The best way to secure a network with detection and mitigation
April 07, 2022

The best way to secure a network with detection and mitigation

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

Our company has been using the Splunk Enterprise Security solution for a year and a few months. It has made a major upgrade in technical issues of monitoring, detecting, and mitigating cyber threats and external attack attempts. Splunk ES is easy to implement and configure through an intuitive and user-friendly configuration interface. Our IT Infrastructure team uses it every day, 24 hours a day, to monitor and combat cyber threats that try to access and seek security holes in our data network. We created custom routines and rules that have improved the search and mitigation of threats.

Pros

  • Cyber ​​threat protection with prevention of before, during, and after threat attempts.
  • Custom reports and display charts.
  • Full protection 24 hours a day.
  • Immediate response to attempted attacks.
  • Stable and fast.

Cons

  • Improved integration with other third-party tools.
  • Documentation is a little weak and should be improved.
  • We have detection and mitigation of threat attempts.
  • Reduced chances of information theft.
  • Integrated security with other management platforms.
Scalability is optimal and can be easily accomplished per demand and growth.

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security (ES)'s feature set?

Yes

Did Splunk Enterprise Security (ES) live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise Security (ES) go as expected?

Yes

Would you buy Splunk Enterprise Security (ES) again?

Yes

Since the implementation of this tool, we no longer suffer damage due to attacks. This solution allied with the Firewall solution is a wall of protection against any internet threat. The great differential of the Splunk Enterprise Security solution is to provide detection by monitoring the entire network including servers, applications, cloud services, storage systems, and databases, as well as by mitigating and alarming incidents seeking to solve the problem. Splunk's technical support is one of the best. They are very fast and efficient.

Splunk Enterprise Security (ES) Feature Ratings

Centralized event and log data collection
10
Correlation
10
Event and log normalization/management
10
Deployment flexibility
10
Integration with Identity and Access Management Tools
10
Custom dashboards and workspaces
9
Host and network-based intrusion detection
10
Log retention
10
Data integration/API management
9
Behavioral analytics and baselining
10
Rules-based and algorithmic detection thresholds
10
Response orchestration and automation
9
Reporting and compliance management
10
Incident indexing/searching
9

Comments

More Reviews of Splunk Enterprise Security (ES)