IBM Verify, formerly known as IBM Cloud Identity, is an identity-as-a-service (IDaaS) offering that aggregates dynamic user, device and environmental context to automate risk protection and continuously authenticate any user to any resource.
$1.81
per month per user
Splunk Enterprise Security
Score 8.6 out of 10
N/A
Splunk Enterprise Security is an analytics-driven SIEM that helps to combat threats with actionable intelligence and advanced analytics at scale.
N/A
Pricing
IBM Verify
Splunk Enterprise Security
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
IBM Verify
Splunk Enterprise Security
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
Yes
No
Entry-level Setup Fee
Optional
No setup fee
Additional Details
Sample Pricing Breakdown (NOTE: for competitive pricing per contract, please consult with your IBM Security Account Rep)
Users: 5,000
SSO* -- USD 1.71 per user per month
MFA* -- USD 1.71 per user per month
Adaptive Access* -- USD 1.71 per user per month
Lifecycle and provisioning** -- USD 2.01 per user per month
Identity analytics** -- USD 2.13 per user per month
* Single sign-on (SSO), multifactor authentication (MFA) and adaptive access pricing based on total active monthly users per use case. Costs decrease if users are active less than once per month.
** Lifecycle and provisioning and identity analytics pricing based on total users per use case.
The software is a unified identity verification platform with robust identity governance systems and multi-factor authentication tools. Effectiveness of the product in privileged access management and real-time activity monitoring. IBM Verify is very affordable and supports single sign-on in the cloud. It has a steep learning curve.
Well suited: Splunk ES is highly recommended in an environment with many data sources and experienced computer engineers. It has a steep learning curve, but once that hurdle is crossed, it is absolutely a beast. It is also very expensive, so a company putting a high amount of budget in Security is needed. Not well suited: Splunk ES is not recommended if a company has only a few sources and some non-technical IT users. The price won't justify the fewer data sources and scratching just the surface level. Moreover, non-technical IT users would be better off with something that has a query builder, unlike Splunk.
Advanced Threat Detection and Correlation: ES stands out in its ability to detect sophisticated threats by correlating data from multiple sources. For instance, it can identify unusual patterns in user behavior, cross-referencing with network logs to flag potential insider threats.
Real-time Monitoring and Alerting: ES offers robust real-time monitoring capabilities. It excels in promptly alerting us to critical security events, such as suspicious network traffic spikes or unauthorized access attempts, allowing for immediate response.
Comprehensive Log Analysis: ES ingests and analyzes an extensive range of log data. It's particularly adept at parsing and making sense of complex log formats, making it a versatile tool for understanding system activities and security events.
ES on the cloud (SaaS) has too many limitations with platform administration.
Supported integrations are not always on par with enterprise support especially when dependent on 3rd-party proprietary APIs.
In later versions, unforeseen glitches seem to show up that have no resolution except version upgrade. This used to not be the case in prior versions which were very stable.
It works flawlessly, i have never faced any major issues with this. It has all the features such as Iam and security management. I think its a good investment and the benefits we reap from this software are worth the price.
While setup and implementation takes work and time, the flexibility and possibilities make up for that in the long run. This is not a product you can just install and run, but if you design and implement your ruleset well, it will save you a lot of work afterwards. Just make sure that the systems you want to use it for have an existing and proven connector.
Maintaining hundreds or even 1000+ SOC use cases is really difficult, considering that the Data sources may not always send the data. A module that detects data freshness issues and detect data format changes would be a great help. the main challenge today using Splunk Enterprise Security is making sure that the detection rules are still working properly given all the changes that occur in data source applications. Also, maintaining the data collects on tens of thousands of servers and more than 100k workstations is a real company IT challenge: the splunkbase forwarder may not support old OS anymore, while these are the most important to monitor. Moving to the Open Telemetry collector has become essential so that only 1 agent is required for both SIEM and application observability.
