Splunk Enterprise Security - The Speed Gun !!!
May 02, 2022
Splunk Enterprise Security - The Speed Gun !!!
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise Security (ES)
I use Splunk Enterprise Security to provide Managed Security Services to our esteemed customers in Saudi Arabia. We are one of the largest and most reputed MSSPs in the region and Splunk Enterprise Security is our choice of SIEM solutions for multiple reasons. Splunk Enterprise Security is a next-gen SIEM tool with log management and correlation capabilities and it provides optimal and efficient results and aids in delivering world-class services. We mainly use it to store customer logs, do correlation on incoming logs and perform threat hunting. Splunk Enterprise Security has native features that enhance overall security monitoring and is a must for all MSSPs.
- Searching for specific events from a large data pool
- Needle in the haystack capabilities in finding a specific keyword out of the large volume of data
- Turning data into meaningful insights that assist in finding the right thing from a big chink of data
- Scalability is one area that Splunk Enterprise Security can improve upon.
- Splunk Enterprise Security required huge compute and storage resources, perhaps these can be minimized.
- Splunk support has lot of room for improvement.
- Faster MTTD for sure as Splunk Enterprise Security has good correlation
- Faster MTTR as well because it supports operations well
- Overall good ROI for an MSSP
- ArcSight Logger (formerly HPE ArcSight Logger)
Splunk Enterprise Security is way ahead of ArcSight on multiple fronts, especially indexing and data visualizations.
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Yes
Are you happy with Splunk Enterprise Security (ES)'s feature set?
Yes
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
Yes
Did implementation of Splunk Enterprise Security (ES) go as expected?
Yes
Would you buy Splunk Enterprise Security (ES) again?
Yes