Splunk User Behavior Analytics OverviewUNIXBusinessApplication

Splunk User Behavior Analytics is the #2 ranked solution in our list of top Anomaly Detection Tools. It is most often compared to Darktrace: Splunk User Behavior Analytics vs Darktrace

What is Splunk User Behavior Analytics?
Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics – for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.

Splunk User Behavior Analytics is also known as Caspida, Splunk UBA.

Buyer's Guide

Download the Intrusion Detection and Prevention Software (IDPS) Buyer's Guide including reviews and more. Updated: September 2021

Splunk User Behavior Analytics Customers
8 Securities, AAA Western, AdvancedMD, Amaya, Cerner Corporation, CJ O Shopping, CloudShare, Crossroads Foundation, 7-Eleven Indonesia
Splunk User Behavior Analytics Video

Splunk User Behavior Analytics Reviews

Filter by:
Filter Reviews
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
Filter Unavailable
Filter Unavailable
Order by:
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Showingreviews based on the current filters. Reset all filters
Global Engineer at a financial services firm with 10,001+ employees
Real User
Stable, with good automation capabilities, however, we want to be able to automate even more

What is our primary use case?

We use the solution to feed telemetry data from the network into the collective for display-only. We haven't yet come to a point where we have decided on the process of the status for subsequent operational automation.

Pros and Cons

  • "The product is at the forefront of auto-remediation networking. It's great."
  • "Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes."

What other advice do I have?

We're simply customers. We don't have a business relationship with Splunk. We're using the latest version of the solution. I'm not sure of the exact version number. I'd recommend the solution to other companies. On a scale from one to ten, I'd rate it at a seven. If the cost was more reasonable, I might rate it a bit higher. It's not too expensive, but it could always be better.
Sr. CyberSecurity Solutions Architect at a security firm with 11-50 employees
Real User
Top 10
Good support, stable, and provides good security

What is our primary use case?

We are a cybersecurity vendor and Splunk is the main product that we work with. We are predominantly a Splunk shop. We sell security solutions, so our primary use case for Splunk UBA is security.

What is most valuable?

This is a good security product.

What needs improvement?

The price of Splunk UBA is too high.

For how long have I used the solution?

I have been working with Splunk UBA at this company for the past year.

What do I think about the stability of the solution?

Everything that Splunk does is great, as far as stability.

What do I think about the scalability of the solution?

Scalability is excellent on all Splunk products that I've dealt with.

How are customer service and technical support?

The technical support is excellent. …
Buyer's Guide
Download our free Intrusion Detection and Prevention Software (IDPS) Report and find out what your peers are saying about Splunk, Darktrace, Cisco, and more!