It has never let us down since its inception and installation. User credentials and secure access have always been guaranteed. Ironclad security (through single sign-on, MFA, etc.) has ensured that our user credential details are safe as is our information/data. The correct access is given to users, based on role-based access with segregation of duty and the principle of least privilege being deployed. The IBM support has also been first class and they have proactively resolved any minor issues we have encountered.
It takes a long time for items to load if you are just generally searching through logs. It is best to use the data models which load faster but can be strange in terms of what is coming from which logs where. Yes, you can look it up, but this also requires familiarity with where things are and how to look them up.
The support team has always been the primary consultation base when we are faced by performance problems. From the deployment stage the team has managed to monitor the operation lifecycle and give best insights based on their observation. It works 24/7 to enhance productive service delivery to clients. The IBM Security Verify Support team has been the main player in the successful performance of this software.
It's good when it's responsive, but I've had times where I had to wait quite a while for a response. But these are typically the exceptions rather than the rule. When you do get a response it is always well-informed and appropriate. I would say they've been trending better over time with this.
I experienced only on-line training, but the trainers were very professional and competent. Maybe it could be more useful if they also have an experience in projects because sometimes they didn't have a real project experience to communicate to the students. Anyway, it was very interesting and I learned many thing that's very difficoult (or maybe impossible!) to have by myself, aven if I have more than 10 years of Splunk activity experience.
It was very interesting and I learned many thing that's very difficoult (or maybe impossible!) to have by myself. The only problem was that, when I worked with the Splunk Professional Services, I found some difference between the training contents and the information from PS. In addition is required a long experience on Splunk Enterprise for the data ingestion part, in other words I'm able to work with ES because I'm worling on Splunk since 11 years, otherwise I'd some problem.
We conducted a comparison study between IBM Verify and Okta as well as Duo Security before making our selection. IBM Verify emerged as the perfect fit because its superior capability to integrate with our current system environment surpassed competitor security solutions. IBM Verify demonstrated superior reliability through its enterprise-class scalability and fully transparent auditing mechanisms.
Splunk enterprise is the only solution that we’ve been able to identify that provides risk based alerting, which allows our SOC to reduce analyst fatigue which would be a huge problem without it. Before RBA, there were thousands of alerts a day and it was impossible to review all of them
The licensing terms were favourable due to their flexibility based on the size and purpose of implementation. The billing frequency is done on quarterly basis. The vendor team has enacted best user policies that gives the company the full control of this platform. It is cost-effective as compared to most security verification tools in the market.
for my exterience, unit pricing and billing frequency are correct. As I already said, I hint to have more discount flexibility, expecially with new customers, because there are competitors less expensive and very aggressive that are dangerous. In addition the possibility to don't pay the license for the development period could be a very interesting feature for the final customers.
- 8 out of 10 and took 2 for the data pipeline and administration part. Even if you'd like to improve yourself or your team, you have to pay a lot of money and it could be more than GIAC education + cert. - Normalization for Data models and CPU-based searches can be a problem sometimes.
In the case of adjustments, we were often able to carry them out completely on our own and only used professional services for new requirements. Particularly in the case of access management, it is very positive that we usually needed IBM for a task in less than an hour and then developed the solution further on our own.
I had a fantastic experience with Splunk Professional Services: they worked with us in our last SON project (a SOC migration for a very large customer) and helped to build a multi tenent environment even if ES isn't a multi tenant platform. Th Splunk PS was a very professional and competent people, he is italian and was able to speak with our italian customers.
ES has highly impacted ROI because as the customer of the ES the work we do for creating use cases for clients in terms of security-related aspects by their logs has given more return than investment.
The correlation searches we run to get detailed results from the Data models are very less time-consuming than Splunk Enterprise itself we can get quick responses to the use cases and dashboards populated because of ES.
The CIM compliance feature is ES has made more jobs easy in the terms of finding more Authentication related data we can get data onboarded in the Email data model from O365 and search is email data model instead of searching for particular indexes.
