Splunk supplies security analytics as a standalone solution or priced as an add-on for users of its popular SIEM products, to protect enterprises against unknown threats and malicious behavior, via the Splunk User Behavior Analytics application.
N/A
Trellix Helix
Score 7.1 out of 10
Enterprise companies (1,001+ employees)
Trellix Helix (formerly FireEye Helix) is a SIEM solution providing a non-malware threat detection solution.
Easier we were using Splunk Enterprise on heavy forwarder on which all the add-on were installed and were using Splunk Cloud with respect to search head and indexers stack. And with Splunk Enterprise Security premium app, we were relying on correlation rules which were throwing …
Splunk UBA is a great debugging tool, and it helps me analyze the application logs and get a better idea about the problem. It also helps in analyzing the user behavior in a nutshell over the entire application.
It offers extensive visibility thus easy detection of threats and easy mitigation practices. Utilization of its threats intelligence capabilities thus early detection of incidents and maximization of security investments. Offers great integration of cloud resources with …
We found FireEye Helix to outperform all other tools we reviewed. SecureWorks had a great marketing plan but once we drilled into the technical details, the platform wasn't able to keep up.
I find Helix to be super-efficient and able to cut through the noise. Previous installations of LogRhythm and Splunk resulting in an overwhelming amount of noise (out of the gate), and we had to constantly tune out false positives. Helix is different. Out of the gate, Helix …
Splunk is well suited for applications with large amounts of data, and large enterprise applications. Especially if the application has interconnected modules, it helps us to analyze and monitor the application greatly.
Overall, we've had a great experience with FireEye Helix and would recommend it to organizations looking to improve their operational security. We've found Helix to be a great way to collect and analyze revenant security events and take action. Having a single pane of glass makes this process much more efficient. Prior to moving to FireEye Helix, we had different teams sending data to different applications, which resulted in confusion and critical data being missed.
Easier we were using Splunk Enterprise on heavy forwarder on which all the add-on were installed and were using Splunk Cloud with respect to search head and indexers stack. And with Splunk Enterprise Security premium app, we were relying on correlation rules which were throwing more number of false positive but after implementing Splunk UBA, we are now getting real-time true positive threat or incidents.
It offers extensive visibility thus easy detection of threats and easy mitigation practices. Utilization of its threats intelligence capabilities thus early detection of incidents and maximization of security investments. Offers great integration of cloud resources with existing security tools thus ensuring seamless performance and all-time security for the organizational resources.
Helix has had a significant impact on CSOC visibility efforts across the organization.
Helix fills the logging and alerting gaps that are missing across the infrastructure side.
Having a single pane of glass allows teams to more efficiently run incidents. Additionally, Helix is integrated with ServiceNow providing enhanced and efficient case management for all Helix alerts.