What users are saying about
28 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 9 out of 100
20 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.7 out of 100

Likelihood to Recommend

Snort

If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.
Anonymous | TrustRadius Reviewer

Splunk Enterprise Security (SIEM)

If you have Splunk already, definitely consider ES. The ability to do security alerting around the common information model is very useful. In particular, pulling in threat lists automatically and checking for those indicators across all your data sources is awesome. The ability to have alerts that don't display to the analyst but just update the risk on a user or system is great too. It does provide a view of potential incidents and a platform for investigations but I don't feel like these functions are smooth enough to provide much value.
Allan Crittenden Edwards | TrustRadius Reviewer

Feature Rating Comparison

Security Information and Event Management (SIEM)

Snort
Splunk Enterprise Security (SIEM)
9.5
Centralized event and log data collection
Snort
Splunk Enterprise Security (SIEM)
10.0
Correlation
Snort
Splunk Enterprise Security (SIEM)
10.0
Event and log normalization/management
Snort
Splunk Enterprise Security (SIEM)
10.0
Deployment flexibility
Snort
Splunk Enterprise Security (SIEM)
9.4
Integration with Identity and Access Management Tools
Snort
Splunk Enterprise Security (SIEM)
8.6
Custom dashboards and workspaces
Snort
Splunk Enterprise Security (SIEM)
8.4
Host and network-based intrusion detection
Snort
Splunk Enterprise Security (SIEM)
9.4
Data integration/API management
Snort
Splunk Enterprise Security (SIEM)
9.0
Behavioral analytics and baselining
Snort
Splunk Enterprise Security (SIEM)
10.0
Rules-based and algorithmic detection thresholds
Snort
Splunk Enterprise Security (SIEM)
10.0
Response orchestration and automation
Snort
Splunk Enterprise Security (SIEM)
10.0
Reporting and compliance management
Snort
Splunk Enterprise Security (SIEM)
10.0
Incident indexing/searching
Snort
Splunk Enterprise Security (SIEM)
9.0

Pros

Snort

  • IPS detection.
  • DoS detection.
  • Packet logging.
Anonymous | TrustRadius Reviewer

Splunk Enterprise Security (SIEM)

  • Correlation searches
  • Notable events
  • Security use cases
Anonymous | TrustRadius Reviewer

Cons

Snort

  • At times can be unstable with Cisco bugs, require frequent upgrading.
  • FTD images that are being pushed for ASAs are less efficient from an administration standpoint, no CLI.
Alan Matson, CCNA:S, MCP | TrustRadius Reviewer

Splunk Enterprise Security (SIEM)

  • The application seems inefficient/resource intensive
  • The default searches and alerts are unlikely to provide much value
Allan Crittenden Edwards | TrustRadius Reviewer

Usability

Snort

No score
No answers yet
No answers on this topic

Splunk Enterprise Security (SIEM)

Splunk Enterprise Security (SIEM) 10.0
Based on 1 answer
You definitely need to learn how to use Splunk to get the most of the tool. There are many courses available for free to get up to speed on the usability of the tool but it's not that simple. It will take time to digest all the data and to understand how to query for what you are looking for.
Anonymous | TrustRadius Reviewer

Support Rating

Snort

No score
No answers yet
No answers on this topic

Splunk Enterprise Security (SIEM)

Splunk Enterprise Security (SIEM) 9.1
Based on 2 answers
It's good when it's responsive, but I've had times where I had to wait quite a while for a response. But these are typically the exceptions rather than the rule. When you do get a response it is always well-informed and appropriate. I would say they've been trending better over time with this.
Allan Crittenden Edwards | TrustRadius Reviewer

Alternatives Considered

Snort

For our organization, the Cisco defense in depth concept works the best. While Cisco can be made to work with other vendors, we have found the best in depth protection by integrating Cisco products for maximum visibility. We had a Barracuda Web Filter, but it was difficult to maintain when you had limited scope on what you could block, so we created a whitelist only setup which required a lot of additional manpower. This wouldn't have covered new threats with DNS spoofing and the like.Sourcefire also integrated with our anti-malware platform (Cisco AMP) for even better visibility on what may be happening on the end users workstation. We are planning on adding in Cisco ISE to complete the approach and possibly stealthwatch to cover our bases in the future. The Palo Alto gear was interesting, but it was priced far out of our range.
David Myers | TrustRadius Reviewer

Splunk Enterprise Security (SIEM)

We used QRadar a while ago. Perhaps it was just poorly configured but it provided almost no value. It seemed harder to tune for our environment if it was even possible. Also, they didn't value us as a customer. They tried to make us re-purchase the product when they acquired it, even though we already had it in place.
Allan Crittenden Edwards | TrustRadius Reviewer

Return on Investment

Snort

  • Being open source, ROI on free is hard to beat for something that works.
  • I believe it greatly enhances the security of my network.
Curt Dickman | TrustRadius Reviewer

Splunk Enterprise Security (SIEM)

  • Less time to remediate for security incidents
  • Reduction of noisy alerts for security teams
  • Integration with many sources to gain visibility
Anonymous | TrustRadius Reviewer

Pricing Details

Snort

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Splunk Enterprise Security (SIEM)

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Rating Summary

Likelihood to Recommend

Snort
8.5
Splunk Enterprise Security (SIEM)
9.1

Usability

Snort
Splunk Enterprise Security (SIEM)
10.0

Support Rating

Snort
Splunk Enterprise Security (SIEM)
9.1

Add comparison