Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics comparison

Palo Alto Networks Advanced Threat Prevention vs. Splunk User Behavior Analytics

Download the complete report

Helped 892,646 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

ROI

Sentiment score

5.7

Palo Alto Networks Advanced Threat Prevention offers financial benefits and high user satisfaction despite its cost, boosting revenues, especially in Italy.

Sentiment score

5.9

Splunk User Behavior Analytics improves productivity and ROI, with significant investment offset by enhanced data integration and strategic implementation.

It offers insights into security threats, despite the inability to quantify its impact in numbers.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Principal Infrastructure Architect - Network Security at a tech services company with 10,001+ employees

The solution can save costs by improving incident resolution times and reducing security incident costs.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

Customer Service

Sentiment score

5.9

Palo Alto Networks' support is praised for expertise but faces inconsistent response times and communication challenges with third-party facilitation.

Sentiment score

6.8

Splunk User Behavior Analytics support is generally well-rated, with satisfaction varying by support tier and community resources valued.

I rate technical support from Palo Alto as eight out of ten.

Principal Infrastructure Architect - Network Security at a tech services company with 10,001+ employees

I have proof of this rating - when I escalate a case, I receive a reply from TAC support after two days.

Nasir Akbar

Presales Engineer at SAUDI PARAMOUNT COMPUTER SYSTEMS

Overall, I find the technical support from Palo Alto Networks quite good, although getting a hold of the TAC can be challenging and sometimes requires long phone calls.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Global Network Tech Lead at a tech vendor with 10,001+ employees

Mission-critical offering a dedicated team, proactive monitoring, and fast resolution.

Enterprise Architect at Wipro Limited

From the responsiveness perspective, Splunk is very responsive with SLA-bound support for premium tiers.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

I would rate their technical support as 8.5 out of 10.

Ahmed Naguib

Director at Techpace

Scalability Issues

Sentiment score

7.7

Palo Alto Networks Advanced Threat Prevention is scalable, adaptable, and efficient, though cost may constrain its broad deployment.

Sentiment score

7.3

Splunk User Behavior Analytics excels in scalability, supporting vast data and devices, despite some storage limitations for long-term logs.

Palo Alto Networks Advanced Threat Prevention is scalable and works well wherever enforcement points exist.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Principal Infrastructure Architect - Network Security at a tech services company with 10,001+ employees

Splunk User Behavior Analytics is highly scalable, designed for enterprise scalability, allowing expansion of data ingestion, indexing, and search capabilities as log volumes grow.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

Stability Issues

Sentiment score

7.7

Palo Alto Networks Advanced Threat Prevention is praised for its superior stability and performance, though requires careful version selection.

Sentiment score

7.9

Splunk User Behavior Analytics is stable, reliable, and user-friendly, excelling in enterprise environments with high log volumes.

Proper sizing of the firewall models ensures that the system does not experience crippling performance issues.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Principal Infrastructure Architect - Network Security at a tech services company with 10,001+ employees

With built-in redundancy across zones and regions, 99.9% uptime is achievable.

Enterprise Architect at Wipro Limited

Splunk User Behavior Analytics is a one hundred percent stable solution.

AnupChapalgaonkar

Cloud Solution Architect at Tech Mahindra Limited

Splunk User Behavior Analytics is highly stable and reliable, even in large-scale enterprise environments with high log injection rates.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

Room For Improvement

Palo Alto Networks needs improvements in email filtering, setup ease, user experience, support services, and enhanced security features.

Splunk User Behavior Analytics needs enhancements in dashboards, integration, pricing, support, automation, machine learning, configuration, and storage management.

Palo Alto needs to focus on how to bring that technology to end users and how easy it is to use, especially in a hybrid environment where users work from various locations.

