2020-02-12T17:16:43Z

What advice do you have for others considering Splunk Phantom?

10

If you were talking to someone whose organization is considering Splunk Phantom, what would you say?

How would you rate it and why? Any other tips or advice?

ITCS user
Guest
55 Answers

author avatar
Top 10Real User

I would recommend this solution, but it also depends on the price. Splunk is number one for SIEM or SOAR. Another solution that I would recommend is Palo Alto XSOAR. I would rate Splunk Phantom a nine out of ten.

2021-04-26T15:04:26Z
author avatar
Top 5Real User

We have a business relationship with Splunk. We're partners. We're using the solution on our VM and also on our database cloud. I'd recommend the solution to other organizations. Compared to other products, Phantom seems to be easy to use and the ability to customize is high. Compared to the older version, the newer version is very customizable. We can very easily create custom functions. The UI looks good and is also improved. I would rate the solution eight out of ten.

2021-01-22T22:52:15Z
author avatar
Top 10Real User

I'm not sure which version of the solution we're currently using. If a company wants to automate redundant work, this solution is perfect for that. Very specific processes can be easily automated to save time. That way, analysts can invest their time elsewhere. Phantom is one of the great tools for reducing redundancies. I'd rate the solution eight out of ten.

2020-08-23T08:17:28Z
author avatar
Real User

It's important to know your customer's requirements so you can choose the correct solution. The budget also needs to be taken into account. Most customer's budgets suit a Splunk solution whereas RSA is much more expensive. I would rate Splunk Phantom a seven out of 10.

2020-04-30T10:58:00Z
author avatar
Top 20Real User

My advice to anybody who is considering this solution is to first really understand the requirements that you have, well enough. You need to identify and understand the data sources that you need, prior to purchase, to ensure that there is a need and also that there are no issues with incompatibility or connectivity. You also need to have the right resources to assess, implement, or oversee the implementation. You're going into an environment that requires a little bit of understanding of artificial intelligence because the SOAR platform requires setting up some rules. You also need to have a technical support group in-house to be able to help, otherwise, you would be dependent on Splunk for assistance. Overall, this product is fairly good but it's not quite mature yet. It needs some enhancement and some stabilization in some areas. I would rate this solution an eight out of ten.

2020-02-12T17:16:43Z
Learn what your peers think about Splunk Phantom. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
511,521 professionals have used our research since 2012.