# Splunk Enterprise Security Reviews **Vendor:** Cisco **Category:** [Security Information and Event Management (SIEM) Software](https://www.g2.com/categories/security-information-and-event-management-siem) **Average Rating:** 4.3/5.0 **Total Reviews:** 246 ## About Splunk Enterprise Security Splunk Enterprise Security (ES) is a data-centric, modern security information and event management (SIEM) solution that delivers data-driven insights for full breadth visibility into your security posture so you can protect your business and mitigate risk at scale. With unparalleled search and reporting, advanced analytics, integrated intelligence, and prepackaged security content, Splunk ES accelerates threat detection and investigation, letting you determine the scope of high-priority threats to your environment so you can quickly take action. Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Our extensive ecosystem of Splunk, partner, and community-built integrations as well as flexible deployment options ensure your technology investments are working in tandem with Splunk ES whilst meeting you wherever you are on your cloud, multi-cloud, or hybrid journey. ## Splunk Enterprise Security Pros & Cons **What users like:** - Users value the **strong integration with multiple systems** provided by Splunk Enterprise Security for enhanced visibility. (3 reviews) - Users value the **actionable alerts** from Splunk Enterprise Security, enhancing incident response and investigative efficiency. (2 reviews) - Users commend the **responsive customer support** of Splunk Enterprise Security, enhancing their overall experience and satisfaction. (2 reviews) - Users appreciate the **clear and comprehensive visibility** provided by Splunk Enterprise Security through its customizable dashboards. (2 reviews) - Users find Splunk Enterprise Security **easy to use and configure** , simplifying management even for beginners in SIEMs. (2 reviews) - Features (2 reviews) - Users value the **implementation ease** of Splunk Enterprise Security, enjoying seamless integration and quick customization. (2 reviews) - Scalability (2 reviews) - Search Efficiency (2 reviews) - Threat Detection (2 reviews) **What users dislike:** - Users find **Splunk Enterprise Security expensive** , especially as data volume increases, impacting overall budget management. (3 reviews) - Users find the **complex setup** of Splunk Enterprise Security challenging, needing extensive expertise and resources for implementation. (2 reviews) - Users face **integration issues** with Splunk Enterprise Security, requiring expertise and resources for effective onboarding. (2 reviews) - Users note that **resource-intensive features** of Splunk Enterprise Security require careful planning and substantial infrastructure investment. (2 reviews) - Users note that **complex configurations** in Splunk Enterprise Security can be time-consuming and resource-intensive, requiring careful planning. (1 reviews) - Complex Implementation (1 reviews) - Users face a challenging **learning curve** with query writing, impacting new analysts' ability to adopt Splunk effectively. (1 reviews) - Users find the **limited out-of-the-box content** for specific use cases affects the overall effectiveness of Splunk Enterprise Security. (1 reviews) - Training Required (1 reviews) ## Splunk Enterprise Security Reviews ### 1. Powerful Visibility and Investigations with Splunk Enterprise Security **Rating:** 4.0/5.0 stars **Reviewed by:** Akil S. | Technical Blogger, Small-Business (50 or fewer emp.) **Reviewed Date:** April 27, 2026 **What do you like best about Splunk Enterprise Security?** What I liked most is the visibility it gives once everything is set up. It becomes a solid central place for monitoring and investigations, and correlating logs across systems actually helps catch things faster. The built-in detection rules and dashboards are a good starting point, and integrations are flexible enough to bring in data from pretty much anywhere. Performance is reliable too, as long as your queries are optimized. It does take some effort to tune alerts and get real value, but once that’s done, it makes day-to-day security workflows a lot more structured and efficient. **What do you dislike about Splunk Enterprise Security?** The biggest issue is the complexity. Setup and onboarding take time, and you really need someone experienced to get it running properly. It is not beginner friendly at all. Pricing can also get expensive fast since it is based on data ingestion, so you have to constantly manage what logs you are sending in. The UI feels a bit clunky in places, and navigating during investigations is not always smooth. On top of that, alerts need a lot of tuning. Without it, you end up with too much noise, which affects response time. Overall, its Ai is powerful, but it takes effort, expertise, and budget to actually make it work well. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Before using Splunk ES, we struggled with scattered logs and limited visibility. Investigating incidents meant jumping across multiple tools, which slowed everything down. Now everything is centralized, so we can monitor, detect, and investigate from one place. Correlating events across systems has made it easier to spot real threats instead of isolated alerts, which has improved response time quite a bit. It also helped reduce manual effort. Instead of digging through raw logs, we rely on dashboards and alerts, which saves time during day-to-day monitoring. That said, the ROI depends on how well it is set up and tuned. Once optimized, it definitely makes security operations more structured and efficient. ### 2. Splunk ES- Scalable SIEM for Large Enterprise **Rating:** 4.5/5.0 stars **Reviewed by:** Naushad T. | Lead Technical Specialist - EDR, Enterprise (> 1000 emp.) **Reviewed Date:** February 17, 2026 **What do you like best about Splunk Enterprise Security?** The best thing about Splunk is the deep visibility it provides across the environment, along with its strong ability to correlate large volumes of security data into true positive, actionable alerts. This really helps make investigations/incident response faster and more efficient. **What do you dislike about Splunk Enterprise Security?** The initial implementation is complicated and requires significant expertise, time, and resources. In our case, we had to extend the contract to a third party to onboard Splunk ES in our environment. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It’s a great SIEM tool to have in a cybersecurity platform for a larger organization like us. It has really helped our SOC with real-time monitoring and alerting for security incidents, onboarding and improving visibility across multiple log sources, and enabling faster investigation and response to threats. ### 3. Unmatched Visibility and Customization for Security Operations **Rating:** 5.0/5.0 stars **Reviewed by:** Muhammad R. | Technical Consultant Manager, Enterprise (> 1000 emp.) **Reviewed Date:** December 07, 2025 **What do you like best about Splunk Enterprise Security?