Splunk Enterprise security is a powerful tool to explore
June 21, 2022
Splunk Enterprise security is a powerful tool to explore
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise Security (ES)
Splunk Enterprise Security is being used in our company to quickly detect security issues and respond to internal and external attacks. The security department is currently working on exploring all use cases for ES. Splunk is widely used for all types of monitoring, detecting issues, threats, security, cybercrime, DDOS, etc.
Pros
- Good graphical UI to learn and detect threat and perform quick recovery action.
- ES is very useful in detecting security issues in enterprise infrastructures such as devices, systems, and applications.
- Using AI and ML features to detect anomalies and trigger alerts to NOC.
Cons
- Limited use cases, need to be expanded and include all the other use cases in the ES to detect security issues.
- Definitely, ES helps in reducing MTTD and MTTR, with the help of ES overall detection method, we could save a lot of time in issue detection and correction.
Currently, all feature of ES is being explored in our Org so it's too early to say but this is definitely a powerful tool and would help in all security issues detection.
Do you think Splunk Enterprise Security delivers good value for the price?
Not sure
Are you happy with Splunk Enterprise Security's feature set?
Yes
Did Splunk Enterprise Security live up to sales and marketing promises?
Yes
Did implementation of Splunk Enterprise Security go as expected?
I wasn't involved with the implementation phase
Would you buy Splunk Enterprise Security again?
Yes
Comments
Please log in to join the conversation