Splunk
Defensive siem
Market-leading enterprise SIEM
Platforms:
linux windows cloud
Prerequisites:
siem-basics log-management
Pros and Cons
Ventajas
- + Very powerful and scalable
- + Powerful searches and dashboards
- + Extensive app marketplace
- + Enterprise support
- + Extensive integrations
Desventajas
- - Very expensive
- - Requires significant hardware
- - High learning curve
- - Complex licensing
Casos de Uso
- Security monitoring
- Incident response
- Compliance reporting
- Threat hunting