"Integrated Asset Correlation And SOAR Boosted, Tuning And Dashboards Require Attention"

Submitted
4.0
4.0
Overall User Rating

Product(s): Splunk Asset and Risk Intelligence

Overall Comment:"Overall, my experience with Splunk ARI has been positive. It provides strong visibility into my attack surface across multiple cloud environments and the IOT devices in my physical offices. Overall, it has drastically helped my organization understand our actual risk when prioritizing patching and vulnerability remediation."

Lessons Learned

Description
Description

What do you like most about the product or service?

1. I love the ability of the platform to easily correlate all of my disparate assets across the cloud and on-prem into a single pane of glass. 2. Risk scoring and prioritization helps my team triage faster to determine the actual risk to the organization without losing sight of the smaller issues that often can be chained into a real attack. 3. Native integration with Splunk SOAR helped improve our workflows and made using the tool an easy sell to the rest of the security team.

Description
Description

What do you dislike most about the product or service?

1. With having so many locations feeding data in, there can be issues with data normalization across multiple cloud connectors and IOT devices. 2. There can be a decent amount of tuning required to get the most out of ARI, which causes so additional administrative overhead during onboarding. 3. The reporting and dashboards within the platform could use a facelift.

Evaluation & Contracting

Description

Why did you purchase this product or service?

  • Improve compliance & risk management
  • Improve business process agility
  • Create internal/operational efficiencies
Description

What were the key factors that drove your decision?

  • Product functionality and performance
  • Financial/organizational viability
  • Pre-existing relationships
  • Overall cost
  • Strong services expertise
Description

Which other vendors did you consider in your evaluation?

  • Rapid7
  • Qualys

Integration & Deployment

5.0

Service & Support

5.0

Product Capabilities

4.0

Additional Context

Description

Deployment architecture

Cloud (SaaS or PaaS or IaaS)
Description

In which country(s) did your deployment take place?

United States
Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.
This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.