1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Security (ES) Reviews
  4. User Review of Splunk Enterprise Security (ES)
Enterprise Security Is a Must-Have for Any Security Team
March 08, 2022

Enterprise Security Is a Must-Have for Any Security Team

ramiro brown | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

Splunk Enterprise Security has been implemented on our public and private cloud infrastructures as part of my employment. In one environment, it's a single instance, whereas, on the other, it's distributed. Splunk Enterprise Security has been connected with firewalls, antivirus, and other infrastructure components for risk analysis, threat intelligence, and analytics. We've found this platform to be a great fit for our purposes. Analytics and threat intelligence from around the world are combined in a single, powerful tool. We've been able to see everything going on in our networks, and we've been able to spot potentially harmful communications and assets because of it. Integration of third-party technologies enhances Enterprise Security's already high level of functionality. In terms of analytics and intelligence, Splunk Enterprise Security is a best-in-class SIEM.
  • Integration-Deployment
  • Service-Support
  • Evaluation
  • Data Conversion
  • The Price
  • Connection with Members
  • operating costs were reduced 3%
  • standards were maintained regarding safety
  • the return on investment will be seen in 1 year
Yes but, Splunk Enterprise Security is resource-intensive and demands a considerable investment into resources as it starts scaling. Needs to be configured properly since out of the box it does not offer much. This can be scary for rookie admins. Steep learning curve. For someone now starting this requires time and work. Splunk is pretty complex if you are trying to get the best out of it.
I believe that the certainty of its tools but there are still options to develop.
for his great Threat Intelligence, analytics and risk identification

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

No

Are you happy with Splunk Enterprise Security (ES)'s feature set?

Yes

Did Splunk Enterprise Security (ES) live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise Security (ES) go as expected?

Yes

Would you buy Splunk Enterprise Security (ES) again?

Yes

Our networks can be simply investigated and analyzed thanks to Enterprise Security's many fields of analytics. The Endpoint, Identity, Access, and Network domains make it possible to disperse events and assets that have been carefully categorized. A dashboard for risk analytics. In this way, executives may get a high-level view of what's going on in a way that non-technical people can understand. Threat activity can be classified at a high level using MITRE, NIST, and CIS threat IDs, which are all included. Alerts of risk and important occurrences can be received without having to search or drill down into searches thanks to an adaptive reaction center.

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM)
6.9
Centralized event and log data collection
6
Correlation
9
Event and log normalization/management
8
Deployment flexibility
4
Integration with Identity and Access Management Tools
7
Custom dashboards and workspaces
9
Host and network-based intrusion detection
6
Log retention
4
Data integration/API management
8
Behavioral analytics and baselining
9
Rules-based and algorithmic detection thresholds
7
Response orchestration and automation
9
Reporting and compliance management
7
Incident indexing/searching
4