Try our new research platform with insights from 80,000+ expert users

BigPanda vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

No sentiment score available
BigPanda's customer support varies, with some users praising promptness and effectiveness, while others face delays and poor availability.
Sentiment score
7.2
Splunk Enterprise Security's support is generally praised for responsiveness and knowledge but criticized for delays and inconsistent quality.
 

Room For Improvement

Sentiment score
6.3
BigPanda requires better cost efficiency, integrations, observability, AI, visualization, UI, multi-cloud environment, event correlation, and automation improvements.
Sentiment score
6.2
Splunk Enterprise Security is costly and complex, with users seeking better integration, usability, support, and enhanced features like AI.
 

Scalability Issues

No sentiment score available
BigPanda is noted for managing large infrastructures, though some users express concerns about scalability and additional licensing needs.
Sentiment score
6.0
Splunk Enterprise Security is scalable and adaptable, handling large data volumes and multiple users easily but can be costly.
 

Setup Cost

No sentiment score available
BigPanda costs $200,000 annually, with users finding it reasonably priced, flexible in setup, and sometimes cheaper than competitors.
Sentiment score
7.7
Splunk Enterprise Security's pricing is perceived as high due to its licensing model and extensive features, often deterring SMEs.
 

Stability Issues

Sentiment score
5.8
BigPanda is stable but users have reliability concerns about alerts and incidents, partly due to its newness and unfamiliarity.
Sentiment score
4.8
Splunk Enterprise Security is praised for stability, reliability, low maintenance, and high performance, with minor issues quickly resolved.
 

Valuable Features

No sentiment score available
BigPanda excels with a user-friendly interface, seamless integrations, AI-driven event correlation, anomaly detection, and efficient notifications.
Sentiment score
8.7
Splunk Enterprise Security excels in dashboards, reporting, flexibility, scalability, support, log aggregation, alerting, integration, and efficient large data handling.
 

Categories and Ranking

BigPanda
Average Rating
7.2
Reviews Sentiment
6.1
Number of Reviews
12
Ranking in other categories
IT Infrastructure Monitoring (54th), IT Alerting and Incident Management (12th), AIOps (18th)
Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
301
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Mindshare comparison

While both are Systems Management solutions, they serve different purposes. BigPanda is designed for IT Infrastructure Monitoring and holds a mindshare of 1.1%, up 1.0% compared to last year.
Splunk Enterprise Security, on the other hand, focuses on Security Information and Event Management (SIEM), holds 10.9% mindshare, down 14.3% since last year.
IT Infrastructure Monitoring
Security Information and Event Management (SIEM)
 

Featured Reviews

Ankit-Mathur - PeerSpot reviewer
Offers comprehensive alert monitoring and a user-friendly interface but requires manual validation to provide accurate alerts
For new users, I would advise using BigPanda for its comprehensive alert monitoring and integration with ServiceNow. Its mapping capabilities and user-friendly interface make it valuable for incident analysis and prioritization. As users become more familiar with the tool, its full potential will become apparent, enhancing efficiency and effectiveness over time. It is easy for someone to learn to use BigPanda for the first time. We start with basic examples that everyone can understand, then provide verbal introductions followed by hands-on training over two weeks. We encourage making mistakes and asking questions to ensure understanding. It depends on the trainer's approach, but with proper guidance, anyone can learn effectively. Overall, I would rate BigPanda as a five out of ten. For it to be a perfect ten, it would need to consistently provide accurate alerts without requiring manual validation. This means it should effectively suppress similar incidents, eliminating the need for constant monitoring. Once it reaches this level of reliability, BigPanda would be exceptional.
Avinash Gopu. - PeerSpot reviewer
Offers good visibility into multiple environments, significantly reduces our alert volume, and speeds up our security investigations
There are limitations with Splunk not detecting all user activity, especially on mainframes and network devices. This is because Splunk relies on agents, which cannot access certain workstations. In these cases, we have to rely on application data. For example, with mainframes, manual reports are generated and sent to Splunk, limiting visibility to what's manually reported. This lack of automation for specific platforms needs improvement from Splunk. Additionally, API access is limited for other applications that rely on API calls and requests. This requires heavy customization on Splunk's end. These are the main challenges we've encountered. Monitoring multiple cloud platforms, like Azure, GCP, and AWS, with Splunk Enterprise Security presents some challenges. While Splunk provides different connectors for each provider, consolidating data from two domains across distinct cloud environments can be complex. However, leveraging pre-built templates and Splunk's data collation capabilities can help overcome these hurdles. Despite initial difficulties, I believe Splunk can effectively address this task, earning it an eight out of ten rating for its multi-cloud monitoring capabilities. While Splunk Enterprise Security offers insider threat detection capabilities, its effectiveness could be enhanced by integrating with additional tools, such as endpoint security solutions. This integrated approach is particularly crucial for financial institutions, which often require dedicated endpoint security teams. While using multiple tools is valuable, further improvements within Splunk itself are also necessary. Considering both external integration and internal development, I would rate its current insider threat detection capabilities as three out of ten. Threat detection is where Splunk falls behind. While it offers tools, other use cases require additional work. PAM is an enterprise tool that centralizes information about users, servers, and everything else. It needs real-time monitoring, which I haven't seen in any of the companies I've worked for. They only rely on Splunk for alerting, but real-time monitoring should be handled by the endpoint security team's tools. This means there's no detection or analysis at the machine or endpoint level. Additionally, threat analysis reporting is also absent.
report
Use our free recommendation engine to learn which IT Infrastructure Monitoring solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
23%
Computer Software Company
18%
Manufacturing Company
9%
Healthcare Company
6%
Financial Services Firm
16%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Any advice about APM solutions?
There are many factors and we know little about your requirements (size of org, technology stack, management systems, the scope of implementation). Our goal was to consolidate APM and infra monitor...
What do you like most about BigPanda?
One of the most valuable features of BigPanda is its user-friendly interface.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Learn More

 

Overview

 

Sample Customers

Nagios, ServiceNow, ITSM, NOC, CMDB Evolved, RemedyIncident Management Process
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Zabbix, Datadog, Auvik and others in IT Infrastructure Monitoring. Updated: November 2024.
816,406 professionals have used our research since 2012.