Forcepoint Data Loss Prevention vs. Splunk User Behavior Analytics vs. Trellix Helix

-Where companies need to secure their attachment, which goes outside, means from their company to outside -Where companies need to ensure their client's personal information -Where companies need DLP. They need to look for Forcepoint only, as they have the upper hand over the rest of their competitors.

Incentivized

Splunk User Behavior Analytics application is necessary when any company wants to capture the threat based on user behavior instead of just counting the number of occurrences of particular event. With Splunk UBA, we can analyse number of anomalies captured and which in turn creating threats which are nearly true positive.

Incentivized

Great for organizations that are considering improving their operational security by utilizing their threats intelligence capabilities. It offers a great collection and analysis of security events and provides solutions to solve them. When considering a solution that is secure and can provide very extensive visualization of your environment for threats.

• It has predominantly protected us from unauthorized parties and has provided us with better visibility and control over our data.
• This software has also successfully prevented us from both malicious and accidental tasks, which are quite flexible actions when it comes to the violation of data loss prevention policies.
• This product has been successful in improving compliance and even mitigating compliance violations, which further facilitated IT security.
• I think there is room for improvement, as the user interface is slightly rough and difficult to adopt in the beginning. The software also hangs up at a few instances, which leads to some wasting of time and annoyance, but other than that, this software is good. The technical staff should work on the complexities for a better user experience.

Incentivized

• Monitor and troubleshoot for any system errors.
• Get the insights on application data sets and do some predictive analysis.

Incentivized

• Single location for all security event management
• Detect advanced threats
• Provide audit artifacts to ensure compliance

Incentivized

• Forcepoint technical support--specially for users who go with essential support--is challenging to get support on time. You need the ticket to be raised long beforehand to get support from TAC. However, in the case of enterprise support, its is not like this technical person will come on a priority basis.
• However it comes with higher prices, especially for SMB, it is allowed to pay that amount for support only.

Incentivized

• Performance-wise, it can be improved. Queries take a long time.
• Dataset exploration - More data visualization charts can be added.

Incentivized

• Additional integration points (API cloud integrations).

Incentivized

We have been fairly happy with the product and how it has worked. We have looked at other vendors for url filter and such and have not found one that meets our needs or does what we have been doing with Websense. The product has been fairly stable and we have only had a few issues in the past. We have all seen that it was one of the highest leaders from the Gartner Group Magic Quadrant for Web Gateways.

Incentivized

For us, Forcepoint Data Loss Prevention was difficult to administer, did not work well when it did work, was incredibly expensive for the feature set you get, and was difficult to uninstall when we moved on from the software. Once it was fully set up, it worked occasionally for us.

Incentivized

Support from Forcepoint has been lacking. When calling in with a high priority issue we rarely are able to work with a technician immediately. The queue waits are very long and when you get through there are no support engineers available and we need to wait for a call back for hours it seems.

Incentivized

We've been fairly happy with FireEye Helix support overall. Most issues are resolved the same day the case is opened.

Incentivized

User friendly solution that makes it easy to deploy and manage. Forcepoint Data Loss Prevention very effective to protecting our valuable data on endpoints and where data lives like in the Cloud, server and on-premises disk drives and its valuable to just set policies once and start utilizing Forcepoint Data Loss Prevention solution.

Incentivized

Easier we were using Splunk Enterprise on heavy forwarder on which all the add-on were installed and were using Splunk Cloud with respect to search head and indexers stack. And with Splunk Enterprise Security premium app, we were relying on correlation rules which were throwing more number of false positive but after implementing Splunk UBA, we are now getting real-time true positive threat or incidents.

Incentivized

It offers extensive visibility thus easy detection of threats and easy mitigation practices. Utilization of its threats intelligence capabilities thus early detection of incidents and maximization of security investments. Offers great integration of cloud resources with existing security tools thus ensuring seamless performance and all-time security for the organizational resources.

• The exchange of financial documents with customers creates extreme risk as data loss could result in financial and reputation damage to the customer. The cost of deploying Forcepoint is fractions of pennies compared to the potential financial impact of data loss.
• There is some administrative overhead associated as false positives are inevitable, requiring a manual review and a potential loss of productivity.

Incentivized

• Fewer team members to work on real threats.
• Less time required to deal with real incidents.
• Easy to implement across the network.

Incentivized

• Optimization of your security investments.
• Operations are seamless and better with easy integrations that enhance performance.
• Efficiency in running of incidences with enhanced case management for all its alerts.