Securing Your Environment with Splunk Enterprise Security.
May 22, 2023

Securing Your Environment with Splunk Enterprise Security.

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

Our scope is actually quite large as my team is responsible for the protection of tens of thousands of devices. This is accomplished with the use of Enterprise Security, which we have used for the past several years to great effect. Enterprise Security enables us to detect and respond to threats in real time, monitor our environment's overall security compliance, and provide timely and insightful reports and metrics to management.
  • Security incident investigation.
  • Insider threat detection.
  • Reporting and metrics.
  • Learning curve - requires subject matter expertise and Splunk administration knowledge.
  • Automated response limitations - requires SOAR to unlock its full potential.
  • Greatly reduced time to respond to incidents.
  • Improved visibility into the SOC operations makes for easier decision-making for management.
Enterprise Security, like all of Splunk's offerings, can be highly customized to fit the needs of the organization using it.

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security (ES)'s feature set?

Yes

Did Splunk Enterprise Security (ES) live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise Security (ES) go as expected?

Yes

Would you buy Splunk Enterprise Security (ES) again?

Yes

Splunk Enterprise Security is a great fit for an organization that also utilizes Splunk in its environment. While there is a learning curve, if users and admins are already familiar with Splunk, it should be a straightforward task to get Enterprise Security up and running. It makes even more sense if the organization is already utilized Splunk Security Essentials. This is like Enterprise Security Lite - but much of the setup and configuration carries directly over to Enterprise Security.

Splunk Enterprise Security (ES) Feature Ratings

Centralized event and log data collection
10
Correlation
9
Event and log normalization/management
9
Deployment flexibility
9
Integration with Identity and Access Management Tools
8
Custom dashboards and workspaces
10
Host and network-based intrusion detection
8
Log retention
10
Data integration/API management
9
Behavioral analytics and baselining
8
Rules-based and algorithmic detection thresholds
9
Response orchestration and automation
7
Reporting and compliance management
9
Incident indexing/searching
10