** What I like most about Splunk Enterprise Security is its ability to give clear and comprehensive visibility across the entire environment. The correlation searches, use cases, and dashboards make it easier to identify patterns and prioritize threats. As someone who works in SOC operations and consulting, the flexibility to customize detections and build my own dashboards is a huge advantage and everything feels scalable, structured, and analyst-friendly. **What do you dislike about Splunk Enterprise Security?** What I dislike about Splunk Enterprise Security is that some of its features can be quite resource intensive. The platform is powerful, but it sometimes requires significant tuning and infrastructure capacity to keep everything running smoothly. Additionally, certain configurations or customizations can take more time than expected. It’s not a major drawback, but it does require proper planning and optimization. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk Enterprise Security helps solve the challenge of getting clear, real-time visibility across a wide range of security logs and events. It centralizes everything from correlation searches to threat intel also I can quickly identify what really matters. For me, the biggest benefit is efficiency. Instead of manually piecing together data from different sources, Splunk ES provides structured dashboards, risk-based alerting, and prioritized insights. This allows me to respond faster, reduce noise, and focus more on meaningful analysis rather than repetitive tasks. ### 4. Strong Correlation Analytics That Spot Threats Fast **Rating:** 4.5/5.0 stars **Reviewed by:** Chris S. | Recruiting Consultant, Enterprise (> 1000 emp.) **Reviewed Date:** April 09, 2026 **What do you like best about Splunk Enterprise Security?** Strong correlation searches and analytics help spot threats quickly, not hours later. **What do you dislike about Splunk Enterprise Security?** It’s expensive, especially since pricing is based on data ingestion. Costs can climb quickly as your environment grows. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Centralizes data and logs from multiple sources ### 5. the best SIEM **Rating:** 3.5/5.0 stars **Reviewed by:** Luis S. | Presales, Small-Business (50 or fewer emp.) **Reviewed Date:** May 30, 2024 **What do you like best about Splunk Enterprise Security?** Easy-to-use platform that integrates with different devices **What do you dislike about Splunk Enterprise Security?** The licensing model based on event consumption and the new owner **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Detection of security events and their mitigation ### 6. Robust SIEM Solution with Strong Ecosystem Support **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Financial Services | Mid-Market (51-1000 emp.) **Reviewed Date:** June 02, 2025 **What do you like best about Splunk Enterprise Security?** ✅ Powerful Search and Correlation Capabilities Splunk Enterprise Security excels at log aggregation, correlation, and threat detection. The Search Processing Language (SPL) allows advanced querying that lets our team pinpoint suspicious activity across multiple systems. ✅ Strong Integration with Multiple Systems One of the key strengths is its ability to integrate with a wide range of third-party systems - firewalls, endpoint detection tools, identity providers, and cloud environments like AWS, Azure, and GCP. It pulls everything into a central platform, which is critical for visibility. ✅ Splunkbase Ecosystem The Splunkbase app ecosystem is extensive. We’ve used certified add-ons and community-built integrations for tools like Palo Alto Networks, CrowdStrike, Okta, and Microsoft 365. This dramatically reduces the time required to normalize and enrich logs. ✅ Flexible Dashboards and Alerts Splunk ES provides customizable dashboards and correlation rules, making it easier to tailor detection mechanisms to our organization's needs. The MITRE ATT&CK integration is also a big plus for mapping threats and to evaluate how our detection coverage maps against possible threats. ✅ Scalability We’ve scaled Splunk ES from ingesting a few hundred GBs a day to multiple TBs without much performance degradation, though it requires careful planning and tuning. **What do you dislike about Splunk Enterprise Security?** ❌ Learning Curve The flexibility of SPL is a double-edged sword. New analysts often struggle with query writing and alert customization unless they have a strong background in Splunk or scripting. However, there is now an AI solution which will convert natural language to complex SPL syntax. ❌ Expensive at Scale Pricing is based on ingest volume, which might be expensive as data grows. Without smart data hygiene practices and archiving, costs can grow easily. ❌ Heavy Resource Requirements On-premise deployments require significant compute and storage resources. High availability and disaster recovery setups can become complex and costly. However, Splunk Cloud takes care of much of this work if purchased. ❌ Limited Out-of-the-Box Content for Certain Use Cases Although it comes with prebuilt dashboards and correlation rules, some use cases (like insider threat or advanced cloud threat detection) require additional tuning, enterprise specific knowledge or external tools to be truly effective. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk Enterprise Security (ES) is helping us solve several core challenges in our security operations, especially around visibility, threat detection, and incident response. Prior to adopting Splunk ES, we had fragmented logging from various sources - firewalls, endpoint tools, cloud services, identity providers - which made correlation and investigation extremely difficult. With Splunk ES, we’ve centralized all of our log and event data into one platform, allowing our SOC team to correlate activity across the entire environment in near real time. This has significantly improved our ability to detect lateral movement, credential misuse, and advanced persistent threats. Splunk’s ability to ingest from virtually any source - thanks to its wide compatibility and support via Splunkbase - means we’ve been able to quickly integrate with vendors like Palo Alto, Okta, CrowdStrike, and AWS without building everything from scratch. That’s cut down our integration time by weeks. Additionally, Splunk ES has enabled us to automate alerting and prioritize threats more effectively using risk scores and MITRE ATT&CK mappings. This has reduced alert fatigue and allowed our analysts to focus on the most relevant threats first. From a compliance standpoint, we’re now able to generate reports and demonstrate continuous monitoring for frameworks like PCI-DSS, ISO 27001, and NIST with far less manual effort. The biggest benefit has been improved incident response times - we’ve reduced our mean time to detect (MTTD) and mean time to respond (MTTR) substantially because analysts have a unified view and powerful tools at their fingertips. ### 7. Splunk in a security environment **Rating:** 4.0/5.0 stars **Reviewed by:** Jordan M. | security engineer, Enterprise (> 1000 emp.) **Reviewed Date:** August 04, 2025 **What do you like best about Splunk Enterprise Security?** Splunk is easy to use/configure and to find what i need. plus, the splunk employees with whom we work are very talented and skilled **What do you dislike about Splunk Enterprise Security?** they got bought by cisco and we are waiting for integrations to get better **What problems is Splunk Enterprise Security solving and how is that benefiting you?