Splunk helps organizations worldwide turn data into doing. With solutions for IT, security, IoT and business operations, Splunk empowers people to make faster, better decisions and take action on all
Splunk Enterprise Security (ES) is an analytics-driven SIEM that streamlines security operations. Enhance security monitoring, advanced threat and attack detection, compliance, incident investigation, forensics, incident response and more.
Splunk is the go to SIEM software
Pros: The amount of information and data that you can organize with splunk is it's best feature.
Cons: It will take some time getting used to how create dashboards and reports so that can pull the relevant data out of splunk.
Overall: Splunk is our key resource and first line of defense for our security team when looking at our intrusions against the organization.
Easy to use once set up
Pros: The ability to set up alerts and reports based on logs that come in from almost anywhere and anything in our network.
Cons: In can be a bit of a bear to get set up but that is the case with almost any enterprise level software like this.