Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics comparison

Palo Alto Networks Advanced Threat Prevention vs. Splunk User Behavior Analytics

Download the complete report

Helped 879,711 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

ROI

Sentiment score

5.7

Palo Alto Networks Advanced Threat Prevention offers financial benefits and high user satisfaction despite its cost, boosting revenues, especially in Italy.

Sentiment score

5.5

Users report varied ROI from Splunk UBA, emphasizing productivity gains, time savings, and improved incident resolution efficiency.

It offers insights into security threats, despite the inability to quantify its impact in numbers.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Principle Architect at a tech services company with 11-50 employees

The solution can save costs by improving incident resolution times and reducing security incident costs.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

Customer Service

Sentiment score

5.9

Palo Alto Networks' support is praised for expertise but faces inconsistent response times and communication challenges with third-party facilitation.

Sentiment score

6.9

Splunk User Behavior Analytics support is praised for its professionalism, extensive knowledge base, and prompt, reliable assistance despite regional limitations.

I rate technical support from Palo Alto as eight out of ten.

Principle Architect at a tech services company with 11-50 employees

I have proof of this rating - when I escalate a case, I receive a reply from TAC support after two days.

Nasir Akbar

Presales Engineer at SAUDI PARAMOUNT COMPUTER SYSTEMS

Overall, I find the technical support from Palo Alto Networks quite good, although getting a hold of the TAC can be challenging and sometimes requires long phone calls.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Global Network Tech Lead at a tech vendor with 10,001+ employees

Mission-critical offering a dedicated team, proactive monitoring, and fast resolution.

Enterprise Architect at Wipro Limited

From the responsiveness perspective, Splunk is very responsive with SLA-bound support for premium tiers.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

I would rate their technical support as 8.5 out of 10.

Ahmed Naguib

Director at Techpace

Scalability Issues

Sentiment score

7.7

Palo Alto Networks Advanced Threat Prevention is scalable, adaptable, and efficient, though cost may constrain its broad deployment.

Sentiment score

7.2

Splunk User Behavior Analytics excels in scalable deployment, flexible expansion, and efficient data handling, overcoming on-premises storage challenges.

Palo Alto Networks Advanced Threat Prevention is scalable and works well wherever enforcement points exist.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Principle Architect at a tech services company with 11-50 employees

Splunk User Behavior Analytics is highly scalable, designed for enterprise scalability, allowing expansion of data ingestion, indexing, and search capabilities as log volumes grow.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

Stability Issues

Sentiment score

7.7

Palo Alto Networks Advanced Threat Prevention is praised for its superior stability and performance, though requires careful version selection.

Sentiment score

7.8

Splunk User Behavior Analytics is stable, reliable, easy to configure, and effective, achieving 99.9% uptime with proper deployment.

Proper sizing of the firewall models ensures that the system does not experience crippling performance issues.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Principle Architect at a tech services company with 11-50 employees

With built-in redundancy across zones and regions, 99.9% uptime is achievable.

Enterprise Architect at Wipro Limited

Splunk User Behavior Analytics is a one hundred percent stable solution.

AnupChapalgaonkar

Cloud Solution Architect at Tech Mahindra Limited

Splunk User Behavior Analytics is highly stable and reliable, even in large-scale enterprise environments with high log injection rates.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

Room For Improvement

Palo Alto Networks needs improvements in email filtering, setup ease, user experience, support services, and enhanced security features.

Splunk User Behavior Analytics needs better pricing, integration, automation, and machine learning to enhance functionality and user experience.

Palo Alto needs to focus on how to bring that technology to end users and how easy it is to use, especially in a hybrid environment where users work from various locations.

Global Network Tech Lead at a tech vendor with 10,001+ employees

The behavioral detection capabilities could be expanded to address all threats at the perimeter, reducing the reliance on endpoint detection and response systems.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Principle Architect at a tech services company with 11-50 employees

Global reach allows deployment of apps and services closer to users worldwide, but data sovereignty concerns exist and region selection must align with compliance requirements.

Enterprise Architect at Wipro Limited

I encountered several issues while trying to create solutions for this advanced version, which seem unrelated to query or data issues.

