CSO at a manufacturing company with 1,001-5,000 employees
Aug 11, 2023
The most valuable features include agility and Splunk Enterprise Security's ability to quickly search for alerted items, as well as the capacity to create custom alerts using the SQL language employed by Splunk.
Lead Solutions Architect at a government with 10,001+ employees
Jul 19, 2023
We saw the granularity that we could get from Splunk far exceeded what we already had. We had the ability to have our security team really focus on the platform and stay within the platform, but they could correlate with a variety of other stakeholders, and our stakeholders were growing.
Chief Cybersecurity Architect at a security firm with 201-500 employees
Sep 11, 2023
The ability to digest any information and then correlate it in accordance with what you need is valuable. The ability to connect to pretty much everything and bring the information in the same format is also valuable. On top of that, we can use their language in order to create and customize the dashboards, correlations, or analytics that we want to incorporate.
Senior Security Analyst at Inspira Enterprise India Pvt. Ltd.
Sep 6, 2023
It would be great if I could have a certain dialogue box in Splunk that uses innovative AI tools like ChatGPT, which are available now in the tech department.
Sr Cybersecurity Engineer at a energy/utilities company with 10,001+ employees
Jul 20, 2023
The UI could be better. This is applicable to Splunk in general. I know that a lot of people who get their hands on Splunk are hesitant to use it just because they find it overwhelming. There are a lot of options.
Lead Solutions Architect at a government with 10,001+ employees
Jul 19, 2023
We were inundated with the amount of alerts and alarms that we could get out of it. It is also a resource hog and we didn't have the resources to support it on-prem so we're taking it offline now.
Chief Cybersecurity Architect at a security firm with 201-500 employees
Sep 11, 2023
They can incorporate the SOAR solution within the actual product so that we do not require two different products, two different installations, and two different pricing methods. In regards to UBA, I am familiar with the UBA that existed two years ago. I am not updated about it today, but two years ago, UBA required such an amount of data that from a cost perspective, it was not worth it. When you compare it to what you get out of the box with Microsoft Sentinel without additional costs, there is no match.