Global Network Tech Lead at a tech vendor with 10,001+ employees

The behavioral detection capabilities could be expanded to address all threats at the perimeter, reducing the reliance on endpoint detection and response systems.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Principal Infrastructure Architect - Network Security at a tech services company with 10,001+ employees

Global reach allows deployment of apps and services closer to users worldwide, but data sovereignty concerns exist and region selection must align with compliance requirements.

Enterprise Architect at Wipro Limited

I encountered several issues while trying to create solutions for this advanced version, which seem unrelated to query or data issues.

Subhayu Chakraborty

System Engineer at Infosys

High data ingestion costs can be an issue, especially for large enterprises, as Splunk charges based on the amount of data processed.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

Setup Cost

Palo Alto Networks Advanced Threat Prevention is costly but valued for strong threat detection, with pricing challenging for smaller businesses.

Splunk User Behavior Analytics is costly, with pricing based on processed data, transitioning to subscription models, and includes additional costs.

Palo Alto Networks Advanced Threat Prevention requires an add-on license and is considered expensive compared to competitors like Cisco AMP and FortiGate firewalls.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Principal Infrastructure Architect - Network Security at a tech services company with 10,001+ employees

Reserved instances with one or three-year commitments offer lower rates, providing up to 70% savings.

For more quotes and insights, download the Splunk User Behavior Analytics report

Enterprise Architect at Wipro Limited

Compared to all other products in the market, it is the most expensive one in all aspects including professional service and licenses, even the cloud version.

Ahmed Naguib

Director at Techpace

Comparing with the competitors, it's a bit expensive.

Mohammed Hassan

Regional Director at iSecureMind

Valuable Features

Palo Alto Networks excels in threat prevention with features like sandboxing, machine learning, and user-friendly design, enhancing efficiency.

Splunk User Behavior Analytics offers advanced threat detection, scalability, and integration for robust security and data analysis solutions.

As traditional signature-based mechanisms become less effective due to the evolving nature of attacks, this solution's focus on behavioral analysis is crucial.

Principal Infrastructure Architect - Network Security at a tech services company with 10,001+ employees

We are satisfied with the analytic capabilities of Palo Alto Networks Advanced Threat Prevention, especially the reporting features available in the Palo Alto portal in terms of their application visibility interface, which is very good for us to get visibility on all critical applications and the associated users, as well as the risks associated with every category of traffic.

For more quotes and insights, download the Palo Alto Networks Advanced Threat Prevention report

Global Network Tech Lead at a tech vendor with 10,001+ employees

I also utilize it for anomaly detection and behavior analysis, particularly using Splunk's machine learning environment.

AnupChapalgaonkar

Cloud Solution Architect at Tech Mahindra Limited

The dashboards themselves are nice, very good, and very helpful, but the accuracy of the data or the information that will be presented on the dashboard is something that needs to be questioned.

Ahmed Naguib

Director at Techpace

Features like alerts and auto report generation are valuable.

Subhayu Chakraborty

System Engineer at Infosys

For more quotes and insights, download the Splunk User Behavior Analytics report

Categories and Ranking

Palo Alto Networks Advanced...

Ranking in Intrusion Detection and Prevention Software (IDPS)

9th

Average Rating

8.4

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Splunk User Behavior Analytics

Ranking in Intrusion Detection and Prevention Software (IDPS)

12th

Average Rating

8.2

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (4th)

Mindshare comparison

As of May 2026, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Palo Alto Networks Advanced Threat Prevention is 4.8%, down from 5.3% compared to the previous year. The mindshare of Splunk User Behavior Analytics is 2.9%, up from 1.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS) Mindshare Distribution
Product	Mindshare (%)
Palo Alto Networks Advanced Threat Prevention	4.8%
Splunk User Behavior Analytics	2.9%
Other	92.3%

Intrusion Detection and Prevention Software (IDPS)

Featured Reviews

Advanced protection enables us to confidently secure against evolving threats

Global Network Tech Lead at a tech vendor with 10,001+ employees

Palo Alto Networks can improve Advanced Threat Prevention by catering to the growing adoption of AI and agentic tooling. The Threat Protection modules should have the necessary intelligence to protect against those types of threats, as AI will be there to do a human job; this is an evolving area. From an Advanced Threat Protection perspective, the technology associated with Palo Alto Networks, such as their sandboxing environment, is quite good. However, Palo Alto needs to focus on how to bring that technology to end users and how easy it is to use, especially in a hybrid environment where users work from various locations. While Palo Alto excels in certain setups, they need to improve the user experience in distributed working conditions.

