We performed a comparison between Anomali ThreatStream and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Recorded Future, Microsoft, Check Point Software Technologies and others in Threat Intelligence Platforms."The feature I have found most valuable is credential monitoring. This feature is easy and quick."
"The data analysis part is good in Splunk, which is something that I like the most. It is also quite easy to use. Its dashboards, visualizations, and analytics are good."
"Support is quick and competent."
"The search lookups are useful."
"Splunk Enterprise Security offers two valuable features: the Common Information Model and arrangement modules."
"The dashboard and reporting are very good... It provides very good visibility in a hybrid cloud environment, and you can build custom utilization APIs using Splunk."
"My favorite example of improving of organization is saving a $60k/mo in payroll fraud and $10k/mo in wasted API credits by using simple searches and clear reports."
"Splunk Enterprise Security is able to process a huge amount of data without any issues."
"Its usability is the best part. It is easy for our developers to use if they want to search their logs, etc."
"Less code in integration would be nice when building blocks."
"Previously, they developed custom connectors or add-ons for a lot of applications. But that number can be upgraded still. There are a lot of applications in the world that are not supported."
"The threat detection system has room for improvement."
"There are new services which are coming up. If Splunk can catch up with the speed of Amazon, and with the integration, instead of us waiting for another year or so, that would be good."
"While Splunk offers SOAR as a separate product, integrating it into the next version of Splunk Enterprise Security as a unified solution would be beneficial."
"The difficult part is related to integration with sources of data that are used to create the logs as this depends on the infrastructure of the client."
"The configuration could be better."
"The analytics of Splunk could be improved."
"Some of the terminology can be confusing, even for seasoned vets. Renaming components at this point would be a serious undertaking. However, it might be beneficial in the long run."
Anomali ThreatStream is ranked 6th in Threat Intelligence Platforms with 1 review while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 251 reviews. Anomali ThreatStream is rated 7.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Anomali ThreatStream writes "Easy and quick credential monitoring; tech support could be improved". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Anomali ThreatStream is most compared with Recorded Future, ThreatConnect Threat Intelligence Platform (TIP), ThreatQ, Group-IB Threat Intelligence and Palo Alto Networks AutoFocus, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel.
We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.