We performed a comparison between Splunk Enterprise Security and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Splunk Enterprise Security comes with 300 pre-deployed use cases that can be easily customized to meet the specific needs of our organization, without the need to purchase additional tools."
"The technical support has been very good. They are very responsive and have been helpful."
"Its dashboard is valuable. If you have a good knowledge of how to create a dashboard, you can create any dashboard related to cybersecurity. If fine-tuned, the alarms that are triggered for instant review are also very valuable and useful."
"We have a more secure, robust environment, which keeps the harmful software out of the zone required."
"The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"This is a straightforward solution, easy to configure."
"I like Splunk's data aggregation and search capabilities."
"The most valuable feature is the capability to correlate different events from different platforms that we feed into it."
"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."
"I like the ease of deployment."
"I rate the tool's deployment an eight out of ten. The deployment is completed in two days."
"McAfee as a whole is a good solution."
"It is a good central viewpoint for issues. These can then be investigated in more detail on the subnet server(s)/endpoints."
"The solution's technical support is great."
"It is user-friendly. The notification part of McAfee ESM is very easy."
"The threat detection system has room for improvement."
"The documentation is in definite need of improvement."
"The integration with all our tool sets felt like we were reinventing the wheel, which was a pain point for us."
"The solution could improve by increasing the performance. We have run into problems when large amounts of data are processed."
"Splunk's ability to analyze malicious activities scores an 8 out of 10, but there's room for improvement. By analyzing emerging patterns, Splunk could identify and predict potential threats more effectively."
"Splunk ES could have more pre-built integrations and rules. The detection is fairly accurate, but it depends on the rules you create. Splunk's out-of-the-box configuration isn't that useful."
"When you get into large amounts of data, Splunk can get pretty slow. This is the same on-premise or AWS, it doesn't matter. The way that they handle large data sets could be improved."
"It would be great if I could have a certain dialogue box in Splunk that uses innovative AI tools like ChatGPT, which are available now in the tech department."
"Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface."
"I would like to see good analytics in future releases."
"The solution needs to improve case management. The UI is confusing."
"I would like to see improvements to the user interface."
"McAfee ESM is not user-friendly and the log is not accurate. For instance, if I were assigned to generate a log for changes made today, I wouldn't be able to see all the modifications. While Palo Alto allows us to see all changes, McAfee ESM only captures one out of every ten changes. It's crucial to have visibility into all changes made."
"The only drawback is that they don't have any packet capturing or network behavior analysis."
"The initial setup is difficult and could improve."
"It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews while Trellix ESM is ranked 19th in Security Information and Event Management (SIEM) with 34 reviews. Splunk Enterprise Security is rated 8.4, while Trellix ESM is rated 7.4. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, LogRhythm SIEM, Trellix Helix and Fortinet FortiSIEM. See our Splunk Enterprise Security vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.