** finding problems within nour logs ### 8. Unmatched data mining, analysis, and Security monitoring by Splunk ES **Rating:** 4.5/5.0 stars **Reviewed by:** Anugrah Pratap S. | Technical Lead, Enterprise (> 1000 emp.) **Reviewed Date:** November 12, 2024 **What do you like best about Splunk Enterprise Security?** Splunk ES is very helpful in seamless integration and automation, Data analytics, Investigation, Log source onboarding, dashboard, SPL, ease of search, use-case modification/fine-tuning, you name it. Every task and job in Splunk ES is perfect. Its vendor support is very responsive. Splunk ES has ease of implementation and integration. **What do you dislike about Splunk Enterprise Security?** Apart from cost, no one dislikes Splunk ES. Due to its costly services, most organizations use other cloud-native security solutions. Recently, one of our clients also proposed another security solution over Splunk ES. so that's cost is the main disadvantage of Splunk ES in my opinion. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk ES has provided a very good services to us. Our SOC team was enjoying working on Splunk ES due to its sailient features. We didn't required extra human efforts to help our engineers to do investigate or analyze any security alerts. Due to its Splunk processing language and everything come-up in one go that helps most of the time. That's why our engineers doing their job without breaching the SLA. ### 9. Easy to integrate, understand the workflows and to manage. **Rating:** 5.0/5.0 stars **Reviewed by:** Ernesto M. | IT Security Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** December 17, 2024 **What do you like best about Splunk Enterprise Security?** Splunk ES is easy to manage and understard even if you are new with SIEMs. The workflows are easy to follow and the language the splunk uses is easy to learn. Also, it has integration with anything so you can ingest logs from pretty much everything you can think of. **What do you dislike about Splunk Enterprise Security?** Might be very expensinve depend of how much data you are ingesting. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Correlate all logs, create use cases and content rules and have visibility over all log sources and security events. ### 10. Splunk User Behavior Analytics Review **Rating:** 5.0/5.0 stars **Reviewed by:** RUDRA P. | Security Professional, Information Technology and Services, Enterprise (> 1000 emp.) **Reviewed Date:** July 30, 2024 **What do you like best about Splunk Enterprise Security?** Splunk User Behavior Analytics establishes baseline behaviors for users, devices, and applications using unsupervised machine learning algorithms. It then looks for deviations to identify insider risks and unknown threats. This can be easily integrated with other tools and is easy to use. Has good customer support. Can be implemented on cloud and can be used from anywhere in current hybrid work environment. We have been using it since last 3 years. **What do you dislike about Splunk Enterprise Security?** There is nothing which is least helpful in this tool hence i do not have any dislike for Splunk User Behavior Analytics. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Instead of taking hours, can carry out tasks using IT and security tools in seconds. Many playbooks are included with Splunk to assist you in addressing the most important use cases. Splunk makes it easier to divide up, assign, and document tasks, which promotes a well-organized and cooperative investigation process. ### 11. One of the leading & innovative SIEM solution **Rating:** 4.5/5.0 stars **Reviewed by:** Manish D. | Staff Security Engineer - SecOps, Enterprise (> 1000 emp.) **Reviewed Date:** April 12, 2024 **What do you like best about Splunk Enterprise Security?** The simplified UX is what makes Splunk/Splunk Enterprise Security (ES) seperate from all other competitors. The vast range of data connectors in Splunkbase, simplified architecture, granular level of customization options, out of the box data models and complete coverage of MITRE Att&ck are some of the prime features and services offered by Splunk ES. The data model acceleration, notable events, dashboards and wide range of apps & addons makes searching and data transformation tasks really easy. The customer support is great for any type of issues you might be facing. **What do you dislike about Splunk Enterprise Security?** The licensing model and cost is bit difficult to understand and manage. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Collecting audit logs from wide range of data sources within your hybrid infrastructure is a daunting task. Splunk helps you a lot in managing and enhancing your audit log coverage for your infra. The wide range of apps/addons helps you to ingest audit events from any type of log source and you rarely need to bother about parsing. The out of the box content management and visualization dashboards/data models helps you get quick insights into your infra data. Basically having an efficient SIEM solution is a must for any SecOps team to effectively manage the security posture and reduce the cyber dwell time. ### 12. Navigating insider threats using Splunk **Rating:** 5.0/5.0 stars **Reviewed by:** Sanket S. | Technical Specialist, Mid-Market (51-1000 emp.) **Reviewed Date:** August 08, 2024 **What do you like best about Splunk Enterprise Security?** It uses machine learning to identify abnormal user and entity behaviour. It effectively identifies threat by analyzing patterns of behavior that are not matching with normal patterns. It integrates well with broader splunk ecosystem, allowing users to leverage their existing splunk investment and data. **What do you dislike about Splunk Enterprise Security?** Setting up and configuring this solution can be complex and time consuming. It may generates false positives, especially in the early stages of deployment. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** The machine learning algorithm in splunk automatically analyze large number of datasets to identify deviations and threats. ### 13. My experience with splunk enterprise security **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** July 21, 2024 **What do you like best about Splunk Enterprise Security?** The ease of integration, visualisation and alert creation. Data handling and customisation. Minimalistic maintenance **What do you dislike about Splunk Enterprise Security?** There are nothing much to dislike here. But I can say search speed will be a bit of issue for me when it is overloaded unless we are using optimal queries **What problems is Splunk Enterprise Security solving and how is that benefiting you?** We are handling multiple clients and it is very easy for us to integrate the data and query the date using different indexers. Very sophisticated alerting mechanism with real time alerting. Data retention is also very good which helps us for auditing ### 14. Splunk Enterprise Security is the master log data collection and threat detection **Rating:** 4.5/5.0 stars **Reviewed by:** Alexandra V. | Senior Software Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** July 16, 2024 **What do you like best about Splunk Enterprise Security?