Secure with Splunk Enterprise Security (ES)
September 06, 2023

Secure with Splunk Enterprise Security (ES)

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

I work for big organization and large infrastructure .Splunk Enterprise Security (ES) helps alot in security prospective and to chase threats and vulnerability detection, critical traffic detection firewall device Based on the risk score we can get incident notification and we can evaluate based on suggestions .SOC analyst best siem tool and good progress

Pros

  • Threat detection
  • Security
  • Vulnerability

Cons

  • Use case
  • Pre defined Data models
  • End point frame works
  • Data loss protection use cases and framework
  • service-level agreements (SLAs) between a customer and a service provider or vendor
  • The longer it takes to repair or recover from an issue, the more downtime a business experiences Lost produ tivity
Needs to improve more accurate data models which is give high rate of accurate results .which will reduce resource cost and can improve productivity
Correlation rules need to be upgrade or come with different rules to be added to evaluate many ways
Risk based alerting has to simply steps and should be recognize more effective and perform accordingly
The main hectic thing is to buy this product which is more cost
But stability and productivity and customer satisfaction
It can deploy onpremis or cloud ,both ways are flexible
Large scale of environments can handle and inorder to reduce resource cost and give great results ,high satisfaction while handling the things
Automatic risk based alerts will help to reduce resources
These two really helps in better way and low cost and high productivity. Automatic detection ML help you to detect many ways and create cases based on risk score
GRS UBA helps to protect organization from data ,via sharing through emails and USB s .
Gurucu product license once purchased they will devolp accordingly and monthly touch base sessions

Do you think Splunk Enterprise Security delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security's feature set?

Yes

Did Splunk Enterprise Security live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise Security go as expected?

Yes

Would you buy Splunk Enterprise Security again?

Yes

Splunk Enterprise Security (ES) protects company's infrastructure and we'll detected and automated alerts based on programmed alerts which is mainly threshold risk score Predefined use cases will help you to protect cloud environment and soc analysts can easily jump into them and enable them as they want Correlation methods will give you more exposure to track different ways to identify and get resolutions .

Splunk Enterprise Security Feature Ratings

Security Information and Event Management (SIEM)
8.6
Centralized event and log data collection
9
Correlation
9
Event and log normalization/management
10
Deployment flexibility
8
Integration with Identity and Access Management Tools
9
Custom dashboards and workspaces
8
Host and network-based intrusion detection
9
Log retention
9
Data integration/API management
7
Behavioral analytics and baselining
8
Rules-based and algorithmic detection thresholds
9
Response orchestration and automation
8
Reporting and compliance management
8
Incident indexing/searching
9

Comments

More Reviews of Splunk Enterprise Security

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Security Reviews
  4. User Review of Splunk Enterprise Security