Try our new research platform with insights from 80,000+ expert users
Splunk Enterprise Security Logo

Splunk Enterprise Security Reviews

Vendor: Splunk
4.2 out of 5
Badge Ranked 1
9,782 followers
Post review

What is Splunk Enterprise Security?

Featured reviews

Splunk Enterprise Security mindshare

Product category:
As of December 2024, the mindshare of Splunk Enterprise Security in the Security Information and Event Management (SIEM) category stands at 11.2%, down from 15.0% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)

PeerAnalyst reports

TypeTitleDate
CategorySecurity Information and Event Management (SIEM)Dec 20, 2024Download
ProductReviews, tips, and advice from real usersDec 20, 2024Download
ComparisonSplunk Enterprise Security vs WazuhDec 20, 2024Download
ComparisonSplunk Enterprise Security vs Microsoft SentinelDec 20, 2024Download
ComparisonSplunk Enterprise Security vs IBM Security QRadarDec 20, 2024Download
Suggested products
TitleRatingMindshareRecommending
CrowdStrike Falcon4.3N/A97%122 interviewsAdd to research
Wazuh3.716.4%79%45 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

By reviewers
By visitors reading reviews

Top industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
University
5%
Educational Organization
5%
Healthcare Company
5%
Insurance Company
4%
Retailer
4%
Energy/Utilities Company
3%
Comms Service Provider
3%
Real Estate/Law Firm
3%
Media Company
2%
Non Profit
2%
Construction Company
2%
Legal Firm
2%
Transportation Company
1%
Outsourcing Company
1%
Wholesaler/Distributor
1%
Hospitality Company
1%
Recreational Facilities/Services Company
1%
Logistics Company
1%
Performing Arts
1%
Aerospace/Defense Firm
1%
Pharma/Biotech Company
1%
Consumer Goods Company
1%

Compare Splunk Enterprise Security with alternative products

Learn more about Splunk Enterprise Security

Product Video

Splunk Enterprise Security video

Splunk Enterprise Security customers

Related questions

 

Splunk Enterprise Security reviews

Sort by:
Avinash Gopu. - PeerSpot user
Associate VP & Cyber Security Specialist at US Bank
Verified user of Splunk Enterprise Security
Feb 7, 2024
Offers good visibility into multiple environments, significantly reduces our alert volume, and speeds up our security investigations

Pros

"We can automatically suspend or terminate suspicious sessions."

Cons

"There are limitations with Splunk not detecting all user activity, especially on mainframes and network devices."
Eko Kurniawan - PeerSpot user
IT Operations & Security at Veris
Verified user of Splunk Enterprise Security
Aug 25, 2024
We can manage all the logs from every device on a single dashboard

Pros

"Splunk can deliver more information by going deeper. By creating a dashboard, we can identify the root cause of the threat. Let's say I have a firewall from Check Point. Splunk will find the dashboard for Check Point, implement it in our environment, and connect it to the Check Point firewall logs, which are shown on the dashboard. If we request a custom dashboard, the engineer will take longer to complete the task. "

Cons

"Splunk should align its security principles with those of other vendors like SentinelOne. Splunk has mature APIs that can communicate with various security applications and devices. Splunk can process more to produce an understandable dashboard. "
Find out what your peers are saying about Splunk Enterprise Security. Updated November 2024
824,019 professionals have used our research since 2012.
Vikram Cherala - PeerSpot user
Senior advisor at TekWissen India
Verified user of Splunk Enterprise Security
Jun 2, 2024
It's easier to customize than other solutions

Pros

"We have created a few custom use cases for Splunk that have helped us detect threats faster. For example, we set up endpoint-related data models and specialized setups for various scenarios. It's more efficient than some other products I've used. "

Cons

"The access and identity features could be improved. For example, let's say we have onboarded 65 logs. Now, we can identify the various processes, but we run into trouble when we're updating the processes for AWS CloudTrail, EDR, MDR, and XDR. "
Sameep Agarwal. - PeerSpot user
Group manager at HCM Technologies
Verified user of Splunk Enterprise Security
Nov 3, 2023
It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query

Pros

"It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query on Splunk. The resolution time is about the same, but it took longer to discover the issue with ArcSight. Our previous solution took about an hour or more, but Splunk can do it within a few minutes or an hour at most. "

Cons

"The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system. "
SP
SOC Analyst at Topcon Omni Systems, Inc.
Verified user of Splunk Enterprise Security
Jul 9, 2024
Makes investigations much easier by providing us with the relevant context to help guide our investigations

Pros

"The most valuable features include the incident review and Dashboard Studio."

Cons

"Having analysts put their notes directly within the investigation feature in the incident review would be beneficial. "
Viney Bhardwaj - PeerSpot user
Sr Manager at Ernst & Young
Verified user of Splunk Enterprise Security
Oct 27, 2023
Mature, highly customizable, and good integration capability

Pros

"If I need to integrate devices for logs, it is easier with Splunk. We can integrate different applications, network devices, and databases. It is also very rich in documents. It is the best."

Cons

"Splunk does not provide any default threat intelligence like Microsoft Sentinel, but you can integrate any third-party threat intelligence with Splunk. By default, no threat intelligence suite is there, whereas, with IBM QRadar or Microsoft Sentinel, the default feature of threat intelligence is there. It is free. If Splunk can provide a default threat intelligence suite, it would be better."
Sathish Suluguri - PeerSpot user
Splunk SOAR/Phantom at PricewaterhouseCoopers
Verified user of Splunk Enterprise Security
Apr 2, 2024
User-friendly, feature-rich, and best support

Pros

"It is user-friendly. It is more effective than other solutions. The support and help for troubleshooting and the documentation from Splunk make it very effective."

Cons

"The only improvement I am expecting is the cost of the licensing. Clients are going to other solutions just because of the cost."
SAURABHYADAV4 - PeerSpot user
Consultant at HCL Technologies
Verified user of Splunk Enterprise Security
Mar 19, 2024
The solution speeds up our response by enabling us to automate some of the investigation steps

Pros

"Splunk's interface is user-friendly, and it has apps and add-ons for most applications. We can easily normalize the data to make it readable and understand the logs. We easily get all the field extractions and enrichment done by using the apps and add-ons. This helps us understand the application logs because the raw data is useless unless we extract some useful information from it. These add-ons make it so much easier. "

Cons

"It would be nice if Splunk reduced the cost of training. Their training sessions are way too costly. "