Pega Platform is a combined business process management and robotic process automation (RPA) platform with advanced workforce analytics from Pegasystems.
$35
per month per user* (or $0.45 per case**)
Splunk Enterprise Security
Score 8.6 out of 10
N/A
Splunk Enterprise Security is an analytics-driven SIEM that helps to combat threats with actionable intelligence and advanced analytics at scale.
N/A
Pricing
Pega Platform
Splunk Enterprise Security
Editions & Modules
Low-code Factory Edition
$35
per month per user* (or $0.45 per case**)
Standard Edition
$90
per month per user* (or $0.80 per case**)
Enterprise Edition
Custom Quote
No answers on this topic
Offerings
Pricing Offerings
Pega Platform
Splunk Enterprise Security
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
*500 named user minimum. Additional users available in blocks of 100. Billed annually. Based on a 3-year term.
**350,000 cases / year minimum. Additional cases available in blocks of 150,000.
Pega Platform has introduced the low code feature, using app studio seasonal and professional developer can develop application easily and quickly. The initial application can be build by Business analyst and product owner who has less knowledge of Pega Platform, further application can be enhanced/extended by professional developer. We can develop end to end application and promote to higher environment. Easily we can perform parallel development using branch.
Well suited: Splunk ES is highly recommended in an environment with many data sources and experienced computer engineers. It has a steep learning curve, but once that hurdle is crossed, it is absolutely a beast. It is also very expensive, so a company putting a high amount of budget in Security is needed. Not well suited: Splunk ES is not recommended if a company has only a few sources and some non-technical IT users. The price won't justify the fewer data sources and scratching just the surface level. Moreover, non-technical IT users would be better off with something that has a query builder, unlike Splunk.
Quick development time. Much of the Pega "rules" are easy to configure and implement.
Visually friendly and modern. Much of the UI/UX elements in the system are continuously supported and updated, giving a nice feel to the apps.
Many of the configurations and rules Pega gives to the developers can also be delegated to business users. The organization and structure of the client's business can easily be adapted in the Pega platform.
Advanced Threat Detection and Correlation: ES stands out in its ability to detect sophisticated threats by correlating data from multiple sources. For instance, it can identify unusual patterns in user behavior, cross-referencing with network logs to flag potential insider threats.
Real-time Monitoring and Alerting: ES offers robust real-time monitoring capabilities. It excels in promptly alerting us to critical security events, such as suspicious network traffic spikes or unauthorized access attempts, allowing for immediate response.
Comprehensive Log Analysis: ES ingests and analyzes an extensive range of log data. It's particularly adept at parsing and making sense of complex log formats, making it a versatile tool for understanding system activities and security events.
ES on the cloud (SaaS) has too many limitations with platform administration.
Supported integrations are not always on par with enterprise support especially when dependent on 3rd-party proprietary APIs.
In later versions, unforeseen glitches seem to show up that have no resolution except version upgrade. This used to not be the case in prior versions which were very stable.
Pegasystems has continued to demonstrate a strong partnership with our organization and investment in their product that aligns with our overall vision and need. Pegasystems has engaged us at every level, with the assistance of minor defects to the overall roadmap planning and alignment of our goals
Pega Platform is enhancing its product and launching new features day by day which help to achieve customers needs. If I talk about the earlier version of Pega Platform (i.e. pega v5 and 6.3) there were many numbers of limitations in Pega Platform and if we need to do some customization then needed to write custom java and jave scripts to achieve the functionally. Now I can say Pega Platform is running with market trends and demand. Pega Platform is giving all the options which support the current technologies like decisioning capabilities, real time processing, mashup, process fabrics etc..
Maintaining hundreds or even 1000+ SOC use cases is really difficult, considering that the Data sources may not always send the data. A module that detects data freshness issues and detect data format changes would be a great help. the main challenge today using Splunk Enterprise Security is making sure that the detection rules are still working properly given all the changes that occur in data source applications. Also, maintaining the data collects on tens of thousands of servers and more than 100k workstations is a real company IT challenge: the splunkbase forwarder may not support old OS anymore, while these are the most important to monitor. Moving to the Open Telemetry collector has become essential so that only 1 agent is required for both SIEM and application observability.
It takes a long time for items to load if you are just generally searching through logs. It is best to use the data models which load faster but can be strange in terms of what is coming from which logs where. Yes, you can look it up, but this also requires familiarity with where things are and how to look them up.
It’s very slow sometimes, but that may be our servers. Also the Knowledge Library needs some work - again, not sure if it’s our setup or what- but I’m unable to search the body of an article for content, so I have to be very intentional with tagging, but it’s not ideal.
It's good when it's responsive, but I've had times where I had to wait quite a while for a response. But these are typically the exceptions rather than the rule. When you do get a response it is always well-informed and appropriate. I would say they've been trending better over time with this.
I experienced only on-line training, but the trainers were very professional and competent. Maybe it could be more useful if they also have an experience in projects because sometimes they didn't have a real project experience to communicate to the students. Anyway, it was very interesting and I learned many thing that's very difficoult (or maybe impossible!) to have by myself, aven if I have more than 10 years of Splunk activity experience.
It was very interesting and I learned many thing that's very difficoult (or maybe impossible!) to have by myself. The only problem was that, when I worked with the Splunk Professional Services, I found some difference between the training contents and the information from PS. In addition is required a long experience on Splunk Enterprise for the data ingestion part, in other words I'm able to work with ES because I'm worling on Splunk since 11 years, otherwise I'd some problem.
We did evaluate multiple products offerings with Pega Platform capabilities and observed that Pega PRPC rules engine and case management capabilities are better over so many BPM Tools. We also conducted a detailed study with developers to identify the best products out of Suite of BPM products. It's observed that Rules engines integration is very streamlined with forms in Pega whereas other tools multiple have powerful data model capabilities but lacks the ease of creating business rules.
Splunk enterprise is the only solution that we’ve been able to identify that provides risk based alerting, which allows our SOC to reduce analyst fatigue which would be a huge problem without it. Before RBA, there were thousands of alerts a day and it was impossible to review all of them
for my exterience, unit pricing and billing frequency are correct. As I already said, I hint to have more discount flexibility, expecially with new customers, because there are competitors less expensive and very aggressive that are dangerous. In addition the possibility to don't pay the license for the development period could be a very interesting feature for the final customers.
- 8 out of 10 and took 2 for the data pipeline and administration part. Even if you'd like to improve yourself or your team, you have to pay a lot of money and it could be more than GIAC education + cert. - Normalization for Data models and CPU-based searches can be a problem sometimes.
I had a fantastic experience with Splunk Professional Services: they worked with us in our last SON project (a SOC migration for a very large customer) and helped to build a multi tenent environment even if ES isn't a multi tenant platform. Th Splunk PS was a very professional and competent people, he is italian and was able to speak with our italian customers.
For one of the applications we worked on, we were able to reduce the processing time on a case from 2 days to 20 minutes by utilizing Pega
We were able to resolve the issue of the routing of cases to users based on a specific algorithm by use of Pega
Pega case management feature was extensively used in one of the application to establish a parent-child relationship which was very helpful for all the business users
ES has highly impacted ROI because as the customer of the ES the work we do for creating use cases for clients in terms of security-related aspects by their logs has given more return than investment.
The correlation searches we run to get detailed results from the Data models are very less time-consuming than Splunk Enterprise itself we can get quick responses to the use cases and dashboards populated because of ES.
The CIM compliance feature is ES has made more jobs easy in the terms of finding more Authentication related data we can get data onboarded in the Email data model from O365 and search is email data model instead of searching for particular indexes.
