TrustRadius: an HG Insights company

Splunk Enterprise Security

Score8.6 out of 10

258 Reviews and Ratings

Learn More

Features

Top Performing Features

  • Custom dashboards and workspaces

    dashboards that can be customized to meet the needs of specific groups

    Category average: 8.6

  • Integration with Identity and Access Management Tools

    Integration with access control tools like Active Directory and LDAP

    Category average: 8.4

  • Correlation

    Correlation of logs and events to pinpoint significant threats

    Category average: 8.4

  • Event and log normalization/management

    Ability to normalize event syntax so that logs can be compared and are machine-understandable

    Category average: 8.5

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

  • Centralized event and log data collection

    Effectiveness of real-time centralized event and log data collection

    Category average: 8.4

  • Correlation

    Correlation of logs and events to pinpoint significant threats

    Category average: 8.4

  • Event and log normalization/management

    Ability to normalize event syntax so that logs can be compared and are machine-understandable

    Category average: 8.5

  • Deployment flexibility

    Ability to tune system to maximize threat detection and minimize false positives

    Category average: 7.7

  • Integration with Identity and Access Management Tools

    Integration with access control tools like Active Directory and LDAP

    Category average: 8.4

  • Custom dashboards and workspaces

    dashboards that can be customized to meet the needs of specific groups

    Category average: 8.6

  • Host and network-based intrusion detection

    Ability to detect both endpoint intrusion and network ingress detection

    Category average: 8

  • Data integration/API management

    Ease and quality of data integrations between SIEM and other systems

    Category average: 8

  • Behavioral analytics and baselining

    How effectively activity and behavior baselines are established and maintained

    Category average: 8.2

  • Rules-based and algorithmic detection thresholds

    Effectiveness of manually-established rules and algorithmically-determined detection thresholds

    Category average: 8

  • Response orchestration and automation

    Quality of built-in response orchestration and automation in Next-Gen SIEM

    Category average: 7.9

  • Reporting and compliance management

    Ease and quality of reporting and compliance functions

    Category average: 8.5

  • Incident indexing/searching

    Effectiveness of searching across structured and unstructured events and incidents within SIEM

    Category average: 8.2