IT Central Station is now PeerSpot: Here's why

Cisco Sourcefire SNORT vs Splunk User Behavior Analytics comparison

Cancel
You must select at least 2 products to compare!
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It is quite an intelligent product.""Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."

More Cisco Sourcefire SNORT Pros →

"The solution appears to be stable, although we haven't used it heavily.""This is a good security product.""The product is at the forefront of auto-remediation networking. It's great."

More Splunk User Behavior Analytics Pros →

Cons
"The implementation could be a bit easier.""I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."

More Cisco Sourcefire SNORT Cons →

"I'm not aware of any lacking features.""The price of Splunk UBA is too high.""Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes."

More Splunk User Behavior Analytics Cons →

report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
622,063 professionals have used our research since 2012.
Questions from the Community
Top Answer:Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly.
Top Answer:We bought the appliance, which comes with a license as well. While I don't know the exact pricing, most of these products are through subscription. In our case, we bought the complete appliance with… more »
Top Answer:I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it.
Top Answer:The solution isn't overly expensive. It's quite affordable. It's not the priciest option on the market. I'm not sure of the exact cost as its not an aspect of the solution I directly deal with.
Ranking
Views
3,644
Comparisons
2,765
Reviews
2
Average Words per Review
700
Rating
7.5
Views
7,775
Comparisons
5,631
Reviews
3
Average Words per Review
389
Rating
8.7
Comparisons
Also Known As
Sourcefire SNORT
Caspida, Splunk UBA
Learn More
Overview

Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.

Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics – for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.
Offer
Learn more about Cisco Sourcefire SNORT
Learn more about Splunk User Behavior Analytics
Sample Customers
CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia
8 Securities, AAA Western, AdvancedMD, Amaya, Cerner Corporation, CJ O Shopping, CloudShare, Crossroads Foundation, 7-Eleven Indonesia
Top Industries
VISITORS READING REVIEWS
Comms Service Provider31%
Computer Software Company18%
Government9%
Financial Services Firm5%
REVIEWERS
Financial Services Firm50%
Insurance Company13%
Government13%
Security Firm13%
VISITORS READING REVIEWS
Computer Software Company21%
Comms Service Provider18%
Financial Services Firm10%
Government9%
Company Size
REVIEWERS
Small Business33%
Midsize Enterprise33%
Large Enterprise33%
VISITORS READING REVIEWS
Small Business20%
Midsize Enterprise15%
Large Enterprise64%
REVIEWERS
Small Business23%
Midsize Enterprise38%
Large Enterprise38%
VISITORS READING REVIEWS
Small Business17%
Midsize Enterprise14%
Large Enterprise69%
Buyer's Guide
Cisco Sourcefire SNORT vs. Splunk User Behavior Analytics
July 2022
Find out what your peers are saying about Cisco Sourcefire SNORT vs. Splunk User Behavior Analytics and other solutions. Updated: July 2022.
622,063 professionals have used our research since 2012.

Cisco Sourcefire SNORT is ranked 15th in Intrusion Detection and Prevention Software (IDPS) with 2 reviews while Splunk User Behavior Analytics is ranked 11th in Intrusion Detection and Prevention Software (IDPS) with 3 reviews. Cisco Sourcefire SNORT is rated 7.6, while Splunk User Behavior Analytics is rated 8.6. The top reviewer of Cisco Sourcefire SNORT writes "Intelligent with good threat detection capabilities but could be easier to implement". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Stable, with good automation capabilities, however, we want to be able to automate even more". Cisco Sourcefire SNORT is most compared with Check Point IPS, Palo Alto Networks Threat Prevention, Fortinet FortiGate IPS, Cisco NGIPS and Fortinet FortiWeb, whereas Splunk User Behavior Analytics is most compared with Darktrace, Elastic Enterprise Search, Cisco Stealthwatch, Microsoft Defender for Identity and IBM QRadar User Behavior Analytics. See our Cisco Sourcefire SNORT vs. Splunk User Behavior Analytics report.

See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.

We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.