2020-02-12T17:16:43Z
it_user434868 - PeerSpot reviewer
Senior Director of Delivery at a tech services company with 51-200 employees
  • 0
  • 6

What advice do you have for others considering Splunk Phantom?

If you were talking to someone whose organization is considering Splunk Phantom, what would you say?

How would you rate it and why? Any other tips or advice?

8
PeerSpot user
8 Answers
Norman Freitag - PeerSpot reviewer
Account-Manager at Consist ITU Environmental Software GmbH
Real User
Top 5
2022-08-12T12:06:36Z
Aug 12, 2022

We install the solution for our customers and use the solution as well. We're an implementor. I'd advise new users to start at a small scale, since you have to learn about it. You can't implement it with a big bang. You must really go through it and do your homework. You have to have your backup plans, you have to have a real transparent view of your IT landscape. If you have this and your logs are quite good and the playbooks are implemented properly, then you can really scale up. You just have to do it step by step, as it's a bit of a learning curve that you have to go through. I'd rate the solution eight out of ten.

Search for a product comparison
Tarun Singh - PeerSpot reviewer
Manager Project Management at HCL Technologies
Real User
Top 5
2022-06-02T08:01:54Z
Jun 2, 2022

I rate Splunk Phantom an eight out of ten.

Filip Stojkovski - PeerSpot reviewer
VP - Security Automation Lead at a financial services firm with 10,001+ employees
Real User
Top 10
2022-04-11T12:26:57Z
Apr 11, 2022

My advice to others is they will need some Python developers for Splunk Phantom because it's not possible to only throw some blocks of Python code and it will work. You will need some experienced Python developers if you want to work with this platform. I rate Splunk Phantom a nine out of ten.

MO
Cyber Security Solution Architect at a tech services company with 11-50 employees
Real User
Top 20
2021-04-26T15:04:26Z
Apr 26, 2021

I would recommend this solution, but it also depends on the price. Splunk is number one for SIEM or SOAR. Another solution that I would recommend is Palo Alto XSOAR. I would rate Splunk Phantom a nine out of ten.

HariHaran - PeerSpot reviewer
Technical Analyst at a tech vendor with 11-50 employees
Real User
Top 10
2021-01-22T22:52:15Z
Jan 22, 2021

We have a business relationship with Splunk. We're partners. We're using the solution on our VM and also on our database cloud. I'd recommend the solution to other organizations. Compared to other products, Phantom seems to be easy to use and the ability to customize is high. Compared to the older version, the newer version is very customizable. We can very easily create custom functions. The UI looks good and is also improved. I would rate the solution eight out of ten.

Abhinav Roy - PeerSpot reviewer
Senior Data Analyst at a financial services firm with 10,001+ employees
Real User
2020-08-23T08:17:28Z
Aug 23, 2020

I'm not sure which version of the solution we're currently using. If a company wants to automate redundant work, this solution is perfect for that. Very specific processes can be easily automated to save time. That way, analysts can invest their time elsewhere. Phantom is one of the great tools for reducing redundancies. I'd rate the solution eight out of ten.

Learn what your peers think about Splunk Phantom. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
657,397 professionals have used our research since 2012.
SA
Technical Lead at Paladion Networks
Real User
2020-04-30T10:58:00Z
Apr 30, 2020

It's important to know your customer's requirements so you can choose the correct solution. The budget also needs to be taken into account. Most customer's budgets suit a Splunk solution whereas RSA is much more expensive. I would rate Splunk Phantom a seven out of 10.

Al Sedghi - PeerSpot reviewer
Chief Technology Officer at Globalnet Research Corporation
Reseller
Top 10
2020-02-12T17:16:43Z
Feb 12, 2020

My advice to anybody who is considering this solution is to first really understand the requirements that you have, well enough. You need to identify and understand the data sources that you need, prior to purchase, to ensure that there is a need and also that there are no issues with incompatibility or connectivity. You also need to have the right resources to assess, implement, or oversee the implementation. You're going into an environment that requires a little bit of understanding of artificial intelligence because the SOAR platform requires setting up some rules. You also need to have a technical support group in-house to be able to help, otherwise, you would be dependent on Splunk for assistance. Overall, this product is fairly good but it's not quite mature yet. It needs some enhancement and some stabilization in some areas. I would rate this solution an eight out of ten.

Related Questions
WM
User at VAE-MARMARA8
Apr 16, 2021
Hi peers, I'm looking for a technical comparison between Splunk Phantom SOAR and FireEye SOAR solutions. Can anyone help with the insights?
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
Aug 12, 2022
How do you or your organization use this solution? Please share with us so that your peers can learn from your experiences. Thank you!
2 out of 8 answers
Al Sedghi - PeerSpot reviewer
Chief Technology Officer at Globalnet Research Corporation
Feb 12, 2020
We are a consulting firm and this is a solution that we use for ourselves, as well as implement it for our customers. Our use case is to establish a platform for threat analysis across different data sources that we have in the company. Essentially, it is an orchestration platform and we want to make sure that we can tie into different endpoints or data sources from which traffic originates. We need to then detect and analyze threats.
SA
Technical Lead at Paladion Networks
Apr 30, 2020
Our primary use case of the solution is for fine tuning. We provide professional services for our customers to enhance their ability to use the functionalities of Splunk. We're integrators of the solution.
Related Articles
Janet Staver - PeerSpot reviewer
Tech Blogger
May 16, 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Security Orchestration Automation and Re...
Related Articles
Janet Staver - PeerSpot reviewer
Tech Blogger
May 16, 2022
Top Security Orchestration Automation and Response (SOAR) Solutions
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to...
Download Free Report
Download our free Splunk Phantom Report and get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
DOWNLOAD NOW
657,397 professionals have used our research since 2012.