Overall Satisfaction with Splunk Enterprise Security (ES)
Splunk Enterprise Security has been implemented on our public and private cloud infrastructures as part of my employment. In one environment, it's a single instance, whereas, on the other, it's distributed. Splunk Enterprise Security has been connected with firewalls, antivirus, and other infrastructure components for risk analysis, threat intelligence, and analytics. We've found this platform to be a great fit for our purposes. Analytics and threat intelligence from around the world are combined in a single, powerful tool. We've been able to see everything going on in our networks, and we've been able to spot potentially harmful communications and assets because of it. Integration of third-party technologies enhances Enterprise Security's already high level of functionality. In terms of analytics and intelligence, Splunk Enterprise Security is a best-in-class SIEM.
- operating costs were reduced 3%
- standards were maintained regarding safety
- the return on investment will be seen in 1 year
Yes but, Splunk Enterprise Security is resource-intensive and demands a considerable investment into resources as it starts scaling. Needs to be configured properly since out of the box it does not offer much. This can be scary for rookie admins. Steep learning curve. For someone now starting this requires time and work. Splunk is pretty complex if you are trying to get the best out of it.
I believe that the certainty of its tools but there are still options to develop.
for his great Threat Intelligence, analytics and risk identification
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Are you happy with Splunk Enterprise Security (ES)'s feature set?
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
Did implementation of Splunk Enterprise Security (ES) go as expected?
Would you buy Splunk Enterprise Security (ES) again?
Our networks can be simply investigated and analyzed thanks to Enterprise Security's many fields of analytics. The Endpoint, Identity, Access, and Network domains make it possible to disperse events and assets that have been carefully categorized. A dashboard for risk analytics. In this way, executives may get a high-level view of what's going on in a way that non-technical people can understand. Threat activity can be classified at a high level using MITRE, NIST, and CIS threat IDs, which are all included. Alerts of risk and important occurrences can be received without having to search or drill down into searches thanks to an adaptive reaction center.