8.061 Ratings
Integration with Identity and Access Management Tools00 Ratings7.861 Ratings
Custom dashboards and workspaces00 Ratings8.167 Ratings
Host and network-based intrusion detection00 Ratings7.549 Ratings
Data integration/API management00 Ratings7.717 Ratings
Behavioral analytics and baselining00 Ratings7.314 Ratings
Rules-based and algorithmic detection thresholds00 Ratings8.014 Ratings
Response orchestration and automation00 Ratings7.515 Ratings
Reporting and compliance management00 Ratings8.017 Ratings
Incident indexing/searching00 Ratings8.318 Ratings
Best Alternatives
Attivo IDEntitleXSplunk Enterprise
Small Businesses
Armor
Armor
Score 6.0 out of 10
LevelBlue USM Anywhere
LevelBlue USM Anywhere
Score 7.5 out of 10
Medium-sized Companies
Druva Security Cloud
Druva Security Cloud
Score 9.5 out of 10
Sumo Logic
Sumo Logic
Score 9.3 out of 10
Enterprises
Druva Security Cloud
Druva Security Cloud
Score 9.5 out of 10
Sumo Logic
Sumo Logic
Score 9.3 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Attivo IDEntitleXSplunk Enterprise
Likelihood to Recommend
6.0
(1 ratings)
8.2
(86 ratings)
Likelihood to Renew
-
(0 ratings)
7.0
(18 ratings)
Usability
-
(0 ratings)
7.9
(19 ratings)
Availability
-
(0 ratings)
10.0
(1 ratings)
Support Rating
-
(0 ratings)
8.0
(18 ratings)
Online Training
-
(0 ratings)
8.0
(1 ratings)
Implementation Rating
-
(0 ratings)
7.0
(3 ratings)
Product Scalability
-
(0 ratings)
9.1
(1 ratings)
User Testimonials
Attivo IDEntitleXSplunk Enterprise
Likelihood to Recommend
Attivo Networks
Attivo IDEntitleX does the job but with a high chance of generating false positives. Attivo IDEntitleX is well suited to setup monitoring on user account roles and permissions or if there is a sudden change in the permissions for a user account which seems to be suspicious. Attivo IDEntitleX is useful for both on premise infrastructure and hybrid cloud environment but the results cannot be trusted 100%
Verified User
Anonymous
Read full review
Cisco
It's well suited for what I do, which is network security operations. And that's for anything from troubleshooting incidents, troubleshooting performance, troubleshooting for the purpose of a compliance and auditing. It's not best suited for users who are new in terms of they're new to the product and they have expectations that probably Splunk cannot meet.
Verified User
Anonymous
Read full review
Pros
Attivo Networks
  • Monitoring account activities
  • Visibility into account roles and permissions
  • Service account management
  • Password rotation and tracking for Kerberos account
Verified User
Anonymous
Read full review
Cisco
  • It is very useful in creating custom rules for analyzing system logs and display relevant information. The query language is very easy to learn.
  • We can create custom UI to visualize the output of our data. The interface is very flexible. It also allows the sharing of rules among users.
  • There is an open online community to help others. Stackoverflow also has a splunk community. These resources make it more convenient to learn.
Kuntal Das | TrustRadius Reviewer
Kuntal Das
Security Analyst
Read full review
Cons
Attivo Networks
  • Reduce the false positives
  • The UI is very slow and resource intensive
  • The support team needs more technical depth to rectify the issues
Verified User
Anonymous
Read full review
Cisco
  • Splunk light limits number of users to 5. Wish there was a flexible license, where one could add more users.
  • Splunk light does not let you add > few realtime alerts. Wish there was a flexible license, where one could add as many realtime alerts as wanted.
  • Better insight into daily ingestion values
Pooja Gada | TrustRadius Reviewer
Pooja Gada
Engineering Tech Lead
Read full review
Likelihood to Renew
Attivo Networks
No answers on this topic
Cisco
We are using Splunk extensively in our projects and we have recently upgraded to Splunk version 6.0 which is quite efficient and giving expected results. We keep track of updates and new features Splunk introduces periodically and try to introduce those features in our day to day activities for improvement in our reporting system and other tasks.
Verified User
Anonymous
Read full review
Usability
Attivo Networks
No answers on this topic
Cisco
You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all.
Kenneth Taitingfong | TrustRadius Reviewer
Kenneth Taitingfong
Splunk Architect / Engineer
Read full review
Reliability and Availability
Attivo Networks
No answers on this topic
Cisco
When properly setup and configured, Splunk is extremely reliable.
Verified User
Anonymous
Read full review
Support Rating
Attivo Networks
No answers on this topic
Cisco
Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method.
Verified User
Anonymous
Read full review
Online Training
Attivo Networks
No answers on this topic
Cisco
The online course was simple clear and described the main capabilities of the solution. There is also an initial module that can be done for free so anyone can familiarize themselves with the functionality of this solution. On the other hand, however, there could be more free online courses. Maybe even with a certificate, this would broaden the group of people who are familiar with the platform while increasing familiarity with the solution itself.
Verified User
Anonymous
Read full review
Implementation Rating
Attivo Networks
No answers on this topic
Cisco
Smooth without too many major issues.
Verified User
Anonymous
Read full review
Alternatives Considered
Attivo Networks
No answers on this topic
Cisco
I didn't get to fully evaluate Logstash as our corporation was already using Logstash, but both seemed like viable solutions to the problem that we were having. I wanted to evaluate Logstash some more, both did seem like they would work for the business needs that we had, we went with splunk as many teams were already using it.
Verified User
Anonymous
Read full review
Scalability
Attivo Networks
No answers on this topic
Cisco
Splunk can scale in to the petabyte per day range which of course is awesome
Rick Yetter | TrustRadius Reviewer
Rick Yetter
Regional Director
Read full review
Return on Investment
Attivo Networks
  • The false positive results are a downside
  • Relatively less expensive identity monitoring tool
  • Integrates well with other vendor tools
Verified User
Anonymous
Read full review
Cisco
  • I don't have any numbers to share but Splunk has positively served as a 24/7 monitoring tool that has saved hours of work by self-detecting, saving statistics and alerting problems in the system or from external interfaces as soon as they happen.
  • Splunk dashboards does a solid job in collecting, analyzing data and creating reports that contain an entire day's activity and then automatically sent out to the business.
  • Splunk is very easy to learn and very useful to any program or business application.
Verified User
Anonymous
Read full review
ScreenShots