We performed a comparison between Splunk Enterprise Security and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is a one stop shop as a full monitoring and alerting solution for operations and application analysis for most of our back-end systems."
"The graph visualization is the most valuable feature."
"The reporting aspect is good and it does what I need it to do."
"It is very stable. We have not had any problems."
"The solution's most valuable feature is its data modeling."
"Support is quick and competent."
"The security part is useful as it helps secure the entire environment."
"The initial setup is simple, not very complex. Initial deployment takes around 10 to 15 minutes to set up the entire base for Splunk including all three tiers."
"I rate the tool's deployment an eight out of ten. The deployment is completed in two days."
"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."
"The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."
"The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure."
"We are now able to completely monitor our environment so we can review what is there, which is a big win for us."
"Trellix ESM is very user-friendly."
"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."
"It is easy to use and deploy. It comes with user-friendly manuals."
"Its user interface for everything other than the charts can be improved. Some parts of it can be simplified a bit, such as when importing documents that have the network traffic. When you're going through the information about the network traffic, you have to have the expertise, but even if a program is supposed to be for IT support, it is good to make it user-friendly because it gets easier to train people. When something goes wrong, the more difficult a program is in terms of UI, the harder it is to fix the issue."
"Splunk Enterprise Security can be improved by including backup network detection and response and safe management to the paid platform."
"The UI can be improved. Dashboards and reports can be better in terms of graphics."
"I would like Splunk to add more integration. QRadar has many indications with more products than Splunk."
"Splunk could improve its default machine-learning models. Also, Splunk Enterprise's native threat intelligence isn't that good. I prefer a custom threat intelligence model."
"Features related to content management must be improved."
"Splunk Enterprise Security could improve in automation, flexibility, and providing more content out of the box."
"The product's price may be an area of concern where improvements are required."
"It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."
"We cannot add new data sources to the most recent version."
"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore."
"There should be support for multitenancy in the product."
"Tech support is required each time there is a system update of the solution."
"The product’s alert response feature needs improvement. It could be more flexible and secure."
"Customized reports and alerting functionality could be included in the dashboard."
"The initial setup is difficult and could improve."
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 246 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. Splunk Enterprise Security is rated 8.4, while Trellix ESM is rated 7.4. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, LogRhythm SIEM, Trellix Helix and Fortinet FortiSIEM. See our Splunk Enterprise Security vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.