Anonymous UserIT Specialist at a tech services company
Genrlmgr67Senior Security Engineer at a government
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The advanced analytics has a really great overview of user behavior."
"Timeline based analysis; good platform support"
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"The most valuable feature is the ability to search through a large amount of data."
"The most valuable features are its data aggregation and the ability to automatically identify a number of threats, then suggest recommended actions upon them."
"Because of some of the visualizations that we utilize, we are able to understand strange, unusual traffic on our networks."
"The most valuable feature is being able to take data and put it into other systems so that we could see the output, and to see where we need to apply our focus."
"It's straightforward in terms of configuration and troubleshooting and log management and monitoring as well. These are the edge points in addition to it being a modular solution where you can capitalize on your current licenses with extra licensing models, which can match the customer's business requirement and it can help the customer to design or to actually plan for their own roadmap."
"The solution is extremely scalable. Our customers are regularly scaling up after installing Splunk."
"The most valuable features are the indexing and powerful search features."
"The solution is definitely scalable."
"I believe if it were more flexible it would be a better product."
"The organzation is rigid and not flexible in the way they operate"
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"It could be easier to scale the solution if you are using it on-premise, not in the cloud."
"The initial setup was complex because some of the configurations that we required needed customization."
"The solution is much more expensive than relative competitors like ArcSight or LogRhythm. It makes it hard to sell to customers sometimes."
"They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases."
"The correlation engine should have persistent and definable rules."
"In the future I would like to see simplified statistics and analytical threats."
"The ability to do more complicated data investigation would be a welcome addition for pros, though the functionality now gives most people what they need."
"Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes."
"They have a great model for pricing that can be based either on user count or gigabits per day."
"My biggest complaint is the way they do pricing... You can never know the pricing for next year. Every single time you adjust to something new, the price goes up. It's impossible to truly budget for it. It goes up constantly."
"There are additional costs associated with the integrator."
"The licensing costs is around 10,000 dollars."
"Pricing varies based on the packages you choose and the volume of your usage."
Earn 20 points
The Exabeam Security Intelligence Platform provides organizations of all sizes with comprehensive, end-to-end detection, analytics, and response capabilities from a single security management and operations platform. Exabeam provides elastic scalability through the use of a modern big data and machine learning architecture that ingests and analyzes data at any scale; all at a predictable cost. This means organizations no longer need to choose between adhering to security budgets and adding additional data sources that would minimize their security blind spots.
Exabeam represents the first security management platform to fully deliver on the initial “promise of SIEM”: complete visibility into modern threats with automated and intelligent response. Exabeam delivers what SIEM products do not.
Exabeam is ranked 4th in User Behavior Analytics - UEBA with 5 reviews while Splunk User Behavior Analytics is ranked 2nd in User Behavior Analytics - UEBA with 11 reviews. Exabeam is rated 7.6, while Splunk User Behavior Analytics is rated 8.0. The top reviewer of Exabeam writes "Good at security logging in our infrastructure but be prepared for problems if you start with a large implementation ". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Easy to configure and easy to use solution that integrates with many applications and scripts ". Exabeam is most compared with Splunk, Securonix Security Analytics, IBM QRadar, LogRhythm NextGen SIEM and Rapid7 InsightIDR, whereas Splunk User Behavior Analytics is most compared with Darktrace, Cisco Stealthwatch, Varonis Datalert, Palo Alto Networks Threat Prevention and Securonix Security Analytics. See our Exabeam vs. Splunk User Behavior Analytics report.
See our list of best User Behavior Analytics - UEBA vendors.
We monitor all User Behavior Analytics - UEBA reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.