** It is easy to use and quick to collect multiple event and data log with best intrusion dection capability. Easy to integrate and quick to customize dashboard and the initial implementation process is also very easy. **What do you dislike about Splunk Enterprise Security?** Advanced security settings not easy especially when new with the system. The support team deseves merit for being helpful and always available when in need. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Helps our organization to get full visibilty with it's extensive data collection capability to quickly respond to malicious threats before causing any damage. ### 15. Great product to monitor community spams **Rating:** 5.0/5.0 stars **Reviewed by:** Bhavin P. | Experience Manager, Enterprise (> 1000 emp.) **Reviewed Date:** July 31, 2024 **What do you like best about Splunk Enterprise Security?** It helps us montior spam post in our support community. Very realible and easy to use product. It helps our community clean and meets all our customer support needs. Very easy to implement as well **What do you dislike about Splunk Enterprise Security?** Analytic could be improved. Overall excellent product for all B2B industires **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Helps us keep our community with spam free environment. Keep only relvant content which helps our customer with all their self-help opportunites ### 16. A Game-Changing Security Platform Revolutionizing Cybersecurity. **Rating:** 5.0/5.0 stars **Reviewed by:** Santosh V. | Senior Engineer, Construction, Mid-Market (51-1000 emp.) **Reviewed Date:** February 04, 2024 **What do you like best about Splunk Enterprise Security?** One thing I really love about Splunk ES is a very robust and intuitive security platform that has been a game-changer platform when it comes to revolutionizing Cybersecurity. I like it offers advanced threat detection with ability to detect sophisticated threats by correlating data from multiple sources. Real-time monitoring and alerting which alerts us during critical security events such as suspicious network traffic or any issues occurring without us knowing. It also offers real-time threat response which helps us to swiftly detecting and responding to security threats on time before they affect our business processes or systems or apps. Monitoring log activity for potential security incidents. Amazing and proactive customer support team. Intuitive UI for investigation which is pretty easy to use. **What do you dislike about Splunk Enterprise Security?** I have experienced that sometimes the events tab doesn't show logs. Slow interface incase of high data volume. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** We use Splunk ES to monitor security-relavant events, which improves our organisation security and security hygiene. Also use it creating real-time alerts to monitor Log issues by customers. It helps us a lot when it comes to security prospective and to chase threats and vulnerability detection, critical traffic detection firewall device based risks and more. Overall this is a great SIEM tool for data monitoring, threat detection and remediation. ### 17. Splunk ES : Empowering Security Operations **Rating:** 4.5/5.0 stars **Reviewed by:** Alaa E. | Cybersecurity Consultant, Mid-Market (51-1000 emp.) **Reviewed Date:** November 21, 2023 **What do you like best about Splunk Enterprise Security?** One notable aspect of Splunk ES that I find particularly commendable is its extensive array of integration options with various platforms. Furthermore, the inclusion of the adaptive response feature significantly enhances the efficiency and effectiveness of SOC analysts, streamlining their workflows and contributing to a more seamless experience. **What do you dislike about Splunk Enterprise Security?** One drawback of Splunk ES lies in its implementation complexity, which appears to be comparatively higher when juxtaposed with other SIEM solutions. Additionally, the associated cost is positioned at a premium level in comparison to the majority of SIEM offerings. This may pose a challenge for organizations seeking a more straightforward deployment process and a cost-effective SIEM solution. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk ES addresses cybersecurity challenges by providing real-time threat detection, centralized incident investigation, automated compliance reporting, enhanced visibility through analytics, and streamlined threat intelligence integration. These features collectively enable quicker response times, proactive monitoring, and efficient utilization of security resources. ### 18. Excelent tool for planning a log term migration of platform to monitor the architecture closely **Rating:** 5.0/5.0 stars **Reviewed by:** Marcial L. | IT Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** July 30, 2024 **What do you like best about Splunk Enterprise Security?** We could customize the models based on our specific processes, policies, and user roles. This flexibility enhances the accuracy and relevance of threat detection **What do you dislike about Splunk Enterprise Security?** If your company has limited IT resources then running Splunk UBA can be resource-intensive, requiring substantial computational power and storage. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** The accomplishment of all requisites for a very complex migration of platforms ### 19. Best SIEM tool **Rating:** 5.0/5.0 stars **Reviewed by:** Sabih K. | Data Analyst, Small-Business (50 or fewer emp.) **Reviewed Date:** March 30, 2024 **What do you like best about Splunk Enterprise Security?** Spluck Intelligence Management tool is a great, It's provide security and daily logs which makes security analyst or engineer which make's easier to analyse . I love it's query search and report generate feature, which provides a great in the form of statistics report. **What do you dislike about Splunk Enterprise Security?** I can't se anay bad features in this tools but sometimes we gets confused that there are so many logs, and lot to see more. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It's provide log, which is a great feature to see what's happening in our internal network. I can see failed login attempts, maximum visited sites and much more which make's easier to identify theft. ### 20. Splunk Enterprise Security **Rating:** 3.5/5.0 stars **Reviewed by:** Sayantica G. | Junior Security Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** June 14, 2024 **What do you like best about Splunk Enterprise Security?** Splunk has every aspect of security integration like plugins and also some development software from third party . **What do you dislike about Splunk Enterprise Security?** Costly and for EPS also takes charges little bit high rather than its competitite product. For 500 workstation integration its good but less than that it suggest to use thier data monitoring and analysis tool. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Third party integration tools,which are in development mode and cost ### 21. Splunk User Behavior Analytics next solution to cybersecurity **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.) **Reviewed Date:** August 02, 2024 **What do you like best about Splunk Enterprise Security?