External reviews
External reviews are not included in the AWS star rating for the product.
Great tool with features to monitoring logs and resolving threats/issues
What do you like best about the product?
Simple and Good UI for monitoring audit logs, identifying threats, and creating automated scripts for resolution.
Features to create dashboards and pivots to visualise data collected.
Features to create dashboards and pivots to visualise data collected.
What do you dislike about the product?
The tool is expensive as the usage cost will be based on the number of log files it indexes and retrieves the data.
What problems is the product solving and how is that benefiting you?
The tool solves problems in threat management, including monitoring and identifying threats, and resolves them with the help of automation by configuring predefined scripts.
- Leave a Comment |
- Mark review as helpful
Splunk SOAR beginner review
What do you like best about the product?
splunk useful tool to move the logs to single space and analyse digitalize like SOAR will provide seamless automation with logs and you can create a runbook
What do you dislike about the product?
since I am beginner I cannot comment on this. However I am going to start evaluatioin on this on my free time becaus splunk is essential for us and it is alreay there so using SOAR I am trying to value add
What problems is the product solving and how is that benefiting you?
Since I am staring to read about this i can understand it can provide automation on top of our logs
Splunk SOAR review
What do you like best about the product?
the automated playbook makes the life little bit easier on job.
What do you dislike about the product?
nothing so far, some plugins are still little complicated to configure
What problems is the product solving and how is that benefiting you?
security automation, less human interaction for basic task monitoring
Splunk SOAR Review
What do you like best about the product?
The Splunk SOAR is quite a capable SOAR platform from Splunk. What I liked most is the level of automation that can be achieved with Splunk SOAR. Also, this
tool is good for both the users who know python and who do not. Most of the automation can be achieved without any coding effort but if SOAR engineer is having python knowledge
a lot of custom automation can be achieved.
tool is good for both the users who know python and who do not. Most of the automation can be achieved without any coding effort but if SOAR engineer is having python knowledge
a lot of custom automation can be achieved.
What do you dislike about the product?
Integration is quite easy within the Splunk ecosystem but integration with other tools outside Splunk Ecospace is a little tedious job to do and also the documentation is not as reach as it should be.
What problems is the product solving and how is that benefiting you?
Automated investigation and Response.
A lot of time consuming things can be automated and thus reducing the overall effort and time invested by the SOC Analysts.
It improves the overall SLA and also reduce the cost of SOC as less number of SOC Analysts are required.
A lot of time consuming things can be automated and thus reducing the overall effort and time invested by the SOC Analysts.
It improves the overall SLA and also reduce the cost of SOC as less number of SOC Analysts are required.
Recommendations to others considering the product:
I would recommend to do POC with Splunk and Cortex XDR and then decide which one you want to use.
Easy Automation with no coding approach
What do you like best about the product?
It is a flexible product with many essential and useful features, which along with outstanding customer support, brings the SOC environment to the next level.
The no-code approach to integrations and the ease of setting up playbooks make it stand out.
The no-code approach to integrations and the ease of setting up playbooks make it stand out.
What do you dislike about the product?
Little expensive, and API and third-party applications integration have room to improve.
What problems is the product solving and how is that benefiting you?
• Improve business process agility
• Create internal/operational efficiencies
• Improve business process outcomes
• Enhance decision making
• Reduce the time and effort of the analyst for making an informed decision on potential attacks.
• Create internal/operational efficiencies
• Improve business process outcomes
• Enhance decision making
• Reduce the time and effort of the analyst for making an informed decision on potential attacks.
The password is not the instance ID but...
The documentation is wrong with this current ami I believe. The username and password is admin:password for the web front end. SSH I have not been able to go into yet because we only use SSM and the agent is not installed by default. Jury is still out on the rest but at this time it all looks the same as an OVA or a bare metal install.
Great product to orchestrate security related events and other
What do you like best about the product?
Easy to use GUI , you can have with you own add-ons, Many integrations in existing solutions and tools.It is a great orchestration toll which can be used for any kind of orchestration not only security.
What do you dislike about the product?
GUI logic not intuitive. You need to understand the logic before you can use it successfully. Sometime it is too security word focused.
What problems is the product solving and how is that benefiting you?
Fast reaction to identified security events, automation of standard SIEM events and action handling, repeating actions based on events
improve time to resolution
improve time to resolution
Recommendations to others considering the product:
automation and orchestration will be key for the future. Phantom is a great solution to get there.
Turnaround to Business
What do you like best about the product?
It holds nerve center of the security ecosystem, giving teams the insight to quickly detect
and respond to internal and external attacks, simplify threat management minimizing risk, A great product to use for security any organization at any level.
and respond to internal and external attacks, simplify threat management minimizing risk, A great product to use for security any organization at any level.
What do you dislike about the product?
Expensive, as it logs size based, more you index more money you have to spend, should be lower in price, there is less to dislike about this product, its all win win for us.
What problems is the product solving and how is that benefiting you?
It Enable us process malware email alerts in seconds and more important to rectify the fake accounts and transactions on bank sites.
Recommendations to others considering the product:
Splunk Enterprise Security is the nerve center of the security ecosystem, giving teams the insight to quickly detect and respond to internal and external attacks, simplify threat management minimizing risk.
showing 31 - 38