Try our new research platform with insights from 80,000+ expert users

Share your experience using Blackberry AtHoc

The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.

Use our online form to submit your review. It's quick and you can post anonymously.

Your review helps others learn about this solution
The PeerSpot community is built upon trust and sharing with peers.
It's good for your career
In today's digital world, your review shows you have valuable expertise.
You can influence the market
Vendors read their reviews and make improvements based on your feedback.
Examples of the 96,000+ reviews on PeerSpot:

Bushra Alhetelah - PeerSpot reviewer
SOC Engineer at Cyberani Solutions
Real User
Advanced correlation capabilities enable the identification of user activity patterns effectively

What is our primary use case?

When configuring our use cases and describing the overall purpose of Splunk Enterprise Security, I would focus on the main use cases that I encountered with this tool.

What is most valuable?

The ease of use and building queries, specifically SQL queries, is notably beneficial as it is easy to build, and the data model itself is very simple. The advanced correlation capabilities are very useful for identifying patterns or malicious activity of users.

For how long have I used the solution?

I have worked with Splunk Enterprise Security for two years.

How are customer service and support?

I have contacted the Splunk Enterprise Security support team once, but mainly the other team responsible for onboarding contacted them.

How would you rate customer service and support?

What other advice do I have?

I am preparing my master's degree and conducting this review for completing it at KFUPM University, King Fahd University of Petroleum and Minerals, located in Saudi Arabia, to prepare for my defense. I have experience with blue team tools, specifically Splunk Enterprise Security and some other solutions.

The company name is Cyberani Solutions, and my email is first name dot last name at cyberanisolutions.com. PeerSpot will create an account and email the login credentials, and my feedback will be published and possibly shared with third parties if I choose to not remain anonymous.

I would rate Splunk Enterprise Security an eight.

Disclosure: My company has a business relationship with this vendor other than being a customer. partner
Flag as inappropriate
Alparslan Özdemir - PeerSpot reviewer
Cyber Security Engineer at a tech vendor with 51-200 employees
Real User
Deployment and search capabilities boost practical use and efficiency
Pros and Cons
  • "Its search is very flexible, allowing you to search anything by typing a sentence."
  • "Splunk Enterprise Security is a wonderful solution, however, the background configuration process could be better as the administration process is very complicated."

What is our primary use case?

I'm a technical support engineer for Cortex XDR at the moment and in my company, we are selling the Cortex XDR solution to other companies. 

I also have experience with Splunk Enterprise Security and CrowdStrike too; we are using those products in my company. For Splunk Enterprise Security, I am using the Enterprise Security module and base Splunk for developing rules.

What is most valuable?

The deployment server is very good and is one of the best features of Splunk Enterprise Security for me; you can use that deployment server even for distributing any agents, upgrading automatically, and universal forwarders. Its search is very flexible, allowing you to search anything by typing a sentence.

What needs improvement?

Splunk Enterprise Security is a wonderful solution, however, the background configuration process could be better as the administration process is very complicated. As an analyst rather than a Splunk engineer, some background configurations might be easier.

For how long have I used the solution?

I'm working with Splunk Enterprise Security for six months, however, I have been using Splunk for one year.

What do I think about the stability of the solution?

Splunk Enterprise Security is a very stable product; I have never been in trouble with any stability problems if you set it up correctly.

How are customer service and support?

I would give support a seven out of ten as Splunk Enterprise Security's advanced support is very skillful, however, to reach that advanced support, first they send you some beginner-level support that mostly does not solve problems for me. That said, when they escalate it, it completely finds a solution.

How would you rate customer service and support?

Which solution did I use previously and why did I switch?

Before Splunk Enterprise Security, I didn't use any other solution.

How was the initial setup?

I did not set up the Splunk Enterprise Security; my admin colleagues from another department set it up for me.

I'm just using and revising the rules. I'm a Cortex admin, so I'm involved in the process for Cortex, not for Splunk Enterprise Security.

My company is a partner with Splunk Enterprise Security. As an engineer and layer two security analyst, I'm solving problems with Splunk Enterprise Security, editing rules on customers, reviewing alerts, and developing rules.

What's my experience with pricing, setup cost, and licensing?

I'm not aware of the price of the tool. My company and other departments arange the licensing. 

What other advice do I have?

On Splunk Enterprise Security, we imported from the content library, specifically from the content management page that contains many rules; we are importing rules from there, enabling rules, and editing them. I'm not a deep down administrator of Splunk Enterprise Security, so I'm not arranging the data models. I'm mostly editing the rules.

On a scale of one to ten, I rate Splunk Enterprise Security an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Flag as inappropriate