Item: Splunk Enterprise Security (ES)
Rating: 9
Author: Fabio Silva

Use Cases and Deployment Scope

We are using Splunk ES to identify possible security risks and advice together with other legacy security tools. Splunk ES is helping us to correlate different logs in a single interface.

Pros and Cons

Incident Review and Classification
Risk-Based Analysis
Endpoint Protection

Palo Alto logs integration
Bluecoat logs integration

Return on Investment

MTTR improved
Improved the security layer for Business Units

Scalability

With Splunk, we have the ability to track the events from the Cloud (Public or Private) as the local events from on-premise.

Other Software Used

Darktrace, Trend Micro Apex One, SolarWinds Hybrid Cloud Observability

Splunk is very good when integrating with other security logs like Mcafee, Trend Micro & Darktrace. The integration with the Firewall application is still a gap to cover as today the integration with some vendors such as Palo Alto and Bluecoat is not straightforward yet.

Splunk ES help you aggregate to achieve visibility and leverage security intelligence across the organization

Overall Satisfaction with Splunk Enterprise Security (ES)

Use Cases and Deployment Scope

Pros and Cons

Return on Investment

Scalability

Key Insights

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

Are you happy with Splunk Enterprise Security (ES)'s feature set?

Did Splunk Enterprise Security (ES) live up to sales and marketing promises?

Did implementation of Splunk Enterprise Security (ES) go as expected?

Would you buy Splunk Enterprise Security (ES) again?

Other Software Used

Likelihood to Recommend

Splunk Enterprise Security (ES) Feature Ratings