Powerful software for security and minimize the threats.
April 22, 2022

Powerful software for security and minimize the threats.

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

The SOC uses Splunk Enterprise Security as its SIEM at the heart of its security monitoring software. Having all your security records in one place, integrated with smart information, allows you to meet customer, regulatory and physical security requirements through a single pane of glass. Standardize information and language when addressing security concerns.

Pros

  • It has Defense against the threat.
  • It has a powerful machine learning.
  • It is stable , fast and full protective.

Cons

  • Dashboard is not so good.
  • The RAM consumption can be improved.
  • It is difficult for new users.
  • The license fee for Splunk Enterprise Security seems to be higher than before.
  • It takes less time for search.
  • It has good service delivery.
Splunk Enterprise Security (ES) detects malware and all anomalies, can't be lost, and controls your account based on company-assigned permissions, so you can permanently monitor your account and avoid the risk of unauthorized access. Splunk doesn't offer the best dashboard customization, nor is it easy to use, but I think it's a tool that keeps everything organized and keeps track of your entire complex security system.

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security (ES)'s feature set?

Yes

Did Splunk Enterprise Security (ES) live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise Security (ES) go as expected?

Yes

Would you buy Splunk Enterprise Security (ES) again?

Yes

If you have knowledge of Splunk, then ES is very suitable for SOC. The optimization of ES is better. ES can adapt to new threats, but it requires considerable care and maintenance. ES is not a good substitute for SOC which cannot be modified or extended. In some cases, a Managed Security Service Provider can help.

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM)
8.4
Centralized event and log data collection
8
Correlation
9
Event and log normalization/management
8
Deployment flexibility
9
Integration with Identity and Access Management Tools
9
Custom dashboards and workspaces
8
Host and network-based intrusion detection
8
Log retention
8
Data integration/API management
9
Behavioral analytics and baselining
9
Rules-based and algorithmic detection thresholds
8
Response orchestration and automation
8
Reporting and compliance management
8
Incident indexing/searching
9

Comments

More Reviews of Splunk Enterprise Security (ES)

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Security (ES) Reviews
  4. User Review of Splunk Enterprise Security (ES)