3 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 9 out of 100
17 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 9.2 out of 100

Likelihood to Recommend

Elastic Security

I believe Endgame is well suited to organizations that have their own Cybersecurity department. Its not well suited for organizations that don't have a Cybersecurity department.
Anonymous | TrustRadius Reviewer

Splunk Enterprise Security (SIEM)

If you have Splunk already, definitely consider ES. The ability to do security alerting around the common information model is very useful. In particular, pulling in threat lists automatically and checking for those indicators across all your data sources is awesome. The ability to have alerts that don't display to the analyst but just update the risk on a user or system is great too. It does provide a view of potential incidents and a platform for investigations but I don't feel like these functions are smooth enough to provide much value.
Allan Crittenden Edwards | TrustRadius Reviewer

Feature Rating Comparison

Security Information and Event Management (SIEM)

Elastic Security
Splunk Enterprise Security (SIEM)
9.5
Centralized event and log data collection
Elastic Security
Splunk Enterprise Security (SIEM)
10.0
Correlation
Elastic Security
Splunk Enterprise Security (SIEM)
10.0
Event and log normalization/management
Elastic Security
Splunk Enterprise Security (SIEM)
10.0
Deployment flexibility
Elastic Security
Splunk Enterprise Security (SIEM)
9.5
Integration with Identity and Access Management Tools
Elastic Security
Splunk Enterprise Security (SIEM)
8.5
Custom dashboards and workspaces
Elastic Security
Splunk Enterprise Security (SIEM)
8.4
Host and network-based intrusion detection
Elastic Security
Splunk Enterprise Security (SIEM)
9.5
Data integration/API management
Elastic Security
Splunk Enterprise Security (SIEM)
9.0
Behavioral analytics and baselining
Elastic Security
Splunk Enterprise Security (SIEM)
10.0
Rules-based and algorithmic detection thresholds
Elastic Security
Splunk Enterprise Security (SIEM)
10.0
Response orchestration and automation
Elastic Security
Splunk Enterprise Security (SIEM)
10.0
Reporting and compliance management
Elastic Security
Splunk Enterprise Security (SIEM)
10.0
Incident indexing/searching
Elastic Security
Splunk Enterprise Security (SIEM)
9.0

Pros

Elastic Security

  • Identify 0-day malware.
  • Provides a few forensic details on endpoints.
  • Very easy to administer.
Anonymous | TrustRadius Reviewer

Splunk Enterprise Security (SIEM)

  • Correlation searches
  • Notable events
  • Security use cases
Anonymous | TrustRadius Reviewer

Cons

Elastic Security

  • I would love that it provided more memory analysis details.
  • Being able to edit sensor profiles after creating them.
  • I would love it if it provided more automation features.
Anonymous | TrustRadius Reviewer

Splunk Enterprise Security (SIEM)

  • The application seems inefficient/resource intensive
  • The default searches and alerts are unlikely to provide much value
Allan Crittenden Edwards | TrustRadius Reviewer

Usability

Elastic Security

No score
No answers yet
No answers on this topic

Splunk Enterprise Security (SIEM)

Splunk Enterprise Security (SIEM) 10.0
Based on 1 answer
You definitely need to learn how to use Splunk to get the most of the tool. There are many courses available for free to get up to speed on the usability of the tool but it's not that simple. It will take time to digest all the data and to understand how to query for what you are looking for.
Anonymous | TrustRadius Reviewer

Support Rating

Elastic Security

Elastic Security 7.0
Based on 2 answers
Even though their support is good, I think there are some areas where they need to provide more thorough solutions to issues, some of their solutions are pretty basic and have already been tried.
Anonymous | TrustRadius Reviewer

Splunk Enterprise Security (SIEM)

Splunk Enterprise Security (SIEM) 9.1
Based on 2 answers
It's good when it's responsive, but I've had times where I had to wait quite a while for a response. But these are typically the exceptions rather than the rule. When you do get a response it is always well-informed and appropriate. I would say they've been trending better over time with this.
Allan Crittenden Edwards | TrustRadius Reviewer

Alternatives Considered

Elastic Security

Endgame is based on the MITRE framework which has proven to be a successful framework to identify various attack patterns that attackers use. Also, compared to the others it's easier to administer and manage.
Anonymous | TrustRadius Reviewer

Splunk Enterprise Security (SIEM)

We used QRadar a while ago. Perhaps it was just poorly configured but it provided almost no value. It seemed harder to tune for our environment if it was even possible. Also, they didn't value us as a customer. They tried to make us re-purchase the product when they acquired it, even though we already had it in place.
Allan Crittenden Edwards | TrustRadius Reviewer

Return on Investment

Elastic Security

  • Being able to identify threats we couldn't identify before.
  • Easier management of endpoints.
  • Being able to immediately isolate endpoints remotely that have high severity threats.
Anonymous | TrustRadius Reviewer

Splunk Enterprise Security (SIEM)

  • Less time to remediate for security incidents
  • Reduction of noisy alerts for security teams
  • Integration with many sources to gain visibility
Anonymous | TrustRadius Reviewer

Pricing Details

Elastic Security

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Splunk Enterprise Security (SIEM)

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Rating Summary

Likelihood to Recommend

Elastic Security
9.0
Splunk Enterprise Security (SIEM)
9.1

Usability

Elastic Security
Splunk Enterprise Security (SIEM)
10.0

Support Rating

Elastic Security
7.0
Splunk Enterprise Security (SIEM)
9.1

Add comparison