Try our new research platform with insights from 80,000+ expert users

IBM Watson for Cyber Security vs Splunk Enterprise Security comparison

IBM and Splunk are both solutions in the Security Information and Event Management (SIEM) category. IBM is ranked #51, while Splunk is ranked #1 with an average rating of 8.4. IBM holds a 0.2% mindshare in SIEM, compared to Splunk’s 10.9% mindshare. Additionally, 100% of IBM users are willing to recommend the solution, compared to 93% of Splunk users who would recommend it.
IBM Watson for Cyber Security
Read 4 IBM Watson for Cyber Security reviews
  • 493 Views
  • 323 Comparison Views
100% willing to recommend
Splunk Enterprise Security
Read 301 Splunk Enterprise Security reviews
  • 17,426 Views
  • 14,446 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 29, 2024

Splunk Enterprise Security and IBM Watson for Cyber Security are leading solutions in the cybersecurity domain. Splunk Enterprise Security holds an edge with smoother deployment and superior customer service, while IBM Watson for Cyber Security offers advanced AI-driven insights and capabilities.

Features: Splunk Enterprise Security includes comprehensive data analytics, real-time monitoring, and efficient threat detection. IBM Watson for Cyber Security provides AI-driven insights, automated response capabilities, and advanced cognitive computing.

Room for Improvement: Splunk Enterprise Security needs more intuitive dashboards and simplified configuration. IBM Watson for Cyber Security requires a less steep learning curve and less customization.

Ease of Deployment and Customer Service: Splunk Enterprise Security is easier to deploy and offers robust customer support. IBM Watson for Cyber Security presents more complexity during deployment and requires substantial support.

Pricing and ROI: Splunk Enterprise Security is more cost-effective with lower initial setup costs and efficient resource utilization. IBM Watson for Cyber Security has higher setup costs, affecting the ROI timeline, but offers advanced capabilities that may justify the investment.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed IBM Watson for Cyber Security vs. Splunk Enterprise Security Report (Updated: October 2024).
Buyer's Guide
IBM Watson for Cyber Security vs. Splunk Enterprise Security
October 2024
Download the complete report
Helped 814,649 peers since 2012
 

Categories and Ranking

IBM Watson for Cyber Security
Ranking in Security Information and Event Management (SIEM)
51st
Average Rating
8.0
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Number of Reviews
301
Ranking in other categories
Log Management (1st), IT Operations Analytics (1st)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of IBM Watson for Cyber Security is 0.2%, down from 0.3% compared to the previous year. The mindshare of Splunk Enterprise Security is 10.9%, down from 14.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Elena Stefanovska - PeerSpot reviewer
Jul 8, 2022
Knowledgeable support, reliable, and useful compliance policies
IBM Watson for Cyber Security can be deployed on-premise or in the cloud and it is used as a SIEM solution The most valuable features of IBM Watson for Cyber Security are ease of use and out-of-the-box reports and compliance policies. Additionally, if there are aspects that are missing IBM add…
Read full review
Sameep Agarwal. - PeerSpot reviewer
Oct 23, 2023
It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query
The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system. Splunk needs to be tweaked in JSON so you can limit what is coming from the endpoints, especially the events. One needs to filter that out so that only certain events are ingested, like login failures, Active Directory changes, password reset requests, privilege modifications, etc. Each Windows machine generates about 310 KB of information per event, but we can tweak that down to about 50 KB.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"IBM Watson for Cyber Security is very stable."
"The customer support is very good."
"The most valuable features of IBM Watson for Cyber Security are ease of use and out-of-the-box reports and compliance policies. Additionally, if there are aspects that are missing IBM add them in the next release."
"The most valuable feature of this product is innovation, where the research and upgrading of technology never ends."
"The most valuable features in Splunk Enterprise Security are the cluster capabilities."
"It has a big user base, so the community is useful."
"It helps streamline troubleshooting and log analysis."
"Splunk Enterprise Security gives us a single pane of glass so that we can use just one tool instead of having to use different tools."
"Splunk can deliver more information by going deeper. By creating a dashboard, we can identify the root cause of the threat. Let's say I have a firewall from Check Point. Splunk will find the dashboard for Check Point, implement it in our environment, and connect it to the Check Point firewall logs, which are shown on the dashboard. If we request a custom dashboard, the engineer will take longer to complete the task."
"We have created a few custom use cases for Splunk that have helped us detect threats faster. For example, we set up endpoint-related data models and specialized setups for various scenarios. It's more efficient than some other products I've used."
"One of the most valuable features is threat hunting. We can do threat hunting and identify if there is any malicious activity happening within our environment, which is a key feature for us."
"Splunk would be my choice for the presentation layer because it comes with inbuilt reports and a dashboard that you can customize."
More Splunk Enterprise Security pros
 

Cons

"In the future, I would like to see threat intelligence included."
"This is an expensive product, so making it more cost-effective would be an improvement."
"They need to continue to build the AI capabilities."
"The dashboard could improve in IBM Watson for Cyber Security."
"The case management area of the ES could be improved. The ability to move cases through various stages and states. The ability to close a case would be key improvement."
"In the next release, they should include machine learning-based rules that would streamline the process of finding anomalies."
"The only thing which can be improved is that they are too subjective on whom their Splunk4Good initiative can be applied. They market it as you only need to be a nonprofit, but there is more to it."
"Splunk's reporting functionality would benefit from enhanced customization capabilities, allowing users to tailor reports to their specific needs for better data visualization and analysis."
"The access and identity features could be improved. For example, let's say we have onboarded 65 logs. Now, we can identify the various processes, but we run into trouble when we're updating the processes for AWS CloudTrail, EDR, MDR, and XDR."
"The administration of the cluster and app deployment to indexers or search heads can be done only using ssh access and command line, there is no GUI tools for that."
"The high cost of Splunk Enterprise Security prevented us from using its full capabilities."
"Splunk is more expensive than other solutions."
More Splunk Enterprise Security cons
 

