What differentiates Splunk Enterprise Security from other similar products?

ES stands out from other competitive products due to its comprehensive and advanced security analytics, threat intelligence, and real-time monitoring capabilities. Its ability to centralize and correlate security data from diverse sources, with customizable dashboards and intuitive workflows, helps us to proactively detect, investigate, and respond to security incidents effectively. Splunk Enterprise Security's scalability, extensibility, and integration options further differentiate it as a leading solution in the market and give a high ROI.

What is your favorite aspect of this product?

The powerful and flexible correlation and analytics are one of my favorite aspects of Splunk ES. It gives me the freedom to gain deep and more insights into security events and incidents by correlating data from various sources including legacy systems with some API support, detecting patterns, and identifying potential threats in real-time. This feature enables me to proactively respond to security incidents and make data-driven decisions to enhance our organization's overall security posture.

What do you dislike most about this product?

The availability of the right resources who clearly understand and are SMEs on ES would be always a concern. The costs aspects from an SMB standpoint are also a consideration, due to smaller budgets.

What recommendations would you give to someone considering this product?

If you are seeking an SIEM solution that excels in addressing the latest security threats and offers best-in-class capabilities, Splunk should be your top choice. Not only does it provide robust security features, but it also offers a broader range of functionalities to explore and enhance your overall operations.

What differentiates Splunk Enterprise Security from other similar products?

Splunk ES has the capacity to analyze a huge amouyof logs and data without affecting it's performance, it also has regular update for it's threat database which ensures that we are protected even from the most recent/current threats, this makes it uniquely able to prevent all kinds of threats.

What is your favorite aspect of this product?

I like that I can see all my logs in one place and that I am able to set up alerts as per my threshold values, I like that it's give me real time visualization into all potential threats, suspicious activities or anomalies which allows me to respond promptly and prevent damages to our system or compromising our data

What do you dislike most about this product?

It's a very complex solution, setup and configuration is quite a challenge. And also has a high price tag

What recommendations would you give to someone considering this product?

Splunk ES has enabled our organization to monitor our It infrastructure in real time, and get alerts on any suspicious activities, anomalies or threats in real time. It has enabled us to quickly identify and respond to threats and I would gladly recommend it to anyone that looking for a threat detection solution that able to handle an huge amount of data

What differentiates Splunk Enterprise Security from other similar products?

It is the first and one of best security monitoring tools which has implemented big data analytics to dig down for threat hunting through huge pile of log data.

What is your favorite aspect of this product?

Simple and user friendly interface and using most of the data analytics features for security monitoring and threat hunting.

What do you dislike most about this product?

Splunk enterprise security is still evolving as a security or SIEM tool so nothing to dislike as such.

What recommendations would you give to someone considering this product?

Efficiency of Splunk ES (SIEM ) depends on quality of data which is fed into Splunk ES , so focus on data modelling rest will be taken care by Splunk ES for better results.