Sign in
Categories
Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

Splunk SOAR

Splunk | 5.4.0

Linux/Unix, CentOS 7 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

1 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 1
  • 2 star
    0
  • 1 star
    0

External reviews

7 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Ajith K.

Great tool with features to monitoring logs and resolving threats/issues

  • September 21, 2022
  • Review provided by G2

What do you like best?
Simple and Good UI for monitoring audit logs, identifying threats, and creating automated scripts for resolution.
Features to create dashboards and pivots to visualise data collected.
What do you dislike?
The tool is expensive as the usage cost will be based on the number of log files it indexes and retrieves the data.
What problems is the product solving and how is that benefiting you?
The tool solves problems in threat management, including monitoring and identifying threats, and resolves them with the help of automation by configuring predefined scripts.


    Information Technology and Services

Splunk SOAR beginner review

  • August 31, 2022
  • Review provided by G2

What do you like best?
splunk useful tool to move the logs to single space and analyse digitalize like SOAR will provide seamless automation with logs and you can create a runbook
What do you dislike?
since I am beginner I cannot comment on this. However I am going to start evaluatioin on this on my free time becaus splunk is essential for us and it is alreay there so using SOAR I am trying to value add
What problems is the product solving and how is that benefiting you?
Since I am staring to read about this i can understand it can provide automation on top of our logs


    Animesh R.

Splunk SOAR review

  • July 20, 2022
  • Review provided by G2

What do you like best?
the automated playbook makes the life little bit easier on job.
What do you dislike?
nothing so far, some plugins are still little complicated to configure
What problems is the product solving and how is that benefiting you?
security automation, less human interaction for basic task monitoring


    Manzar A.

Splunk SOAR Review

  • May 10, 2022
  • Review provided by G2

What do you like best?
The Splunk SOAR is quite a capable SOAR platform from Splunk. What I liked most is the level of automation that can be achieved with Splunk SOAR. Also, this
tool is good for both the users who know python and who do not. Most of the automation can be achieved without any coding effort but if SOAR engineer is having python knowledge
a lot of custom automation can be achieved.
What do you dislike?
Integration is quite easy within the Splunk ecosystem but integration with other tools outside Splunk Ecospace is a little tedious job to do and also the documentation is not as reach as it should be.
What problems is the product solving and how is that benefiting you?
Automated investigation and Response.
A lot of time consuming things can be automated and thus reducing the overall effort and time invested by the SOC Analysts.
It improves the overall SLA and also reduce the cost of SOC as less number of SOC Analysts are required.
Recommendations to others considering the product:
I would recommend to do POC with Splunk and Cortex XDR and then decide which one you want to use.


    Mohit G.

Easy Automation with no coding approach

  • September 17, 2021
  • Review provided by G2

What do you like best?
It is a flexible product with many essential and useful features, which along with outstanding customer support, brings the SOC environment to the next level.
The no-code approach to integrations and the ease of setting up playbooks make it stand out.
What do you dislike?
Little expensive, and API and third-party applications integration have room to improve.
What problems is the product solving and how is that benefiting you?
• Improve business process agility
• Create internal/operational efficiencies
• Improve business process outcomes
• Enhance decision making
• Reduce the time and effort of the analyst for making an informed decision on potential attacks.


    Christian Meisch

The password is not the instance ID but...

  • May 13, 2020
  • Review verified by AWS Marketplace

The documentation is wrong with this current ami I believe. The username and password is admin:password for the web front end. SSH I have not been able to go into yet because we only use SSM and the agent is not installed by default. Jury is still out on the rest but at this time it all looks the same as an OVA or a bare metal install.


    Information Technology and Services

Great product to orchestrate security related events and other

  • August 10, 2019
  • Review provided by G2

What do you like best?
Easy to use GUI , you can have with you own add-ons, Many integrations in existing solutions and tools.It is a great orchestration toll which can be used for any kind of orchestration not only security.
What do you dislike?
GUI logic not intuitive. You need to understand the logic before you can use it successfully. Sometime it is too security word focused.
What problems is the product solving and how is that benefiting you?
Fast reaction to identified security events, automation of standard SIEM events and action handling, repeating actions based on events
improve time to resolution
Recommendations to others considering the product:
automation and orchestration will be key for the future. Phantom is a great solution to get there.


    Abhishek V.

Turnaround to Business

  • August 06, 2019
  • Review provided by G2

What do you like best?
It holds nerve center of the security ecosystem, giving teams the insight to quickly detect
and respond to internal and external attacks, simplify threat management minimizing risk, A great product to use for security any organization at any level.
What do you dislike?
Expensive, as it logs size based, more you index more money you have to spend, should be lower in price, there is less to dislike about this product, its all win win for us.
What problems is the product solving and how is that benefiting you?
It Enable us process malware email alerts in seconds and more important to rectify the fake accounts and transactions on bank sites.
Recommendations to others considering the product:
Splunk Enterprise Security is the nerve center of the security ecosystem, giving teams the insight to quickly detect and respond to internal and external attacks, simplify threat management minimizing risk.


showing 1 - 8