Pricing and Cost Advice

"IBM Watson for Cyber Security is very simple to license and is priced well."
"The price of this solution should be lower, although I understand why IBM charges a premium price."
"Splunk can be an expensive solution. It all depends on how we configure the alerts and the events from the endpoints. You can save some money if you do that correctly. If not, it becomes an expensive solution."
"The price is comparable."
"Splunk Enterprise Security's pricing is competitive."
"I would highly recommend anyone evaluating this option to download the free trial which allows for the ingestion of 500MB of data per day in order to get a feel for what Splunk does at its core. It will get pricey once your ingestion rates start to sky rocket, but I would consider it expensive given the amount of information that it allows you to analyze and react on straight out-of-the-box."
"Be upfront about your needs and expectations. Splunk is great to work with."
"Splunk Enterprise Security is expensive."
"Truly evaluate the data you want to ingest and go slow. Pulling in data that can provide no use to your mission only wastes data against your license."
"I think that most of the log analytics solutions are expensive and I'm not sure if it's worth it."
More Splunk Enterprise Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
814,649 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
19%
Manufacturing Company
15%
Educational Organization
6%
Financial Services Firm
16%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Ask a question
Earn 20 points
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
See all answers
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
See all answers
 

Comparisons

IBM Security QRadar vs IBM Watson for Cyber Security Logo
IBM Security QRadar vs IBM Watson for Cyber Security
Compared 100% of the time
More IBM Watson for Cyber Security Competitors
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Compared 11% of the time
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
Compared 9% of the time
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
Compared 8% of the time
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Compared 4% of the time
AppDynamics vs Splunk Enterprise Security Logo
AppDynamics vs Splunk Enterprise Security
Compared 4% of the time
More Splunk Enterprise Security Competitors
 

Product Reports

Buyer's Guide
Security Information and Event Management (SIEM)
October 2024
IBM Watson for Cyber Security reportDownload IBM Watson for Cyber Security product report
Buyer's Guide
Splunk Enterprise Security
October 2024
Splunk Enterprise Security reportDownload Splunk Enterprise Security product report
 

Learn More

IBM
Splunk
 

Overview

Watson for cyber security can draw security intelligence from millions of security blogs, online forums and white papers - so you can see threats unseen by other systems.

Splunk Enterprise Security is widely used for security operations, including threat detection, incident response, and log monitoring. It centralizes log management, offers security analytics, and ensures compliance, enhancing the overall security posture of organizations.

Companies leverage Splunk Enterprise Security to monitor endpoints, networks, and users, detecting anomalies, brute force attacks, and unauthorized access. They use it for fraud detection, machine learning, and real-time alerts within their SOCs. The platform enhances visibility and correlates data from multiple sources to identify security threats efficiently. Key features include comprehensive dashboards, excellent reporting capabilities, robust log aggregation, and flexible data ingestion. Users appreciate its SIEM capabilities, threat intelligence, risk-based alerting, and correlation searches. Highly scalable and stable, it suits multi-cloud environments, reducing alert volumes and speeding up investigations.

What are the key features?
  • Comprehensive Dashboards: Provide a holistic view of security operations.
  • Flexible Data Ingestion: Supports various data sources for better analysis.
  • Robust Log Aggregation: Centralizes log management for easier monitoring.
  • Machine Learning Toolkit: Enhances threat detection and prediction capabilities.
  • SIEM Capabilities: Integrates security information and event management.
  • Threat Intelligence: Utilizes external information to improve security measures.
  • Risk-Based Alerting: Prioritizes alerts based on the risk they pose.
  • Correlation Searches: Identifies and correlates security events effectively.
What benefits or ROI should users look for?
  • Enhanced Visibility: Improves monitoring across endpoints, networks, and users.
  • Faster Incident Response: Speeds up identification and resolution of security issues.
  • Reduced Alert Volumes: Lowers false positives and enhances signal-to-noise ratio.
  • Scalability: Adapts to growing and changing security needs.
  • Improved Security Operations: Integrates multiple security facets into one platform.

Splunk Enterprise Security is implemented across industries like finance, healthcare, and retail. Financial institutions use it for fraud detection and compliance, while healthcare organizations leverage its capabilities to safeguard patient data. Retailers deploy it to protect customer information and ensure secure transactions.

 

Sample Customers

Information Not Available
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Buyer's Guide
IBM Watson for Cyber Security vs. Splunk Enterprise Security
October 2024
Free Report: IBM Watson for Cyber Security vs. Splunk Enterprise Security
Find out what your peers are saying about IBM Watson for Cyber Security vs. Splunk Enterprise Security and other solutions. Updated: October 2024.
DOWNLOAD NOW
814,649 professionals have used our research since 2012.
See our IBM Watson for Cyber Security vs. Splunk Enterprise Security report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.