** Uses unsupervised machine learning to identify abnormal behaviors that may indicate insider threats or external attacks. Identifies suspicious activities from employees, contractors, or partners that could pose risks to the organization. Seamlessly integrates with Splunk Enterprise and other security tools, enhancing existing security operations with advanced analytics. **What do you dislike about Splunk Enterprise Security?** Organizations should be prepared for the complexities of implementation and the resource requirements associated with deploying such an advanced system **What problems is Splunk Enterprise Security solving and how is that benefiting you?** . ### 22. Splunk user behavior **Rating:** 3.0/5.0 stars **Reviewed by:** Verified User in Telecommunications | Enterprise (> 1000 emp.) **Reviewed Date:** July 30, 2024 **What do you like best about Splunk Enterprise Security?** It's great because it uses smart technology to spot unusual behavior from users that might signal security issues. It helps find potential threats early and reduce false alarms, making it easier for security teams to focus on real problems. **What do you dislike about Splunk Enterprise Security?** it can be complex and require a lot of setup. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk UBA detects unusual user behavior, reduces false alarms, and improves security by catching potential threats early and accurately. ### 23. It is the best SIEM product **Rating:** 5.0/5.0 stars **Reviewed by:** Jaikishan R. | Senior Technology Specialist, Information Services, Mid-Market (51-1000 emp.) **Reviewed Date:** November 27, 2023 **What do you like best about Splunk Enterprise Security?** The best thing is, we can integrate this with other tools as well and it provide proper and nice view of logs with correct time stamp really enjoy working on and it's really helpful for me in finding trades and troubleshooting for part as well. Thanks for helping me out in all expects of cyber security as a part of cyber security team we are on very critical tools so we need to work on it. Thank you all. **What do you dislike about Splunk Enterprise Security?** Overall, it's a very nice product provide a very granular view of a log or alert but it sometime it lacks for graphical presentation and export export of logs in proper way **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Basically, I work on fireworks and URL filtering so it provide me as we are integrated This tool with all security appliances, so it really helpful for me to resolve my tickets and troubleshooting of logs and traffic ### 24. Its better for capturing realtime incidents **Rating:** 4.5/5.0 stars **Reviewed by:** Vishal G. | Senior System Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** May 03, 2024 **What do you like best about Splunk Enterprise Security?** In Splunk Enterprise Security, we save some searches and creating attractive dashboard which give impulsive graphical view of realtime events **What do you dislike about Splunk Enterprise Security?** In incident secirity tab if we change status of any notable then whole page was refresh. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It help us to track security notables and all minor details was capture in like URL searches, Comment update on notable. We can search any notable using his short Id. ### 25. Quick and efficient in founding the bounce in EMAIL **Rating:** 5.0/5.0 stars **Reviewed by:** Dharvind K. | Support Advisor, Small-Business (50 or fewer emp.) **Reviewed Date:** July 09, 2024 **What do you like best about Splunk Enterprise Security?** Best tool ever used to check the bounce or see if an email is delivered or not **What do you dislike about Splunk Enterprise Security?** The new update, it took so much time to understand how it works **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Quick results ### 26. Splunk Intelligence Management provides Threat led visibility to the business **Rating:** 4.0/5.0 stars **Reviewed by:** Sagar K. | Lead, Insurance, Enterprise (> 1000 emp.) **Reviewed Date:** April 02, 2024 **What do you like best about Splunk Enterprise Security?** Splunk Intelligence Mangement provides insights to the threat detections and assists analysts by providing relevant intelligence to understand the threat and take timely actions. **What do you dislike about Splunk Enterprise Security?** Cost of Splunk services is eye watering and as a result only organisations with deep pockets can leverage it. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It help to reduce alert fatigue among the analysts and helps them to produce meaningful insights to the higher management. Also helps to reduce Mean Time To Detect and Mean Time To Responce. ### 27. Great SIEM Solution **Rating:** 4.5/5.0 stars **Reviewed by:** Jatin . | Security Analyst, Enterprise (> 1000 emp.) **Reviewed Date:** October 31, 2023 **What do you like best about Splunk Enterprise Security?** I have used more than 5 SIEM solutions so far, and splunk comes out to be the best among all of them. 1. User friendly UI 2. Quick search results 3. Splunk search langauge is very rich in commands give great variety of customisations. 4. Compatible/supports vast range of applications, makes corelations rules better **What do you dislike about Splunk Enterprise Security?** Will not say dislike, but when compare to other SIEM solutions, implementation and integration of splunk need more technical competancy compare to other apps. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk Enterprise is used for storing and corelating logs for security and matrics purpose. Help us keep a tap on any unusual activity and along with health check-up of applications we are running. ### 28. "Empowering Cybersecurity Excellence: A Comprehensive Review of Splunk Enterprise Security" **Rating:** 4.5/5.0 stars **Reviewed by:** Civic V. | Cybersecurity researcher, Small-Business (50 or fewer emp.) **Reviewed Date:** December 12, 2023 **What do you like best about Splunk Enterprise Security?** Splunk Enterprise Security excels with its user-friendly interface, easy implementation, and stellar customer support. Its stability promotes frequent use, while a rich set of features and seamless integration contribute to its effectiveness in bolstering cybersecurity measures. **What do you dislike about Splunk Enterprise Security?** In my opinion, while Splunk Enterprise Security offers robust functionality, I find the learning curve steep, affecting its initial Ease of Use. The complexity of implementation may be challenging for some users. Nevertheless, I am content with its strong features, dependable customer support, and overall performance, which compensate for these drawbacks. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk Enterprise Security's powerful incident response features, coupled with intuitive analytics and automation, have been key in swiftly resolving my cybersecurity issues. This, along with its scalability, makes it an essential asset in maintaining a robust security posture. ### 29. Detail-oriented data mining and more. **Rating:** 3.5/5.0 stars **Reviewed by:** Jeffrey G. | Multi Func Info Sys Anlst, Information Technology and Services, Enterprise (> 1000 emp.) **Reviewed Date:** December 13, 2023 **What do you like best about Splunk Enterprise Security?** The Adaptive Learning can be tailored to your specific needs and requirements. **What do you dislike about Splunk Enterprise Security?