We performed a comparison between i-SIEM and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."As a result of the automation, we are able to manage SIEM with a small security team. I'm in a unique position where we have been growing the security organization quite rapidly over the last three and a half years. But, as a direct result of the empow transition and legacy collection of tools towards the empow platform, we've been able to keep that head count flat. We've been able to redirect a lot of the security team's time away from the wash, rinse, repeat activities of responding to alarms where we have a high degree of confidence that they will be false positives, adjusting the rules accordingly. This can be a bit frustrating for the analyst when they have to spend hours a day dealing with these types of probable false positives. So, it has helped not only us keep our headcount flat relative to the resources necessary to provide the assurances that our executives expect of us for monitoring, but allows our analyst team to spend the majority of their time doing what they love. They are spending their time meaningfully with a higher degree of confidence and enjoying getting into the incident response type activity."
"It gives us the liberty to do more in terms of use cases."
"The most valuable feature is the DSS, also known as SPL, because it allows users to script advanced queries with limited knowledge."
"Ease of correlation, creating correlation searches are easy and you can combine multiple sources with little effort"
"It helped us consolidate all our solutions into an easy tool to use for various employees."
"The solution's newly developed dashboard is pretty amazing."
"Splunk Enterprise Security offers two valuable features: the Common Information Model and arrangement modules."
"The product is good, it satisfies our customers."
"The ability to digest any information and then correlate it in accordance with what you need is valuable. The ability to connect to pretty much everything and bring the information in the same format is also valuable. On top of that, we can use their language in order to create and customize the dashboards, correlations, or analytics that we want to incorporate."
"Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus."
"The administration of the cluster and app deployment to indexers or search heads can be done only using ssh access and command line, there is no GUI tools for that."
"We do have to educate developers on how to not blow it up. It is a little to easy to write an expensive query and overly stress the system. This could be improved."
"It's costly."
"The prices are complicated as we operate in a small third-world country."
"Splunk Enterprise Security incurs a significant cost because of the amount of data we send, but we are fine with the value we're getting for that price."
"Splunk could add more ways to manage archiving and storage. There isn't a web interface. You can do this on the SaaS version, but the on-premise platform doesn't have this option. It has other things but no option for remote NAS. I would like to have a personal web interface where I can specify how long logs should be stored. To have this readily available on the web, you need to adjust some settings on the backend. That is tricky."
"Its interface and usability can always be improved."
"The product could be cheaper."
Earn 20 points
i-SIEM is ranked 44th in Security Information and Event Management (SIEM) while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 246 reviews. i-SIEM is rated 9.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of i-SIEM writes "The alert fatigue and false positive rates have just plummeted, which is really exciting". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". i-SIEM is most compared with AWS Security Hub, AlienVault OSSIM and IBM Watson for Cyber Security, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.