Read full review

Offers intuitive deployment with strong customer support and advanced analytics features

Enterprise Architect at Wipro Limited

There are improvements that could be made to Splunk User Behavior Analytics as any product will have advantages and disadvantages. Scalability is one consideration. For example, the advantages include rapid auto scaling to meet demand. A disadvantage is that it can lead to cost overrun if not properly factored or governed. The speed of deployment offers faster provisioning as an advantage, but it can require substantial automation skills and infrastructure as code expertise, which can be challenging. Cloud provides major operational benefits such as agility, automation, resilience, and global access when setting up on Cloud. However, it introduces challenges such as cost control, complexity, and vendor dependency. For example, global reach allows deployment of apps and services closer to users worldwide, but data sovereignty concerns exist and region selection must align with compliance requirements.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

892,646 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

Performing Arts

Comms Service Provider

Manufacturing Company

Financial Services Firm

11%

Computer Software Company

Government

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	4
Large Enterprise	15

By reviewers
Company Size	Count
Small Business	7
Midsize Enterprise	6
Large Enterprise	12

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?

Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would prefer Arbor.

What is your experience regarding pricing and costs for Palo Alto Networks Threat Prevention?

Palo Alto Networks Advanced Threat Prevention requires an add-on license and is considered expensive compared to competitors like Cisco AMP and FortiGate ( /products/fortinet-fortigate-reviews ) fi...

What needs improvement with Palo Alto Networks Threat Prevention?

What do you like most about Splunk User Behavior Analytics?

The solution's most valuable feature is Splunk queries, which allow us to query the logs and analyze the attack vectors.

What is your experience regarding pricing and costs for Splunk User Behavior Analytics?

Splunk User Behavior Analytics is a premium product. Compared to all other products in the market, it is the most expensive one in all aspects including professional service and licenses, even the ...

What needs improvement with Splunk User Behavior Analytics?

Splunk User Behavior Analytics is still an immature product, so it still needs some R&D to be able to be mature in the market. The prediction, algorithms, and ML codes behind Splunk User Behavi...

Darktrace vs Palo Alto Networks Advanced Threat Prevention

Comparisons

Compared 10% of the time

Vectra AI vs Palo Alto Networks Advanced Threat Prevention

Compared 8% of the time

TrendAI Tipping Point vs Palo Alto Networks Advanced Threat Prevention

Compared 7% of the time

Trellix Intrusion Prevention System vs Palo Alto Networks Advanced Threat Prevention

Compared 7% of the time

Cisco Sourcefire SNORT vs Palo Alto Networks Advanced Threat Prevention

Compared 5% of the time

More Palo Alto Networks Advanced Threat Prevention Competitors

Microsoft Purview Insider Risk Management vs Splunk User Behavior Analytics

Compared 9% of the time

Exabeam vs Splunk User Behavior Analytics

Compared 8% of the time

Dtex Systems vs Splunk User Behavior Analytics

Compared 6% of the time

Coralogix vs Splunk User Behavior Analytics

Compared 5% of the time

Cisco Sourcefire SNORT vs Splunk User Behavior Analytics

Compared 3% of the time

More Splunk User Behavior Analytics Competitors

Product Reports

Palo Alto Networks Advanced Threat Prevention

Download Palo Alto Networks Advanced Threat Prevention product report

Palo Alto Networks Advanced Threat Prevention report

Splunk User Behavior Analytics

Download Splunk User Behavior Analytics product report

Also Known As

No data available

Caspida, Splunk UBA

Overview

Palo Alto Networks Advanced Threat Prevention provides comprehensive security with application control, real-time threat detection, and seamless integration with cloud services. Known for its high performance and ease of use, it addresses diverse security challenges for modern organizations.

