Anomali ThreatStream vs Splunk Enterprise Security comparison

Anomali ThreatStream

Read 1 Anomali ThreatStream review

1,238 Views
956 Comparison Views

100% willing to recommend

Splunk Enterprise Security

Read 258 Splunk Enterprise Security reviews

23,657 Views
19,419 Comparison Views

93% willing to recommend

Anomali ThreatStream

Splunk Enterprise Security

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Anomali ThreatStream and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out what your peers are saying about Recorded Future, Microsoft, Check Point Software Technologies and others in Threat Intelligence Platforms.

To learn more, read our detailed Threat Intelligence Platforms Report (Updated: June 2024).

Buyer's Guide

Threat Intelligence Platforms

June 2024

Download the complete report

Helped 789,135 peers since 2012

Categories and Ranking

Anomali ThreatStream

Average Rating

7.0

Number of Reviews

Ranking in other categories

Threat Intelligence Platforms (6th)

Splunk Enterprise Security

Average Rating

8.4

Number of Reviews

258

Ranking in other categories

Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)

Featured Reviews

Peter Pamuk

Managing Member at Conterre Consulting LLC.

Mar 12, 2023

Easy and quick credential monitoring; tech support could be improved

Our primary use case for this solution is as a threat intelligence platform. We stream various threat feeds into this platform. We also make correlations between the feeds to duplicate the data, aggregate it and then present it to our security solutions for advanced security The way that this…

Read full review

Russell Barber

Spelunking Consultant at BlueVoyant

May 8, 2024

Provides a centralized place to consolidate everything and start investigations

The end-to-end visibility the tool provides is not that big of a deal. They have so many tools that can do that kind of part. Splunk doesn't have to be the one place for total visibility, but at least for visibility when it consolidates on threats. Splunk has helped improve our organization's ability to ingest and normalize data. The tool pretty much consumes everything that we have. Everything from dozens of different vendor products gets ingested into Splunk. Splunk Enterprise Security is just that one central place where everything goes. Splunk Enterprise Security has helped speed up our security investigations. Something that requires someone to work on it at the beginning of the day would not take more than 15 minutes with Splunk Enterprise Security. Overall, I rate the solution an eight out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The feature I have found most valuable is credential monitoring. This feature is easy and quick."

"The level of robustness on offer is very good."

"The most valuable feature is the custom dashboard feature."

"We saw the granularity that we could get from Splunk far exceeded what we already had. We had the ability to have our security team really focus on the platform and stay within the platform, but they could correlate with a variety of other stakeholders, and our stakeholders were growing."

"The most valuable aspect of the solution is the dashboard. It's very intuitive."

"Splunk Enterprise Security is able to process a huge amount of data without any issues."

"Splunk has significantly reduced the time in performing the task of aggregating logs, reviewing as well as time spent during investigations."

"The feature that I have found most valuable with Splunk is the ability to sift through a bunch of data very quickly."

"To get visibility from your network devices, servers, and security devices is a great feature."

More Splunk Enterprise Security pros

Cons

"Less code in integration would be nice when building blocks."

"The user experience could be improved."

"The solution has a high learning curve for users. It's a little complicated when you're trying to figure out all the features and what they do."

"The product was difficult to back up the first time."

"Sometimes, the data does not match what we're looking for, or the tool contains incorrect data."

". Having a trial version or more training on Splunk would be helpful."

"It works as intended for us, and we are getting everything that we need out of it. If anything, its initial setup can be improved a bit."

"I would like to see an updated dashboard. The dashboard is a little out-of-date. It could be made prettier."

"Splunk can improve regex/asset analysis as we do not want to crawl until it is done."

More Splunk Enterprise Security cons

Pricing and Cost Advice

Information not available

"I think that most of the monitoring solutions are expensive."

"It is expensive. That is why many customers have moved to IBM QRadar. The price is definitely a challenge for customers."

"I am fine with the licensing, but in terms of the cost, it is expensive for the data that we have. We have an open discussion with our account rep about this."

"Our customers often complain that the price of Splunk is too high."

"It's a little bit expensive for a small to medium enterprise."

"The pricing of Splunk Enterprise Security is high."

"Its price is fair. Like with anything else, if you go into the cloud, different providers cost more, and you are able to throttle back or throttle up. The cost is comparable with anything else."

"The licensing is good, but the pricing absolutely needs some work. It is very high."

More Splunk Enterprise Security pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Threat Intelligence Platforms solutions are best for your needs.

See recommendations

789,135 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

16%

Computer Software Company

14%

Government

12%

Manufacturing Company

10%

Financial Services Firm

15%

Computer Software Company

14%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Anomali ThreatStream?

The feature I have found most valuable is credential monitoring. This feature is easy and quick.

See all answers

What needs improvement with Anomali ThreatStream?

I think that this solution should improve its integrations. This part of the solution could be bigger and moved into the no-code direction. Less code in integration would be nice when building blocks.

See all answers

What is your primary use case for Anomali ThreatStream?

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

See all answers

How does Splunk compare with Azure Monitor?

Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...

See all answers

Comparisons

Recorded Future vs Anomali ThreatStream

Compared 30% of the time

ThreatConnect Threat Intelligence Platform (TIP) vs Anomali ThreatStream

Compared 28% of the time

ThreatQ vs Anomali ThreatStream

Compared 15% of the time

Group-IB Threat Intelligence vs Anomali ThreatStream

Compared 6% of the time

Palo Alto Networks AutoFocus vs Anomali ThreatStream

Compared 5% of the time

More Anomali ThreatStream Competitors

Wazuh vs Splunk Enterprise Security

Compared 14% of the time

IBM Security QRadar vs Splunk Enterprise Security

Compared 8% of the time

Dynatrace vs Splunk Enterprise Security

Compared 8% of the time

Elastic Security vs Splunk Enterprise Security

Compared 4% of the time

Microsoft Sentinel vs Splunk Enterprise Security

Compared 4% of the time

More Splunk Enterprise Security Competitors

Product Reports

Buyer's Guide

Threat Intelligence Platforms

June 2024

Download Anomali ThreatStream product report

Buyer's Guide

Splunk Enterprise Security

May 2024

Download Splunk Enterprise Security product report

Also Known As

ThreatStream OPTIC

No data available

Learn More

Anomali

Splunk

Overview

Anomali ThreatStream is a Threat Intelligence Management Platform that automates the collection and processing of raw data and transforms it into actionable threat intelligence for security teams.

For the VP/Director of Security or Threat Intelligence who needs helps actioning threat data, Anomali ThreatStream helps automate the threat intelligence collection and management lifecycle to speed detection and streamline investigations to increase analyst productivity unlike other solutions unable to easily integrate into existing security infrastructure that cannot operationalize threat intelligence.

Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors.

Full visibility across your environment

Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

Fast threat detection

Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

Efficient investigations

Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

Open and scalable

Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

Sample Customers

BBCN Bank

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.

Buyer's Guide

Threat Intelligence Platforms

June 2024

Download Free Report

Find out what your peers are saying about Recorded Future, Microsoft, Check Point Software Technologies and others in Threat Intelligence Platforms. Updated: June 2024.

DOWNLOAD NOW

789,135 professionals have used our research since 2012.

We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.