We performed a comparison between Palantir Foundry and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two IT Operations Analytics solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution provides an end-to-end integrated tech stack that takes care of all utility/infrastructure topics for you."
"Great features available in one tool."
"The virtualization tool is useful."
"Live video sessions enhance the available documentation and allow you to ask questions directly."
"The interface is really user-friendly."
"Palantir Foundry is a robust platform that has really strong plugin connectors and provides features for real-time integration."
"It is easy to map out a workflow and run trigger-based scripts without having to deploy to another server."
"The ease of use is my favorite feature. We're able to build different models and projects or combine different projects to build one use case."
"We have a more secure, robust environment, which keeps the harmful software out of the zone required."
"The solution has proven to be quite stable."
"Splunk is extremely flexible, which allows us to create custom visualizations along with other customizations."
"We can quickly search for almost anything across many log sources in seconds."
"The breadth of the data sources that Splunk can ingest data from is broad and deep and it does an exemplary job at handling structured data."
"The UI of Splunk makes it easier for our analysts to move around and see what they need to see."
"The correlation searches (properly configured) populate the Incident Management dashboard and provide me a quick birds-eye view of my most important concerns."
"Its compatibility with other SIEMS is very useful."
"If you want to create new models on specific data sets, computing that is quite costly."
"It would be helpful to build applications based on Azure functions or web apps in Palantir Foundry."
"The frontend capabilities of Palantir Foundry could be improved."
"Compared to other hyperscalers, Palantir Foundry is complex and not so user-intuitive."
"The workflow could be improved."
"The solution could use more online documentation for new users."
"Cost of this solution is quite high."
"Difficult to receive data from external sources."
"The threat detection library needs to increase the frequency at which the playbooks are updated."
"It is important to make sure that everything is built off of the threat models and all the underlying items within Splunk."
"Its pricing model and integration with third-party services can be improved. We had faced an issue with integration. The alerting feature is currently not available with Splunk, but it is definitely available with Datadog and PagerDuty. They should include this feature. A few dashboards in Splunk look quite old and are not that modern. They aren't bad, but improving these dashboards will definitely make Splunk more attractive and usable. I read in a few blog posts that there were a few security incidents related to Splunk agents. So, it can be made more secure."
"Splunk does not provide any default threat intelligence like Microsoft Sentinel, but you can integrate any third-party threat intelligence with Splunk. By default, no threat intelligence suite is there, whereas, with IBM QRadar or Microsoft Sentinel, the default feature of threat intelligence is there. It is free. If Splunk can provide a default threat intelligence suite, it would be better."
"Not even Splunk's support guy, who came to our firm, could help with defining proper role management."
". Having a trial version or more training on Splunk would be helpful."
"The threat management part is still lagging. There are some gaps in threat management. Other vendors have built-in threat management systems, but Splunk lacks the threat management component in its portal. The UEBA and everything else is perfect, but it lacks a unified threat intelligence and management part."
"The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer."
Palantir Foundry is ranked 5th in IT Operations Analytics with 13 reviews while Splunk Enterprise Security is ranked 1st in IT Operations Analytics with 228 reviews. Palantir Foundry is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of Palantir Foundry writes "The data visualization is fantastic and the security is excellent". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Palantir Foundry is most compared with Azure Data Factory, Palantir Gotham, SAP Data Services, AWS Glue and Denodo, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security. See our Palantir Foundry vs. Splunk Enterprise Security report.
See our list of best IT Operations Analytics vendors.
We monitor all IT Operations Analytics reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.