• Home
  • Securonix UEBA vs. Splunk Enterprise Security

Securonix UEBA vs Splunk Enterprise Security comparison

Cancel
You must select at least 2 products to compare!
Securonix Solutions Logo
Securonix UEBA
Read 3 Securonix UEBA reviews
793 views|531 comparisons
100% willing to recommend
Splunk Logo
Splunk Enterprise Security
Read 235 Splunk Enterprise Security reviews
24,689 views|20,244 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
User Entity Behavior Analytics (UEBA)
April 2024
Executive Summary

We performed a comparison between Securonix UEBA and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out what your peers are saying about IBM, Splunk, Rapid7 and others in User Entity Behavior Analytics (UEBA).
To learn more, read our detailed User Entity Behavior Analytics (UEBA) Report (Updated: April 2024).
Download the complete report
770,141 professionals have used our research since 2012.
Featured Review
Anonymous User
Inbuilt detection algorithms, attentive technical support, and reasonably priced
Sagar Shubham
Helps improve our incident response time, and provides great visibility, but the deployment is complex
Splunk Enterprise Security excels at threat detection. We've developed multiple correlation searches leveraging security data. These searches... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The feature dashboard is very well organized and intuitive to use. It organizes information on a timeline which is exactly what we need for insider threat future-analysis.""Their user and entity behavior analysis algorithms are the most valuable features.""One of the most valuable features is UEBA. It's pretty helpful for us to make sure of our thresholds for any of our clients."

More Securonix UEBA Pros →

"The initial setup is pretty straightforward.""There are a lot of third-party applications that can be installed.""The most valuable feature of Splunk Enterprise Security is website activity monitoring.""Recently, Splunk upgraded to version 9.0.02, which includes excellent data dashboards and visualization effects.""We can quickly search for almost anything across many log sources in seconds.""We were able to create a catalog of dashboards and have a holistic view at all levels. We could understand our business much better. Real-time errors, which were buried in emails before now, surfaced up on dashboards.""This solution helps us increase our productivity.""The most valuable features for us include its robust log management capabilities, which allow us to efficiently handle and retain logs for extended periods as needed."

More Splunk Enterprise Security Pros →

Cons
"The area that needs improvement is reporting.""When compared to others, if you look at the integration aspect, I believe that some aspects of integration can be enhanced.""There is room for improvement in the algorithms. Although I said that we have a very solid starting point - our existing library is already very comprehensive - we constantly find areas where we need to develop new algorithms. That is common across platforms. Any vendor with a solid starting point would still need to continue to evolve."

More Securonix UEBA Cons →

"Most of my interaction is with the user community, which is how Splunk wants it. When I need help, that community is very hit or miss.""This is a costly solution.""It is important to make sure that everything is built off of the threat models and all the underlying items within Splunk.""If you have to do your own stuff, such as customized charts, it is a little bit more work, but once you're familiar with the Splunk query language, you can pretty much do whatever you want. In terms of features, it should probably have the features that other competitors provide.""When we do a rollout from the server or host or anything, we'd like to see more automation. It would save us time.""If you monitor too much, you can lose performance on your systems.""The product's price may be an area of concern where improvements are required.""Its pricing is extremely high. There are other tools out in the market that are competitive. They do not necessarily have all the functionality, but they are competitive. The professional services we have used have been high as well in comparison to the market."

More Splunk Enterprise Security Cons →

Pricing and Cost Advice
  • "Their pricing is pretty comfortable. They will work with you on the cost."
  • "When compared to other solutions, it is less expensive."

    • More Securonix UEBA Pricing and Cost Advice →

  • "Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
  • "Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
  • "It is not cheap."
  • "Splunk Enterprise becomes extremely expensive after the 20GB/month license."
  • "You will eat up whatever you purchase quickly. The level of insights that Splunk empowers is addictive."
  • "Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price."
  • "Pricing is pretty fair."
  • "While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."

    • More Splunk Enterprise Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which User Entity Behavior Analytics (UEBA) solutions are best for your needs.
    See Recommendations
    770,141 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    What are the biggest differences between Securonix UEBA, Exabeam, and IBM...
    Top Answer:It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information… more »
    Read all 2 answers   →
    What do you like most about Securonix UEBA?
    Top Answer:Their user and entity behavior analysis algorithms are the most valuable features.
    Read all 3 answers   →
    What needs improvement with Securonix UEBA?
    Top Answer:When compared to others, if you look at the integration aspect, I believe that some aspects of integration can be enhanced. There are numerous other integrations with various packages that are… more »
    Read all 3 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we… more »
    Read all 2 answers   →
    Ranking
    14th
    out of 43 in User Entity Behavior Analytics (UEBA)
    Views
    793
    Comparisons
    531
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    1st
    out of 80 in Security Information and Event Management (SIEM)
    Views
    24,689
    Comparisons
    20,244
    Reviews
    69
    Average Words per Review
    930
    Rating
    8.4
    Comparisons
    Also Known As
    Securonix User and Entity Behavior Analytics
    Learn More
    Securonix Solutions
    Video Not Available
    Splunk
    Overview

    Securonix User and Entity Behavior Analytics (UEBA) leverages sophisticated machine learning and behavior analytics to analyze and correlate interactions between users, systems, applications, IP addresses, and data. Light, nimble, and quick to deploy, Securonix UEBA detects advanced insider threats, cyber threats, fraud, cloud data compromise, and non-compliance. Built-in automated response playbooks and customizable case management work flows allow your security team to respond to threats quickly, accurately, and efficiently

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Sample Customers
    Pfizer, McKesson, BNY Mellon, New York Life
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    VISITORS READING REVIEWS
    Financial Services Firm16%
    Computer Software Company13%
    Insurance Company9%
    Manufacturing Company8%
    REVIEWERS
    Computer Software Company20%
    Financial Services Firm15%
    Government10%
    Energy/Utilities Company8%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government9%
    Manufacturing Company7%
    Company Size
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise12%
    Large Enterprise69%
    REVIEWERS
    Small Business32%
    Midsize Enterprise12%
    Large Enterprise56%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Buyer's Guide
    User Entity Behavior Analytics (UEBA)
    April 2024
    Download Free Report
    Find out what your peers are saying about IBM, Splunk, Rapid7 and others in User Entity Behavior Analytics (UEBA). Updated: April 2024.
    DOWNLOAD NOW
    770,141 professionals have used our research since 2012.

    Securonix UEBA is ranked 14th in User Entity Behavior Analytics (UEBA) with 3 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 235 reviews. Securonix UEBA is rated 10.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Securonix UEBA writes "Inbuilt detection algorithms, attentive technical support, and reasonably priced". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Securonix UEBA is most compared with IBM Security QRadar, Splunk User Behavior Analytics and ArcSight Analytics, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel.

    We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.