If my infrastructure is critical infrastructure, the Claroty Platform saves time and resources.
The solution can save costs by improving incident resolution times and reducing security incident costs.
Their response and support are effective and proactive.
They can rate support for the Claroty Platform from one to ten as eight to nine.
I have always found Claroty's technical support to have good engineers.
Mission-critical offering a dedicated team, proactive monitoring, and fast resolution.
From the responsiveness perspective, Splunk is very responsive with SLA-bound support for premium tiers.
I would rate the support at eight, meaning there's some room for improvement.
The Claroty Platform offers a scalable solution that accommodates both cloud and on-premise deployments.
I would rate the scalability as eight or nine as the only issue faced was with login challenges, which could be improved.
The way the Claroty Platform has considered and included the active scanning part has made it quite scalable.
Splunk User Behavior Analytics is highly scalable, designed for enterprise scalability, allowing expansion of data ingestion, indexing, and search capabilities as log volumes grow.
The platform runs with minimal delays and effectively manages workloads without intruding on the network.
Overall, I would rate the stability as eight out of ten.
With built-in redundancy across zones and regions, 99.9% uptime is achievable.
Splunk User Behavior Analytics is a one hundred percent stable solution.
Splunk User Behavior Analytics is highly stable and reliable, even in large-scale enterprise environments with high log injection rates.
Additionally, reducing the overall cost of hardware and software solutions would be beneficial.
As AI is booming now, there are concerns about AI security.
Sometimes, these CVEs are not actually related to the device in the firmware at the site.
Global reach allows deployment of apps and services closer to users worldwide, but data sovereignty concerns exist and region selection must align with compliance requirements.
I encountered several issues while trying to create solutions for this advanced version, which seem unrelated to query or data issues.
High data ingestion costs can be an issue, especially for large enterprises, as Splunk charges based on the amount of data processed.
One unique aspect of Claroty is that users get all the deployments for free.
The cost of the Claroty Platform is comparatively high.
The cost is as per the standard market.
Reserved instances with one or three-year commitments offer lower rates, providing up to 70% savings.
Comparing with the competitors, it's a bit expensive.
The pricing is based on the amount of data processed, and it is considered a high-level investment for enterprises.
The ability to detect and classify assets, assess vulnerabilities, and manage patches and updates effectively is highly beneficial.
They offer threat detection, asset management, vulnerability management, and remote access, which makes them the sole vendor in the OT security space to offer all three services.
Additionally, their SRA solution, the Secure Remote Access solution, is very useful for industrial environments.
I also utilize it for anomaly detection and behavior analysis, particularly using Splunk's machine learning environment.
Features like alerts and auto report generation are valuable.
Splunk User Behavior Analytics offers several beneficial features, such as Insider Threat Detection, account compromise detection, risk scoring, threat detection, and machine anomaly detection.
The Claroty Platform is tailored for monitoring and securing industrial control systems. It offers deep visibility into OT networks, enabling effective anomaly detection and vulnerability assessments. Its user-friendly interface and robust reporting tools facilitate easy management and compliance, enhancing organizational efficiency and cybersecurity posture in industrial environments.
Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.
We monitor all Cyber-Physical Systems Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
