We performed a comparison between Anomali ThreatStream and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Recorded Future, Microsoft, Check Point Software Technologies and others in Threat Intelligence Platforms."The feature I have found most valuable is credential monitoring. This feature is easy and quick."
"It allows the centralization of data and makes possible new sorts of correlations that were previously impossible using traditional SIEMs such as ArcSight or QRadar."
"Splunk is quite flexible for our customers. Splunk does not filter from a specific lock, you can define it later."
"We saw the granularity that we could get from Splunk far exceeded what we already had. We had the ability to have our security team really focus on the platform and stay within the platform, but they could correlate with a variety of other stakeholders, and our stakeholders were growing."
"The additional vendors we've brought on board, particularly the elastic, have been quite beneficial."
"Its integration is most valuable. Its UI is also pretty much easy."
"Splunk Enterprise Security offers valuable features like seamless integration and a SQL-standard Structured Query Language for easy searching."
"It's the completeness of the solution that we like the most."
"We have a more secure, robust environment, which keeps the harmful software out of the zone required."
"Less code in integration would be nice when building blocks."
"Splunk could have more built-in use case presets that customers can build on and customize."
"The solution could improve by giving more email details."
"If you monitor too much, you can lose performance on your systems."
"It's costly."
"The level of scalability depends on the license you have. You can expand or reduce it based on the environment. It does cost more money to scale, however."
"Delays in responses from the technical team can pose challenges for both vendors and clients, especially considering that Splunk applications and machine solutions are critical assets."
"The user access control could be much more granular, so that the admins can control r/w/x access for specific features of the product like dashboards, etc."
"The configuration had a bit of a learning curve."
Anomali ThreatStream is ranked 6th in Threat Intelligence Platforms with 1 review while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 246 reviews. Anomali ThreatStream is rated 7.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Anomali ThreatStream writes "Easy and quick credential monitoring; tech support could be improved". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Anomali ThreatStream is most compared with Recorded Future, ThreatConnect Threat Intelligence Platform (TIP), ThreatQ, Group-IB Threat Intelligence and Palo Alto Networks AutoFocus, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel.
We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.