Splunk User Behavior Analytics Overview

Splunk User Behavior Analytics is the #1 ranked solution in our list of top Anomaly Detection Tools. It is most often compared to Darktrace: Splunk User Behavior Analytics vs Darktrace

What is Splunk User Behavior Analytics?
Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics – for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.

Splunk User Behavior Analytics is also known as Caspida, Splunk UBA.

Splunk User Behavior Analytics Buyer's Guide

Download the Splunk User Behavior Analytics Buyer's Guide including reviews and more. Updated: April 2021

Splunk User Behavior Analytics Customers
8 Securities, AAA Western, AdvancedMD, Amaya, Cerner Corporation, CJ O Shopping, CloudShare, Crossroads Foundation, 7-Eleven Indonesia
Splunk User Behavior Analytics Video

Pricing Advice

What users are saying about Splunk User Behavior Analytics pricing:
  • "Pricing varies based on the packages you choose and the volume of your usage."
  • "The licensing costs is around 10,000 dollars."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
NS
Senior Security Engineer at a government with 1,001-5,000 employees
Real User
Easy to configure and easy to use solution that integrates with many applications and scripts

What is our primary use case?

Our primary use is intrusion detection and analysis. It is a great product because it is intelligent and does everything for us.

Pros and Cons

  • "This intelligent user behavior analytics package is easy to configure and use while remaining feature filled."
  • "The ability to do more complicated data investigation would be a welcome addition for pros, though the functionality now gives most people what they need."

What other advice do I have?

From my experience and from the security perspective, I recommend this product for all the people that need good security for investigation. The Splunk team and products are good for those purposes. The storage gets better priced with the amount you use. The storage is very expensive if you take some of the license options from the company. We won't be using unlimited storage for how much data will be imported from our bandwidth. I think the unlimited license is good because we will use a lot. On a scale from one to ten when one is the worst and ten is the best, I would rate Splunk User…
AE
Security PS Supervisor at a tech services company with 1,001-5,000 employees
Real User
A powerful platform with straightforward configuration, but needs to be more scalable

What is our primary use case?

The solution has two main uses. The primary use is for log management and storage. The secondary use is related to solution log coordination and selection.

Pros and Cons

  • "It's straightforward in terms of configuration and troubleshooting and log management and monitoring as well. These are the edge points in addition to it being a modular solution where you can capitalize on your current licenses with extra licensing models, which can match the customer's business requirement and it can help the customer to design or to actually plan for their own roadmap."
  • "The solution is much more expensive than relative competitors like ArcSight or LogRhythm. It makes it hard to sell to customers sometimes."

What other advice do I have?

I'm a system integrator, which provides the solution to end-users and customers. We handle the on-premises deployment model. I would recommend the solution because of the ease of use, the simple administration, the good level of support, the predefined use cases, and the predefined user behavior analytics. I would rate the solution seven out of ten.
Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: April 2021.
501,499 professionals have used our research since 2012.
CC
Global Engineer at a financial services firm with 10,001+ employees
Real User
Top 10
Stable, with good automation capabilities, however, we want to be able to automate even more

What is our primary use case?

We use the solution to feed telemetry data from the network into the collective for display-only. We haven't yet come to a point where we have decided on the process of the status for subsequent operational automation.

Pros and Cons

  • "The product is at the forefront of auto-remediation networking. It's great."
  • "Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes."

What other advice do I have?

We're simply customers. We don't have a business relationship with Splunk. We're using the latest version of the solution. I'm not sure of the exact version number. I'd recommend the solution to other companies. On a scale from one to ten, I'd rate it at a seven. If the cost was more reasonable, I might rate it a bit higher. It's not too expensive, but it could always be better.
General Manager at Hayyan Horizons
Real User
An intuitive solution with excellent integration capabilities

What is our primary use case?

We primarily use this solution for security.

Pros and Cons

  • "The solution is extremely scalable. Our customers are regularly scaling up after installing Splunk."
  • "They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases."

What other advice do I have?

We use the on-premises deployment model of the solution. The more types of clusters you have feeding into Splunk, the better the results you have. If you have a customer environment in which you have diverse solutions and technologies, which cater to a large network of applications you are able to inject more value for the customer. One of the key lessons from using Splunk is to have adequate hardware and pre-plan the implementation. It is reasonably balanced, in terms of how much it uses a CPU and the amount of memory it needs. It's important that you start with good infrastructure when you…
MH
Information Security Specialist at a financial services firm with 201-500 employees
Real User
Top 5Leaderboard
Has powerful search, indexing, and scalability features

What is our primary use case?

Splunk has features that no other solutions have. We work in organizations that have a big volume of data. Our primary use case of this solution is for indexing. The best solution that we found that could fit our needs was Splunk.

Pros and Cons

  • "The most valuable features are the indexing and powerful search features."
  • "The correlation engine should have persistent and definable rules."

What other advice do I have?

After more than three years of using this solution, I would recommend this solution, especially for environments that have a big volume of data. I would rate this solution a nine out of ten. It is a really great product.
WL
Sr. CyberSecurity Solutions Architect at a security firm with 11-50 employees
Real User
Top 20
Good support, stable, and provides good security

What is our primary use case?

We are a cybersecurity vendor and Splunk is the main product that we work with. We are predominantly a Splunk shop. We sell security solutions, so our primary use case for Splunk UBA is security.

What is most valuable?

This is a good security product.

What needs improvement?

The price of Splunk UBA is too high.

For how long have I used the solution?

I have been working with Splunk UBA at this company for the past year.

What do I think about the stability of the solution?

Everything that Splunk does is great, as far as stability.

What do I think about the scalability of the solution?

Scalability is excellent on all Splunk products that I've dealt with.

How are customer service and technical support?

The technical support is excellent. …
AK
CISO at a financial services firm with 201-500 employees
Real User
Professional technical team but I would like to see a more user-friendly interface

What is our primary use case?

Our main use of this solution is threat intelligence and we are very satisfied with it, as it is exactly what we need in our situation. 

What needs improvement?

In the future I would like to see simplified statistics and analytical threats, as well as a more user-friendly interface for dashboards.

For how long have I used the solution?

I have been using Splunk User Behaviour Analytics for two years now.

What do I think about the stability of the solution?

I think the solution is very stable.

What do I think about the scalability of the solution?

The solution is definitely scalable, because we currently have 1000 users in our company and we plan to increase.

How are customer service and technical support?

I am really satisfied with their…
Buyer's Guide
Download our free Splunk User Behavior Analytics Report and get advice and tips from experienced pros sharing their opinions.