We performed a comparison between Splunk User Behavior Analytics and Vectra AI based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is being able to take data and put it into other systems so that we could see the output, and to see where we need to apply our focus."
"Splunk is more user-friendly than some competing solutions we tried."
"The solution is fast, flexible, and easy to use."
"It's easily scalable."
"This is a good security product."
"The most valuable feature is the ability to search through a large amount of data."
"The solution is definitely scalable."
"The solution appears to be stable, although we haven't used it heavily."
"The automatic filtering that they provide is valuable. The logic inside that makes some detections instead of us is very useful. We are confident that if we are just looking into it and there is nothing, nothing could happen."
"We particularly like the user experience around the dashboard, which we find to be much more straightforward than the dashboard of some of the competitive products... Vectra is a really easy system to understand and use to prioritize where we need to focus our security resources."
"The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment."
"We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems."
"The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."
"One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us."
"It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI."
"The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us."
"In the future I would like to see simplified statistics and analytical threats."
"I would like improved downward integration with other tools such as McAfee and other GCP solutions."
"We'd like the ability to do custom searches."
"We want to have an automated system for bot hunting that enables us to detect anomalies predictively based on historical data. It would be helpful if Splunk included process mining as an alternative option. We have a threat workflow, but it would be useful if we could supplement that with some process mining capabilities over time."
"I'm not aware of any lacking features."
"They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases."
"It could be easier to scale the solution if you are using it on-premise, not in the cloud."
"The correlation engine should have persistent and definable rules."
"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."
"Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass."
"What is most important for us is to have one place where we can manage a few brains because we are based on a zero-trust network. As a result, each customer needs to have a separate brain. For the SOC team, we need to have one place where the SOC analyst can go to visit the website and from that site manage all of the customers. Right now, Vectra AI doesn't have this capability, and I would really like to have this feature."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability."
"The rules for threats are not always precise and Vectra AI should improve this."
"Vectra Recall could be utilized much more, and I'm seeing some indications of that today with the investigative components. I use the Visualize feature to visualize components and dashboards a lot. I'm interested in new ways to build automated searches or having them leveraged already from Vectra."
"Other alternatives, like Darktrace, have a fancier UI."
More Splunk User Behavior Analytics Pricing and Cost Advice →
Splunk User Behavior Analytics is ranked 11th in Intrusion Detection and Prevention Software (IDPS) with 17 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 39 reviews. Splunk User Behavior Analytics is rated 8.2, while Vectra AI is rated 8.6. The top reviewer of Splunk User Behavior Analytics writes "Easy to configure and easy to use solution that integrates with many applications and scripts ". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Splunk User Behavior Analytics is most compared with Darktrace, Microsoft Defender for Identity, IBM Security QRadar, Varonis Datalert and KerioControl, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and VMware NSX. See our Splunk User Behavior Analytics vs. Vectra AI report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.