Splunk User Behavior Analytics Reviews

Name: Splunk User Behavior Analytics
Brand: Splunk
Rating: 4 (18 reviews)

4.1 out of 5

18 reviews
100% willing to recommend

870 followers

What is Splunk User Behavior Analytics?

Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.

Get the Splunk User Behavior Analytics Buyer's Guide and find out what your peers are saying about Splunk User Behavior Analytics, Darktrace, Qualys VMDR and more!

Splunk User Behavior Analytics is the #4 ranked solution in top User Entity Behavior Analytics (UEBA) solutions and #16 ranked solution in top Intrusion Detection and Prevention Software. PeerSpot users give Splunk User Behavior Analytics an average rating of 8.2 out of 10. Splunk User Behavior Analytics is most commonly compared to Darktrace: Splunk User Behavior Analytics vs Darktrace. Splunk User Behavior Analytics is popular among the large enterprise segment, accounting for 68% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 14% of all views.

Buyer's Guide

Splunk User Behavior Analytics

September 2024

Get the report

Helped 813,418 peers since 2012

Featured reviews

Sharath Chander

Business Transformation specialist at Verizon

We have an application running for our e-commerce site, and we use Splunk primarily to detect anomalous behavior like false orders and other bot-related threats. Splunk helps us analyze and eliminate threats using machine learning. Splunk is more user-friendly than some competing solutions we…

Read full review

Genrlmgr67

Senior Security Engineer at a government with 1,001-5,000 employees

From my experience and from the security perspective, I recommend this product for all the people that need good security for investigation. The Splunk team and products are good for those purposes. The storage gets better priced with the amount you use. The storage is very expensive if you take some of the license options from the company. We won't be using unlimited storage for how much data will be imported from our bandwidth. I think the unlimited license is good because we will use a lot. On a scale from one to ten when one is the worst and ten is the best, I would rate Splunk User Behavior as a nine. I didn't give them ten because Splunk does not provide something for the professional investigation. There is something that prevents you from using data the way you want to use data for in an investigation. Sometimes with Splunk, we cannot bring the data out in a better form and some users cannot understand it exactly. What I am talking about is options for a more professional investigation, not for normal behaviors. If you want to just look at normal behavior the program will give all you need. But sometimes you need other use cases to see the action.

Read full review

BertDrijver

Consultant at Kienia

We introduced this solution to our customers and requested some dashboards, analytics, statistics, and information to be available through Splunk. However, I'm not proficient in the details and queries. We work at the airport and operate at various levels of management to ensure the quality of…

Read full review

Splunk User Behavior Analytics mindshare

Product category:

As of October 2024, the mindshare of Splunk User Behavior Analytics in the User Entity Behavior Analytics (UEBA) category stands at 10.1%, down from 11.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.

User Entity Behavior Analytics (UEBA)

Key learnings from peers

Valuable Features

"The solution's most valuable feature is Splunk queries, which allow us to query the logs and analyze the attack vectors."
"We are really pleased with Splunk and its features. It would be practically impossible to function without it.To provide a general overview of the system, it's important to note that the standard log files are currently around 250 gigabytes per day. It would be impossible to manually walk through these logs by hand, which is why automation is essential."
"Splunk is more user-friendly than some competing solutions we tried."

Room for Improvement

"It would be good if the solution had an analytics tool that allowed us to analyze the data without writing specific queries."
"If the price was lowered and the setup process was less complex, I would consider rating it higher."
"We want to have an automated system for bot hunting that enables us to detect anomalies predictively based on historical data. It would be helpful if Splunk included process mining as an alternative option. We have a threat workflow, but it would be useful if we could supplement that with some process mining capabilities over time."