** Keep in mind that Splunk isn't a solution that you can just walk up to and use. there is a bit of training involved if you have no experience in data mining and metrics analysis. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** We are using Splunk along with several other platforms for complete transparency of our network environment. It is a welcome addition when figuring out data trends and problem areas. ### 30. Splunk Enterprise security overview **Rating:** 4.5/5.0 stars **Reviewed by:** Rajat s. | SOC Specialist (SIEM SME), Small-Business (50 or fewer emp.) **Reviewed Date:** September 20, 2023 **What do you like best about Splunk Enterprise Security?** It provides ability to integrate the log sources from different security devices,provides flexibility to add any of third intel tool to integrate and get the dynamic reputations through that,had great Gui to analyze the alerts and escalate it further for deep investigation.Easily can implement any of the organisation either small or big. **What do you dislike about Splunk Enterprise Security?** Cost price seems high so small enterprises having problem with their cost cutting,Need proper videos and materials to understand its platform otherwise nearly everything is okay and cover approx all kind of security devices ,Customer support is also a concern need instant support on any of the subjective matter so that organizations which have less experience or technical person can understand and work on this platform without any hesitation. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It covers entire security devices and able to understand the logs so that integration is quite easy and have Good GUI so that an technical user can easily understand .Reports generation and creation is quite easy as well. IT support all kind of logs so nearl no parser need to create parse the parameters over console. Have proper guidance of device support and troubleshooting issues also support the cloud environment to fetch the logs for enterprises whoever has more dependency over cloud. ### 31. Splunk Enterprise Security: Enhancing Threat Visibility **Rating:** 4.5/5.0 stars **Reviewed by:** Mohammad Riyaz S. | Mid-Market (51-1000 emp.) **Reviewed Date:** September 16, 2023 **What do you like best about Splunk Enterprise Security?** Splunk ES gives us the great visibility over the Infrastructure. By using ES we can detect every small details which are rolling over the network. The Threat Detection is very Impressive, by default ES comes with 2000+ correlation rules so that Incident detection can become easer. **What do you dislike about Splunk Enterprise Security?** In Splunk ES the datamodeling part is very hardest thing. Once we map everything some correlation rules might not work as Expected so we need to change that too. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk Enterprise Security Solves a lot of problem's It has very awesome dashboards, detection rules and built in Incident management, so the working on incidents and tracking them is very easy. It give us more Visibility over the Infra ### 32. Splunk ES can help you achieve continuous monitoring, support your security operations center (SOC). **Rating:** 5.0/5.0 stars **Reviewed by:** sooraj s. | Specialist - Cloud Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** November 02, 2023 **What do you like best about Splunk Enterprise Security?** It allows us to search through terabytes of data easily. From my three years of experience, it is the most effective cybersecurity tool to identify potential threats to systems. Splunk Enterprise Security is a must! **What do you dislike about Splunk Enterprise Security?** Splunk Enterprise lacks automated data quality and validation features which can provide confidence in the accuracy and reliability of the insights derived from it. It lacks built-in energy-specific app which can meet the specific needs of an energy industry. In as much as Splunk Enterprise offers excellent visualization **What problems is Splunk Enterprise Security solving and how is that benefiting you?** In my previous job role as a Cloud Ops engineer was implementing Splunk ES and Splunk-on-call we were able to identify threats and visualization of those threats is also much faster and simpler, Which is helping us to keep SLA with our Clients. ### 33. Good product but tricky licensing **Rating:** 3.0/5.0 stars **Reviewed by:** Monica S. | Marketing Manager, Small-Business (50 or fewer emp.) **Reviewed Date:** January 30, 2024 **What do you like best about Splunk Enterprise Security?** Once the application is setup, using the application is relatively easy with a low learning curve. **What do you dislike about Splunk Enterprise Security?** Licensing for splunk can be very expensive **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It helps with simple log aggregation and security monitoring by means of logs analaytics. ### 34. Empowering Insights: A Deep Dive into Splunk Intelligence Management **Rating:** 3.5/5.0 stars **Reviewed by:** Yogendra V. | Senior Consultant, Enterprise (> 1000 emp.) **Reviewed Date:** January 04, 2024 **What do you like best about Splunk Enterprise Security?** Splunk Intelligence Management excels in its ability to seamlessly aggregate, analyze, and derive actionable insights from diverse data sources, providing unparalleled visibility and decision-making capabilities for organizations. **What do you dislike about Splunk Enterprise Security?** steep learning curve, resource-intensive setup, and the potential for high costs in larger deployments. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It addresses issues such as data silos, inefficient threat detection, and manual analysis by providing a centralized platform for data aggregation, correlation, and streamlined intelligence workflows. This results in improved threat visibility, quicker response times, and enhanced overall cybersecurity posture. ### 35. Splunk enterprise security good analytical tool **Rating:** 4.0/5.0 stars **Reviewed by:** Omkar G. | Lead l Software testing, Enterprise (> 1000 emp.) **Reviewed Date:** December 12, 2023 **What do you like best about Splunk Enterprise Security?** This tool has full visibility of all servers which helps to do effecient investigation. **What do you dislike about Splunk Enterprise Security?** Sometimes lots of unwanted data on a single screen required full attention while monitoring. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It is giving the details of each server health, monitor it all the time and send alert if anything is done in the system, It also helps to get the phishing alert and restrict the unauthorised user to get the system details. It gives good analytical view of the system health and helps to investigate to find the root cause of the failure. ### 36. Splunk Enterprise Security: Great tool to work with Big Data **Rating:** 4.5/5.0 stars **Reviewed by:** Naveen K. | Security Analyst | SOC, Mid-Market (51-1000 emp.) **Reviewed Date:** November 13, 2023 **What do you like best about Splunk Enterprise Security?** I like the features in the Splunk Enterprise Security such as Threat Intelligence , Incident Review and its investigations with the related logs . **What do you dislike about Splunk Enterprise Security?** My only dislike that Splunk integrations are bit harder as compared to other tools. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** We integrated different OT servers to Splunk, it helps to protect them and helping us to identify any security issues that are environment have. ### 37. Splunk Enterprise Security - SIEM **Rating:** 4.0/5.0 stars **Reviewed by:** Hardik D. | Sr. DevSecOps Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** November 20, 2023 **What do you like best about Splunk Enterprise Security?** Splunk is the industry leader in SIEM solution for a reason. From Log Collection to Correlation & enrichment. Their quality of support is also good. **What do you dislike about Splunk Enterprise Security?** Cost is bit high as compared to other solutions and the ease of setting up or deploying any Splunk architecture components requires much more technical knowledge. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk Enterprise Security helps to monitor the logs and the correlation alerts created on top of those logs helps in Incident Response management. We can run threat hunting on those logs , create alerts and what not. ### 38. Simple and powerful tool **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Automotive | Enterprise (> 1000 emp.) **Reviewed Date:** April 26, 2024 **What do you like best about Splunk Enterprise Security?** its powerful tool in simple words and Splunk is giving the best outputs **What do you dislike about Splunk Enterprise Security?** there is nothing to say disadvantages about splunk **What problems is Splunk Enterprise Security solving and how is that benefiting you?** analazing the user data for sort out of organisation threat monitoring issues or any other missuses ### 39. Best platform for threat analysis **Rating:** 5.0/5.0 stars **Reviewed by:** Tejas B. | Senior Cloud Information Security Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** October 09, 2023 **What do you like best about Splunk Enterprise Security?** Threat intel feeds, all threat related dashboards to investigate security incident. Asset and identity dashboard helps to prioritise the incident from incident review dashboard. **What do you dislike about Splunk Enterprise Security?** Threat intel feed should be divided in different category. For example, bad IPs, bad domains, bad URLs instead of clubbing them together. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Dynamic asset and identity dashboard helps us to keep updated information about people at our organization which in turn helps us to prioritise the incident or alert of respective machine or people. Threat analysis using threat intelligence dashboard. All investigation is from one place that is the main advantage of this tool. ### 40. Monitoring and SIEM for Stock market and financial brokers. **Rating:** 4.5/5.0 stars **Reviewed by:** Shreyansh G. | Security Associate Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** November 29, 2023 **What do you like best about Splunk Enterprise Security?** The powerful searching and customization in splunk are awesome. Also the scalability is superb which maked it easy for continuity of work even with changes in the infrastructure. **What do you dislike about Splunk Enterprise Security?** The complexity in the setup and high costs are a bit of dislikes for Splunk that I have. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk solves my problems regarding fullfiling CSCR compliances and give me a one stop shop for SIEM and monitoring and regulation tools for my clients. ### 41. Invaluable tool to analyze large amounts of data **Rating:** 4.0/5.0 stars **Reviewed by:** Camilo A. | Staff Support Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** November 27, 2023 **What do you like best about Splunk Enterprise Security?** It helps to make well-informed decisions based on data in order to monitor data in real time. **What do you dislike about Splunk Enterprise Security?** There is a lot of configuration required to get value **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Separate sources and tools for security analytics ### 42. Splunk monitoring features **Rating:** 5.0/5.0 stars **Reviewed by:** Snigdha D. | IT Analyst, Enterprise (> 1000 emp.) **Reviewed Date:** December 12, 2023 **What do you like best about Splunk Enterprise Security?** I like the monitoring features in Splunk, and most of all, it's very user-friendly. It allows checking the device logs for a very long period in very little time. **What do you dislike about Splunk Enterprise Security?** Commands should be easy enough to learn for a beginner level engineer **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It solves the monitoring of network traffic and provides extensive historical logs in a very short time. ### 43. Great tool for security analysis **Rating:** 4.5/5.0 stars **Reviewed by:** Vijay Kumar T. | Deputy Manager, Information Technology and Services, Enterprise (> 1000 emp.) **Reviewed Date:** October 26, 2023 **What do you like best about Splunk Enterprise Security?** can be integrated with almost any securty software, easy to build queries, reporting feature is great, very much of a scalable solution. **What do you dislike about Splunk Enterprise Security?** I can say the cost is high and also few of the times the customer support was not as expected so it could be better, otherwise a very powerful tool to have in the organization. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Security analytics, threat analysis, event monitoring and many more These features definitely improve the infrastructure security as a whole. ### 44. Effective SIEM Solution **Rating:** 5.0/5.0 stars **Reviewed by:** Esat C. | Mid-Market (51-1000 emp.) **Reviewed Date:** November 19, 2023 **What do you like best about Splunk Enterprise Security?** Easy to use Easy to integrate other systems Splunk makes a difference in the meaning and correlation of logs with its powerful log analytics infrastructure. Splunk has a good community and customer support **What do you dislike about Splunk Enterprise Security?** Splunk Enterprise Security does not have negative feature except of Price **What problems is Splunk Enterprise Security solving and how is that benefiting you?** A permanent SIEM infrastructure was provided by collecting all logs on Splunk. ### 45. Neutral Experience **Rating:** 3.0/5.0 stars **Reviewed by:** Verified User in Security and Investigations | Enterprise (> 1000 emp.) **Reviewed Date:** March 02, 2024 **What do you like best about Splunk Enterprise Security?** Versatility of Splunk Intelligence Management in handling various types of data and providing insights across different domains **What do you dislike about Splunk Enterprise Security?** Learning Curve is a steep. Take a bit of time to undersant everything **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Aggregating and correlating security related data from logs, events, and other sources ### 46. Splunk Enterprise Security provide features for SIEM and Incident response capabilities. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** December 20, 2023 **What do you like best about Splunk Enterprise Security?** Splunk Enterprise Security offers great features of centralized platform to collect, analyze and correlate security data from all over the networks. Also it offers Security automation and orchestration capabilities. **What do you dislike about Splunk Enterprise Security?