Splunk Enterprise, Splunk ES, Incident Mgmt and SOAR - provides lots of capabilities for SOC & App teams.
February 21, 2022
Splunk Enterprise, Splunk ES, Incident Mgmt and SOAR - provides lots of capabilities for SOC & App teams.
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise Security (ES)
Splunk ES is being used as the SIEM solution and has provided immense value to our cyber security team. A vast list of supporting apps developed by Splunk including the SOAR solutions has improved the capabilities of our team extensively. This has made life easier for Cyber Security Architects, Managers, Security Analysts, and Auditors. Totally Love Splunk and all its Apps. Also, waiting for more improvements in the Splunk ML toolkit.
- Incident Mgmt
- Correlation Search and Deep Dive Search
- Investigations
- SOAR integration
- DNS Lookup
- Data enrichment to make ES dashboard more useful
- data add-ons
- Acts as Data Lake
- Centralized Cyber Security Solution
- SOAR provides added benefits
- Faster MTTD and MTTR
- Better Correlation of data
- ArcSight Intelligence, CrowdStrike Falcon Endpoint Protection, Tableau Server and BMC Helix ITSM (Remedy)
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Yes
Are you happy with Splunk Enterprise Security (ES)'s feature set?
Yes
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
Yes
Did implementation of Splunk Enterprise Security (ES) go as expected?
Yes
Would you buy Splunk Enterprise Security (ES) again?
Yes