Subhayu Chakraborty

System Engineer at Infosys

High data ingestion costs can be an issue, especially for large enterprises, as Splunk charges based on the amount of data processed.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

Setup Cost

Palo Alto Networks Advanced Threat Prevention is costly but valued for strong threat detection, with pricing challenging for smaller businesses.

Splunk User Behavior Analytics pricing is perceived as complex and expensive, influenced by data volume, licensing, and integration needs.

Palo Alto Networks Advanced Threat Prevention requires an add-on license and is considered expensive compared to competitors like Cisco AMP and FortiGate firewalls.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Principle Architect at a tech services company with 11-50 employees

Reserved instances with one or three-year commitments offer lower rates, providing up to 70% savings.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

Compared to all other products in the market, it is the most expensive one in all aspects including professional service and licenses, even the cloud version.

Ahmed Naguib

Director at Techpace

Comparing with the competitors, it's a bit expensive.

Mohammed Hassan

Regional Director at iSecureMind

Valuable Features

Palo Alto Networks excels in threat prevention with features like sandboxing, machine learning, and user-friendly design, enhancing efficiency.

Splunk User Behavior Analytics offers advanced threat detection, real-time data collection, and customizable dashboards for enhanced monitoring and decision-making.

As traditional signature-based mechanisms become less effective due to the evolving nature of attacks, this solution's focus on behavioral analysis is crucial.

Principle Architect at a tech services company with 11-50 employees

We are satisfied with the analytic capabilities of Palo Alto Networks Advanced Threat Prevention, especially the reporting features available in the Palo Alto portal in terms of their application visibility interface, which is very good for us to get visibility on all critical applications and the associated users, as well as the risks associated with every category of traffic.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Global Network Tech Lead at a tech vendor with 10,001+ employees

I also utilize it for anomaly detection and behavior analysis, particularly using Splunk's machine learning environment.

AnupChapalgaonkar

Cloud Solution Architect at Tech Mahindra Limited

The dashboards themselves are nice, very good, and very helpful, but the accuracy of the data or the information that will be presented on the dashboard is something that needs to be questioned.

Ahmed Naguib

Director at Techpace

Features like alerts and auto report generation are valuable.

Subhayu Chakraborty

System Engineer at Infosys

For more quotes and insights, download the Splunk User Behavior Analytics report

Categories and Ranking

Palo Alto Networks Advanced...

Ranking in Intrusion Detection and Prevention Software (IDPS)

10th

Average Rating

8.4

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Splunk User Behavior Analytics

Ranking in Intrusion Detection and Prevention Software (IDPS)

13th

Average Rating

8.2

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (5th)

Mindshare comparison

As of January 2026, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Palo Alto Networks Advanced Threat Prevention is 5.6%, up from 4.9% compared to the previous year. The mindshare of Splunk User Behavior Analytics is 2.1%, up from 1.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS) Market Share Distribution
Product	Market Share (%)
Palo Alto Networks Advanced Threat Prevention	5.6%
Splunk User Behavior Analytics	2.1%
Other	92.3%

Intrusion Detection and Prevention Software (IDPS)

Featured Reviews

Advanced protection enables us to confidently secure against evolving threats

Global Network Tech Lead at a tech vendor with 10,001+ employees

Palo Alto Networks can improve Advanced Threat Prevention by catering to the growing adoption of AI and agentic tooling. The Threat Protection modules should have the necessary intelligence to protect against those types of threats, as AI will be there to do a human job; this is an evolving area. From an Advanced Threat Protection perspective, the technology associated with Palo Alto Networks, such as their sandboxing environment, is quite good. However, Palo Alto needs to focus on how to bring that technology to end users and how easy it is to use, especially in a hybrid environment where users work from various locations. While Palo Alto excels in certain setups, they need to improve the user experience in distributed working conditions.