** We are happy with splunk Enterprise Security because of its resiliency snd its features. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk enterprise security solves many challeges related to SOAR and SIEM which offers automation and incident response capabilities. In addition it has capabilities of UEBA as well which anlyze the user behaviour. ### 47. Spunk review **Rating:** 3.5/5.0 stars **Reviewed by:** nagaraju S. | IT Lead, Financial Services, Mid-Market (51-1000 emp.) **Reviewed Date:** November 25, 2023 **What do you like best about Splunk Enterprise Security?** It assists security workers in analyzing noteworthy events and prioritizing threats and taking appropriate action. **What do you dislike about Splunk Enterprise Security?** Splunk Intelligence Management does not have anything to dislike as such **What problems is Splunk Enterprise Security solving and how is that benefiting you?** The system enables security professionals to quickly understand threat context and prioritize and accelerate triage by analyzing notable events and leveraging intelligence. ### 48. Splunk - A Versatile Data Analytics and Monitoring Platform **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.) **Reviewed Date:** October 16, 2023 **What do you like best about Splunk Enterprise Security?** Splunk is an incredibly powerful data analytics and monitoring platform that has become an integral part of our IT infrastructure. As an IT professional, I have been using Splunk extensively for the past few years, and it has consistently proven its worth in managing and extracting valuable insights from our data. **What do you dislike about Splunk Enterprise Security?** While the functionality Splunk offers is impressive, the cost of licensing can be prohibitive for small to mid-sized organizations. Careful planning and resource allocation are required to make the most of the investment. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Monitoring cyber attack in real time and also can be integrated with XDR AntiVirus ### 49. Effective User Behavior Analytics with Splunk **Rating:** 4.0/5.0 stars **Reviewed by:** Mansi S. | Software Engineer TDP-ll, Small-Business (50 or fewer emp.) **Reviewed Date:** June 13, 2023 **What do you like best about Splunk Enterprise Security?** It has been helpful in identifying suspicious behavior and potential security threats. The interface is very user-friendly, making it easy for non-tech users to navigate the data. Overall it is great for protecting sensitive information. **What do you dislike about Splunk Enterprise Security?** Although it has great features but to utilize its full capabilities, one may need additional training. Maintenance cost is also expensive for me. Storage issues also arise due to limited infrastructure. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** I use it for mainly threat management as it helps solve the problem of identifying potential insider threats and abnormal user behavior inside my organization. This is good for the early detection of any security risks. By using Splunk User Behavior Analytics, I can ensure compliance with regulations and safeguard the sensitive data ### 50. Good tool for administration and event log **Rating:** 4.5/5.0 stars **Reviewed by:** Niraj O. | Software Engineer IIA, Enterprise (> 1000 emp.) **Reviewed Date:** October 26, 2023 **What do you like best about Splunk Enterprise Security?** It is very good product for administration of security logging and application logging with efficient search feature and quick amd easy layout. **What do you dislike about Splunk Enterprise Security?** Need to improve UI without any fuzzy layout **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It is used for security related event logging and application insight or logging all trace log and used for error tracing ## Splunk Enterprise Security Discussions - [What is the difference between Splunk Enterprise and Splunk Enterprise Security?](https://www.g2.com/discussions/what-is-the-difference-between-splunk-enterprise-and-splunk-enterprise-security) - 1 comment - [View Splunk Enterprise Security pricing details and edition comparison](https://www.g2.com/products/splunk-enterprise-security/reviews?qs=pros-and-cons§ion=pricing&secure%5Bexpires_at%5D=2026-05-25+21%3A39%3A43+-0500&secure%5Bsession_id%5D=75bb5d0a-2d04-4105-9821-f277a7f19deb&secure%5Btoken%5D=2850a4ebbd3adbc986b48e37a056aa0d3dafbf16572b0b068686315161223b52&format=llm_user) ## Splunk Enterprise Security Integrations - [AWS CloudTrail](https://www.g2.com/products/aws-cloudtrail/reviews) - [Bob](https://www.g2.com/products/buildonme-llc-bob/reviews) - [Cisco Duo](https://www.g2.com/products/cisco-duo/reviews) - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - [CyberArk Privileged Access Manager](https://www.g2.com/products/cyberark-privileged-access-manager/reviews) - [Dataminr](https://www.g2.com/products/dataminr/reviews) - [GitHub](https://www.g2.com/products/github/reviews) - [Google Workspace](https://www.g2.com/products/google-workspace/reviews) - [incident.io](https://www.g2.com/products/incident-io/reviews) - [Iru](https://www.g2.com/products/iru/reviews) - [Okta](https://www.g2.com/products/okta/reviews) - [Palo Alto Networks Next-Generation Firewalls](https://www.g2.com/products/palo-alto-networks-next-generation-firewalls/reviews) - [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews) - [Teqtivity](https://www.g2.com/products/teqtivity/reviews) - [Vectra AI Platform](https://www.g2.com/products/vectra-ai-platform/reviews) - [VirusTotal](https://www.g2.com/products/virustotal/reviews) - [Zoom Workplace](https://www.g2.com/products/zoom-workplace/reviews) ## Splunk Enterprise Security Features **Threat Detection & Triage - AI SOC Agents** - Anomaly Detection & Correlation - False‑Positive Suppression - AI‑Driven Alert Triage **Response** - Resolution Automation - Resolution Guidance - System Isolation - Threat Intelligence - Incident Investigation **Network Management** - Activity Monitoring - Asset Management - Log Management **Investigation & Enrichment - AI SOC Agents** - Autonomous Case Investigation - Contextual Enrichment from Multiple Sources - Attack Path Mapping **Records** - Incident Logs - Incident Reports **Incident Management** - Event Management - Automated Response - Incident Reporting **Response & Remediation - AI SOC Agents** - Mean Time Reduction Metrics - Playbook‑Free Dynamic Workflows - Automated Response Execution **Management** - Incident Alerts - Incident Case Management - Workflow Management **Security Intelligence** - Threat Intelligence - Vulnerability Assessment - Advanced Analytics - Data Examination **Agentic AI - Security Information and Event Management (SIEM)** - Autonomous Task Execution - Multi-step Planning - Proactive Assistance - Decision Making **InfoSec Experience & Governance - AI SOC Agents** - Conversational Analyst Interface - Manual Feedback Learning Loop - Explainability & Audit Trail **Generative AI** - AI Text Generation - AI Text Summarization ## Top Splunk Enterprise Security Alternatives - [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews) - 4.4/5.0 (280 reviews) - [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews) - 4.4/5.0 (272 reviews) - [LogRhythm SIEM](https://www.g2.com/products/exabeam-logrhythm-siem/reviews) - 4.2/5.0 (137 reviews)