Palo Alto Networks Advanced Threat Prevention integrates machine learning, behavioral analysis, anti-malware protection, and WildFire sandboxing to deliver proactive defense against threats. Its features include advanced firewall capabilities, comprehensive bandwidth management, and robust reporting. Integration with cloud-based URL filtering enhances organizational security efforts. While the tool offers significant protection, areas like pricing, ease of use, false positive management, and documentation clarity require improvement. Expanding AI capabilities and optimizing support will enhance threat prevention and user experience.

What are the most important features?

Application Control: Provides precise control over applications to reduce risks and ensure compliance.
Real-Time Threat Detection: Identifies and mitigates threats instantly for proactive security.
Machine Learning: Enhances threat prediction and detection by analyzing patterns.
WildFire Sandboxing: Offers advanced malware analysis and prevention.
Cloud-Based URL Filtering: Enhances network security by filtering web traffic.

What benefits should users look for?

High Performance: Ensures efficient threat interception with minimal latency.
Ease of Use: Offers a user-friendly experience with intuitive interfaces.
Comprehensive Security: Provides thorough protection through multi-layered security features.
Effective Reporting: Delivers detailed insights for better decision-making.

Palo Alto Networks Advanced Threat Prevention is implemented across industries for server protection and LAN/WAN traffic security, providing solutions for network testing and application control. Organizations benefit from features like GlobalProtect VPN, anti-spyware, and vulnerability protections, ensuring security through efficient deployment both on-premises and in the cloud.

Palo Alto Networks

Splunk User Behavior Analytics focuses on data aggregation and threat detection with automation, deepening insights into user behavior. It offers usability, stability, and strong integration capabilities, making it a preferred choice for organizations needing comprehensive security management.

This platform enhances security management through customizable dashboards and real-time updates. Advanced analytics for anomaly detection and behavioral profiling, coupled with powerful indexing and search capabilities, enable thorough user behavior analysis. Users experience streamlined integration with Active Directory and other monitoring tools. However, improvements are needed in dashboard customization, customer support, and analytics tools to boost user experience. Organizations use Splunk User Behavior Analytics primarily for monitoring and analyzing user behavior, integrating various data sources for effective threat detection while maintaining governance.

What are the key features of Splunk User Behavior Analytics?

Data Aggregation: Consolidates data from multiple sources for comprehensive analysis.
Threat Detection: Utilizes automation and analytics for identifying potential threats.
Customizable Dashboards: Offers personalized views and real-time updates.
Integration Capabilities: Seamless integration with Active Directory and other tools.
Advanced Analytics: Includes anomaly detection and behavioral profiling.

What benefits and ROI should organizations expect?

Enhanced Security: Improved threat detection and management.
Scalability: Suitable for large-scale environments with broad applications.
Efficient Operations: User-friendly platform with powerful indexing and search.
Automation Features: Automated processes reduce manual efforts in threat detection.

Splunk User Behavior Analytics is widely implemented across industries for threat detection and insider threat identification. By integrating with tools like Active Directory for monitoring and anomaly detection, organizations benefit from robust security management and effective log analysis. It underpins efforts in security, data indexing, and combining data for comprehensive threat prevention.

Splunk

Sample Customers

University of Arkansas, JBG SMITH, SkiStar AB, TRI-AD, Temple University, Telkom Indonesia

8 Securities, AAA Western, AdvancedMD, Amaya, Cerner Corporation, CJ O Shopping, CloudShare, Crossroads Foundation, 7-Eleven Indonesia

Palo Alto Networks Advanced Threat Prevention vs. Splunk User Behavior Analytics