Read full review

Offers intuitive deployment with strong customer support and advanced analytics features

Enterprise Architect at Wipro Limited

There are improvements that could be made to Splunk User Behavior Analytics as any product will have advantages and disadvantages. Scalability is one consideration. For example, the advantages include rapid auto scaling to meet demand. A disadvantage is that it can lead to cost overrun if not properly factored or governed. The speed of deployment offers faster provisioning as an advantage, but it can require substantial automation skills and infrastructure as code expertise, which can be challenging. Cloud provides major operational benefits such as agility, automation, resilience, and global access when setting up on Cloud. However, it introduces challenges such as cost control, complexity, and vendor dependency. For example, global reach allows deployment of apps and services closer to users worldwide, but data sovereignty concerns exist and region selection must align with compliance requirements.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

879,711 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

11%

Financial Services Firm

Manufacturing Company

Government

Computer Software Company

18%

Financial Services Firm

Government

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	9
Midsize Enterprise	4
Large Enterprise	14

By reviewers
Company Size	Count
Small Business	7
Midsize Enterprise	5
Large Enterprise	12

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?

Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would prefer Arbor.

What is your experience regarding pricing and costs for Palo Alto Networks Threat Prevention?

Palo Alto Networks Advanced Threat Prevention requires an add-on license and is considered expensive compared to competitors like Cisco AMP and FortiGate ( /products/fortinet-fortigate-reviews ) fi...

What needs improvement with Palo Alto Networks Threat Prevention?

What do you like most about Splunk User Behavior Analytics?

The solution's most valuable feature is Splunk queries, which allow us to query the logs and analyze the attack vectors.

What is your experience regarding pricing and costs for Splunk User Behavior Analytics?

Splunk User Behavior Analytics is a premium product. Compared to all other products in the market, it is the most expensive one in all aspects including professional service and licenses, even the ...

What needs improvement with Splunk User Behavior Analytics?

Splunk User Behavior Analytics is still an immature product, so it still needs some R&D to be able to be mature in the market. The prediction, algorithms, and ML codes behind Splunk User Behavi...

Darktrace vs Palo Alto Networks Advanced Threat Prevention

Comparisons

Compared 11% of the time

Forcepoint Next Generation Firewall vs Palo Alto Networks Advanced Threat Prevention

Compared 9% of the time

Fortinet FortiGate vs Palo Alto Networks Advanced Threat Prevention

Compared 9% of the time

Check Point IPS vs Palo Alto Networks Advanced Threat Prevention

Compared 7% of the time

Palo Alto Networks URL Filtering with PAN-DB vs Palo Alto Networks Advanced Threat Prevention

Compared 7% of the time

More Palo Alto Networks Advanced Threat Prevention Competitors

Microsoft Purview Insider Risk Management vs Splunk User Behavior Analytics

Compared 36% of the time

Exabeam vs Splunk User Behavior Analytics

Compared 6% of the time

Darktrace vs Splunk User Behavior Analytics

Compared 5% of the time

Dtex Systems vs Splunk User Behavior Analytics

Compared 4% of the time

Gurucul UEBA vs Splunk User Behavior Analytics

Compared 4% of the time

More Splunk User Behavior Analytics Competitors

Product Reports

Palo Alto Networks Advanced Threat Prevention

Download Palo Alto Networks Advanced Threat Prevention product report

Palo Alto Networks Advanced Threat Prevention report

Splunk User Behavior Analytics

Download Splunk User Behavior Analytics product report

Also Known As

No data available

Caspida, Splunk UBA

Overview

Palo Alto Networks Advanced Threat Prevention is a cloud-based security service that combines cutting-edge technologies, including machine learning, artificial intelligence, and expert human monitoring, to effectively thwart advanced threats like malware, zero-day attacks, and command-and-control threats. It offers inline protection, scrutinizing all network traffic irrespective of port, protocol, or encryption. An integral component of Palo Alto Networks' security platform, it enjoys widespread adoption across diverse organizations. With its robust security capabilities, it's an ideal choice for entities of all sizes, particularly those in high-risk sectors such as finance, healthcare, and government agencies, seeking to safeguard their networks from a broad spectrum of advanced threats.

Palo Alto Networks

Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.

Splunk

Sample Customers

University of Arkansas, JBG SMITH, SkiStar AB, TRI-AD, Temple University, Telkom Indonesia

8 Securities, AAA Western, AdvancedMD, Amaya, Cerner Corporation, CJ O Shopping, CloudShare, Crossroads Foundation, 7-Eleven Indonesia

Palo Alto Networks Advanced Threat Prevention vs. Splunk User Behavior Analytics