We changed our name from IT Central Station: Here's why

Splunk User Behavior Analytics OverviewUNIXBusinessApplication

Splunk User Behavior Analytics is #2 ranked solution in top Anomaly Detection Tools, #6 ranked solution in top User Behavior Analytics - UEBA tools, and #11 ranked solution in top Intrusion Detection and Prevention Software. PeerSpot users give Splunk User Behavior Analytics an average rating of 8 out of 10. Splunk User Behavior Analytics is most commonly compared to Darktrace: Splunk User Behavior Analytics vs Darktrace. The top industry researching this solution are professionals from a computer software company, accounting for 25% of all views.
What is Splunk User Behavior Analytics?
Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics – for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.

Splunk User Behavior Analytics was previously known as Caspida, Splunk UBA.

Buyer's Guide

Download the Intrusion Detection and Prevention Software (IDPS) Buyer's Guide including reviews and more. Updated: January 2022

Splunk User Behavior Analytics Customers
8 Securities, AAA Western, AdvancedMD, Amaya, Cerner Corporation, CJ O Shopping, CloudShare, Crossroads Foundation, 7-Eleven Indonesia
Splunk User Behavior Analytics Video

Splunk User Behavior Analytics Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Global Engineer at a financial services firm with 10,001+ employees
Real User
Top 10
Stable, with good automation capabilities, however, we want to be able to automate even more
Pros and Cons
  • "The product is at the forefront of auto-remediation networking. It's great."
  • "Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes."

What is our primary use case?

We use the solution to feed telemetry data from the network into the collective for display-only. We haven't yet come to a point where we have decided on the process of the status for subsequent operational automation. 

What is most valuable?

The automation is very good.

The product is at the forefront of auto-remediation networking. It's great.

The pricing of the solution is very reasonable.

What needs improvement?

Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes.  

For how long have I used the solution?

I've been using the solution for one year at this point.

What do I think about the stability of the solution?

The solution, from what I have witnessed, is stable. There aren't bugs or glitches. It doesn't crash or freeze. A company can rely on its performance.

What do I think about the scalability of the solution?

The scalability is pretty good. A company that wants to expand it out shouldn't have an issue doing so.

There's a handful of people on it at my organization. We have maybe ten users on it in total. They are mostly admins and engineers. We do have plans to continue to use the solution.

How are customer service and technical support?

Technical support has been adequate. We aren't blown away by amazing service, however, they do help if we need them to. I personally haven't had any direct contact with them.

Which solution did I use previously and why did I switch?

We didn't previously use a different product. We're rather new to automation and Splunk in general.

How was the initial setup?

The solution doesn't have a complex setup. It's rather straightforward. 

If you are talking of simply spinning off a container, it's very easy.

The complexity should be on the workflow. It's also the most time-consiuming process. For example, how do you handle this incident? It has to be very careful to ensure you don't have false positives that could mistakenly trigger actions. That can to be the most costly mistake. Other than that, a lot of products you can acquire from open source.

What about the implementation team?

There were a few of us that were tained specifically for the implementation. There were a number of us to speed up the process in order to get automation happening quickly for hte company. 

What's my experience with pricing, setup cost, and licensing?

The solution isn't overly expensive. It's quite affordable. It's not the priciest option on the market. I'm not sure of the exact cost as its not an aspect of the solution I directly deal with.

What other advice do I have?

We're simply customers. We don't have a business relationship with Splunk.

We're using the latest version of the solution. I'm not sure of the exact version number.

I'd recommend the solution to other companies.

On a scale from one to ten, I'd rate it at a seven. If the cost was more reasonable, I might rate it a bit higher. It's not too expensive, but it could always be better.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner at a computer software company with 11-50 employees
Real User
Top 20
Stable with good dashboards and a free demo version
Pros and Cons
  • "The solution appears to be stable, although we haven't used it heavily."
  • "I'm not aware of any lacking features."

What is our primary use case?

We do technical training and so we do training on the platform. We deploy it on our lab machines for students.

What is most valuable?

We're building some Splunk dashboards with it and it's useful.

We're currently monitoring students' log in, log out and verifying how they can collect the information. It's a good system for a learning environment. 

We're not specifically using it, we're doing training on it.

The solution appears to be stable, although we haven't used it heavily.

You can use the demo version in order to try the solution for free.

What needs improvement?

I'm not aware of any lacking features. 

For how long have I used the solution?

I've been using the solution for six years. 

What do I think about the stability of the solution?

We don't generate enough data to know whether it's reliable or not.

That said, with the small usage that we do utilize, it's pretty stable.

How are customer service and support?

I've never dealt with technical support. I cannot rate their services or speak to how helpful or responsive they are.

Which solution did I use previously and why did I switch?

We did not previously use a different solution before choosing Splunk. 

How was the initial setup?

The initial setup is pretty straightforward. It's a couple of scripts you run. It's pretty easy.

What's my experience with pricing, setup cost, and licensing?

We simply use the free demo version of the product. We do not pay any licensing fees at this time. 

What other advice do I have?

We're just end-users. We don't have a business relationship with Splunk.

I'm not sure what version of the solution we are on currently. I believe it's about a year and a half or so old.

This product is the easiest way to check if the work's correct.

It works well. It does what we need it to. I'd rate it a ten out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Find out what your peers are saying about Splunk, Darktrace, Cisco and others in Intrusion Detection and Prevention Software (IDPS). Updated: January 2022.
564,599 professionals have used our research since 2012.
Sr. CyberSecurity Solutions Architect at a security firm with 11-50 employees
Real User
Top 20
Good support, stable, and provides good security

What is our primary use case?

We are a cybersecurity vendor and Splunk is the main product that we work with. We are predominantly a Splunk shop. We sell security solutions, so our primary use case for Splunk UBA is security.

What is most valuable?

This is a good security product.

What needs improvement?

The price of Splunk UBA is too high.

For how long have I used the solution?

I have been working with Splunk UBA at this company for the past year.

What do I think about the stability of the solution?

Everything that Splunk does is great, as far as stability.

What do I think about the scalability of the solution?

Scalability is excellent on all Splunk products that I've dealt with.

How are customer service and technical support?

The technical support is excellent. …

What is our primary use case?

We are a cybersecurity vendor and Splunk is the main product that we work with. We are predominantly a Splunk shop. We sell security solutions, so our primary use case for Splunk UBA is security.

What is most valuable?

This is a good security product.

What needs improvement?

The price of Splunk UBA is too high.

For how long have I used the solution?

I have been working with Splunk UBA at this company for the past year.

What do I think about the stability of the solution?

Everything that Splunk does is great, as far as stability.

What do I think about the scalability of the solution?

Scalability is excellent on all Splunk products that I've dealt with.

How are customer service and technical support?

The technical support is excellent.

What other advice do I have?

The biggest lesson that I have learned from working with this product is that it is priced high, and you can achieve much of what it does through other methods. That combination makes it hard to sell.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Intrusion Detection and Prevention Software (IDPS) Report and find out what your peers are saying about Splunk, Darktrace, Cisco, and more!