One of the Best Premium Applications Designed and Developed by Splunk!
February 09, 2022
One of the Best Premium Applications Designed and Developed by Splunk!
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise Security (ES)
Earlier, we were not able to keep track of asset and identity management, security intelligence, email security monitoring along with threat intel feeds. With the help of the premium app, Splunk Enterprise Security, developed by Splunk, we could get the benefit of threat hunting, asset and identity monitoring, malware, and other security incident management. Also, we could map the MITRE framework with Splunk data models to get most of out it.
- Asset and inventory
- Incident review
- Security intelligence
- Windows monitoring
- Threat intel feed
- It could provide more permissions for customization in this app.
- It could add the UBA capability to the datamodel to prevent false positives.
- I believe it should limit the size of the threat intel feed.
- We could improve security incident monitoring and response.
- It has definitely reduced MTTR and MTTD.
- It integrates all the devices and security tools easily.
- The reporting part has been improved.
Sumo Logic is also one of the best tools in the market nowadays. It is very similar to Splunk from a writing-search processing query and functionality point of view. Sumo Logic is not as customizable as Splunk. And with Qualys Cloud Platform, we can scan our assets and web apps, so it is altogether a different product.
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Yes
Are you happy with Splunk Enterprise Security (ES)'s feature set?
Yes
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
Yes
Did implementation of Splunk Enterprise Security (ES) go as expected?
Yes
Would you buy Splunk Enterprise Security (ES) again?
Yes