• Home
  • Seceon Open Threat Management Platform vs. Splunk Enterprise Security

Seceon Open Threat Management Platform vs Splunk Enterprise Security comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews
32,763 views|18,195 comparisons
92% willing to recommend
Seceon Logo

Seceon Open Threat Management Platform

Read 10 Seceon Open Threat Management Platform reviews
1,461 views|606 comparisons
100% willing to recommend
Splunk Logo

Splunk Enterprise Security

Read 227 Splunk Enterprise Security reviews
25,711 views|20,955 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Seceon Open Threat Management Platform vs. Splunk Enterprise Security
March 2024
Executive Summary

We performed a comparison between Seceon Open Threat Management Platform and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Seceon Open Threat Management Platform vs. Splunk Enterprise Security Report (Updated: March 2024).
Download the complete report
768,246 professionals have used our research since 2012.
Featured Review
Anonymous User
Researched Splunk Enterprise Security but chose Microsoft Sentinel: The threat intelligence helped us prepare for attacks by developing rules before they hit
Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The... Read more →
Dr. Ravi_Sharma
It has helped us develop a proactive approach to identifying and dealing with potential issues
Seceon helps us take a proactive approach by identifying if, for example, we have too much traffic or utilization is too high. Maybe the number of... Read more →
Sneha Golhar
Is quick to deploy, easy to integrate, and provides good visibility across our environment
Splunk Enterprise Security's detection capability is good. Real-time alerts are crucial for threat detection. When unknown traffic is identified,... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements.""Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing""The solution offers a lot of data on events. It helps us create specific detection strategies.""Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything.""I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products.""I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily.""It's pretty powerful and its performance is pretty good.""The main benefit is the ease of integration."

More Microsoft Sentinel Pros →

"The solution is stable.""The main thing is the value proposition. It is one of the most sophisticated yet affordable solutions that I've come across. It is also one of the easiest-to-manage yet comprehensive solutions for a SOC analyst. Its customizations are really good, and it has a lot of integrations. It is multi-tenant and very fast to onboard. Its stability is 100%. We've never had an outage with it. It doesn't require extensive hardware resources. Its level of support is also very good. They have a very responsive technical team.""I like that it's an AI-based platform. The most valuable feature is that it's a comprehensive solution. Most tools in the marketplace are comprised of miscellaneous items. They fail to provide real-time remediation features. However, with Seceon Open Threat Management Platform, anything you can think of in cybersecurity, like auto-remediation, real-time response, and even on-premise components, is available in a single platform. So, it's perfect for finance and healthcare who don't want to share their data with a third party like the cloud. You can have this on-premise as well. So, the expenditure will be lower as less human intervention is required.""You can use different solutions in a single platform which is very easy and attractive for customers.""The algorithm used in Seceon OTM is clear and logical, categorizing events as needed. This helps us identify and respond to threats effectively.""The solution is very cost-effective compared to Splunk and LogRhythm.""Seceon Open Threat Management Platform notifies only genuine alerts. It offers plenty of options that are suitable for MSPs.""We only recently started using Seceon, so we aren't taking advantage of all its features yet. We have enabled some proactive alerts about utilization and bottlenecks from high traffic."

More Seceon Open Threat Management Platform Pros →

"The solution is very fast and succinct.""It is very stable. We have not had any problems.""It is the best tool if you have a complex environment or if data ingestion is too huge.""My favorite example of improving of organization is saving a $60k/mo in payroll fraud and $10k/mo in wasted API credits by using simple searches and clear reports.""Search language is easy to understand and teach to new users.""Alerts when a server is malfunctioning, monitors external attacks, and takes action to stop spreading viruses.""There are quite a lot of things that we find useful. Splunk agents are useful and good. Its UI is quite impressive.""UBA, User Behavior Analytics, is a key feature."

More Splunk Enterprise Security Pros →

Cons
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc.""They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us.""Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this.""They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft.""When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear.""The solution could improve the playbooks.""Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution.""They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."

More Microsoft Sentinel Cons →

"The product could be improved by including sandboxing capabilities in the next release.""It would be ideal with the processing was more manageable. Not many customers are willing to have a dedicated server with two CPUs and one TB of memory. The cost of this is huge for a smaller organization.""It would be better if they offered global coverage.""We are at the client’s end, offering services. They don’t know about security rules and benchmarks. We are working on the discovery and remediation but we don’t really have the intelligence that was available while working with other tools. Human working is also very essential for the solution. The automatic session is impossible to play since it needs to touch Redfin for further analysis. No one has breached our clients.""The management console could use some enhancements.""The dashboard has always been an issue.""For future releases, integrating incident response tools and improving communication on incident reporting could be beneficial.""It is a standalone solution now. They need to make it into a cloud-based subscription model. It needs more compatibility for co-managed solutions. It can also have more threats and deeper integration with Microsoft."

More Seceon Open Threat Management Platform Cons →

"The implementation and the scanning of the logs can be difficult.""Splunk Enterprise Security can be improved by including backup network detection and response and safe management to the paid platform.""This solution could be improved by better pricing in general and by easier installation.""The integration with all our tool sets felt like we were reinventing the wheel, which was a pain point for us.""There is a definite learning curve to starting out.""Missing capability for audio/video and image processing.""The solution should also have more advanced capabilities in comparison with QRadar, which offers Watson.""It would be great if I could have a certain dialogue box in Splunk that uses innovative AI tools like ChatGPT, which are available now in the tech department."

