Splunk ES review
February 24, 2022
Splunk ES review
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise Security (ES)
Splunk ES is a great solution for collecting data from countless types of sources. This enables a company to centralize the monitoring, reporting, and alerting on security events and improve its overall security posture. I believe one of the powerful features is the ability to correlate Threat Intel feeds with actual event data.
Pros
- Correlating Threat Intel feeds with event data
- Enriching event data
- Alerting and automating
Cons
- Orchestration
- Reduced operating costs by being "a single pane of glass"
- Reduced MTTD due to Threat Intel integration
- Reduced MTTR due to integrations
- ArcSight Logger (formerly HPE ArcSight Logger)
Splunk Enterprise Security is overall a better choice due to multiple factors. It can be easily deployed in any type of environment, whether you are looking for On-Premise or Cloud hosting. It scales amazingly well and it is very intuitive to use. It has a strong community, great support and can be integrated with lots of environments
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Yes
Are you happy with Splunk Enterprise Security (ES)'s feature set?
Yes
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
Yes
Did implementation of Splunk Enterprise Security (ES) go as expected?
Yes
Would you buy Splunk Enterprise Security (ES) again?
Yes
Comments
Please log in to join the conversation