More Splunk Enterprise Security Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

  • "It has a per-asset model instead of an ingestion-based model, which gives predictable pricing. In terms of price, it is in the middle to lower range of SIEMs that it competes against. It is the most affordable solution that we have implemented so far. It was much more affordable than anything else I've implemented."
  • "Seceon Open Threat Management Platform is cost-effective because it's a comprehensive platform that offers high availability."
  • "The solution is cheap and very competitive. It offers good tuning in terms of the pricing. Other solutions like Palo Alto and IBM are more expensive."
  • "The pricing is very competitive. It's not expensive."
  • "We used the solution's trial version for two months and later purchased it."
  • "The price is quite reasonable."
  • "I find Seceon OTM's pricing to be reasonable, not too high or low, just okay for the market standards. I can't disclose specific figures, we pay on a quarterly basis under a service model. I would rate it eight out of ten. As a customer, I always hope for better pricing options."

    • More Seceon Open Threat Management Platform Pricing and Cost Advice →

  • "Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
  • "Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
  • "It is not cheap."
  • "Splunk Enterprise becomes extremely expensive after the 20GB/month license."
  • "You will eat up whatever you purchase quickly. The level of insights that Splunk empowers is addictive."
  • "Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price."
  • "Pricing is pretty fair."
  • "While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."

    • More Splunk Enterprise Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    768,246 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    What do you like most about Seceon Open Threat Management Platform?
    Top Answer:The solution is very cost-effective compared to Splunk and LogRhythm.
    Read all 8 answers   →
    What is your experience regarding pricing and costs for Seceon Open Threa...
    Top Answer:The price is quite reasonable. I rate the pricing more than six or seven out of ten.
    Read all 7 answers   →
    What needs improvement with Seceon Open Threat Management Platform?
    Top Answer:The dashboard has always been an issue. The latest version has taken care of most of the shortfalls.
    Read all 8 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is… more »
    Read all 12 answers   →
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring… more »
    Read all 2 answers   →
    What do you like most about Splunk?
    Top Answer:Splunk helps us be more proactive. We can take predictive action to identify and block threats so that nothing harmful… more »
    Read all 130 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    Seceon OTM, Seceon aiSIEM, aiSIEM, Seceon Open Threat Management
    Learn More
    Microsoft
    Seceon
    Splunk
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Seceon Open Threat Management Platform is a comprehensive cybersecurity solution that offers real-time threat detection, analysis, and response capabilities. It leverages advanced AI and machine learning algorithms to provide proactive threat hunting and automated incident response. 

    With its intuitive dashboard, users can gain complete visibility into their network, applications, and endpoints, enabling them to identify and mitigate potential risks effectively. The platform integrates seamlessly with existing security infrastructure, consolidating data from various sources for centralized monitoring and analysis. 

    Its threat intelligence feeds and behavioral analytics enable the identification of both known and unknown threats, ensuring comprehensive protection against advanced cyber attacks. Seceon Open Threat Management Platform empowers security teams with actionable insights, enabling them to prioritize and respond to threats swiftly. With its automated remediation capabilities, it minimizes the impact of attacks and reduces response time. The platform also offers customizable reporting and compliance management features, facilitating regulatory compliance and providing stakeholders with comprehensive security status updates. 

    Seceon Open Threat Management Platform is a robust and scalable solution that caters to the evolving cybersecurity needs of organizations across industries.

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Caduceus, SUNY
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Computer Software Company28%
    Financial Services Firm13%
    Comms Service Provider9%
    Educational Organization7%
    REVIEWERS
    Computer Software Company18%
    Financial Services Firm15%
    Government10%
    Energy/Utilities Company7%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    REVIEWERS
    Small Business73%
    Midsize Enterprise27%
    VISITORS READING REVIEWS
    Small Business38%
    Midsize Enterprise15%
    Large Enterprise47%
    REVIEWERS
    Small Business31%
    Midsize Enterprise12%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Buyer's Guide
    Seceon Open Threat Management Platform vs. Splunk Enterprise Security
    March 2024
    Free Report: Seceon Open Threat Management Platform vs. Splunk Enterprise Security
    Find out what your peers are saying about Seceon Open Threat Management Platform vs. Splunk Enterprise Security and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,246 professionals have used our research since 2012.

    Seceon Open Threat Management Platform is ranked 25th in Security Information and Event Management (SIEM) with 10 reviews while Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 227 reviews. Seceon Open Threat Management Platform is rated 8.4, while Splunk Enterprise Security is rated 8.4. The top reviewer of Seceon Open Threat Management Platform writes "Has the ability to categorize alerts and reporting dashboards are useful". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Seceon Open Threat Management Platform is most compared with IBM Security QRadar, Securonix Next-Gen SIEM, Fortinet FortiSIEM, ManageEngine Log360 and Elastic Security, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor. See our Seceon Open Threat Management Platform vs. Splunk Enterprise Security report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.