TrustRadius

Microsoft Defender for Identity vs. Splunk User Behavior Analytics

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Microsoft Defender for Identity
Score 7.7 out of 10
N/A
Microsoft Defender for Identity (formerly Azure Advanced Threat Protection, also known as Azure ATP) is a cloud-based security solution that leverages on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at the organization.N/A
Splunk User Behavior Analytics
Score 5.9 out of 10
N/A
Splunk supplies security analytics as a standalone solution or priced as an add-on for users of its popular SIEM products, to protect enterprises against unknown threats and malicious behavior, via the Splunk User Behavior Analytics application.N/A
Pricing
Microsoft Defender for IdentitySplunk User Behavior Analytics
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Microsoft Defender for IdentitySplunk User Behavior Analytics
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Microsoft Defender for IdentitySplunk User Behavior Analytics
Best Alternatives
Microsoft Defender for IdentitySplunk User Behavior Analytics
Small Businesses

No answers on this topic

ActivTrak
ActivTrak
Score 8.8 out of 10
Medium-sized Companies
InsightIDR
InsightIDR
Score 9.5 out of 10
ManageEngine ADAudit Plus
ManageEngine ADAudit Plus
Score 9.3 out of 10
Enterprises
InsightIDR
InsightIDR
Score 9.5 out of 10
ManageEngine ADAudit Plus
ManageEngine ADAudit Plus
Score 9.3 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Microsoft Defender for IdentitySplunk User Behavior Analytics
Likelihood to Recommend
7.0
(1 ratings)
10.0
(2 ratings)
Support Rating
-
(0 ratings)
9.0
(1 ratings)
User Testimonials
Microsoft Defender for IdentitySplunk User Behavior Analytics
Likelihood to Recommend
Microsoft
Microsoft Defender for Identity is a great solution for each company that has an Active Directory. It fills in the blanks for Identity related incidents that are being missed in the XDR platform. To get a full view on identity risks it is an essential component
🛡 Arjan Stijntjes | TrustRadius Reviewer
🛡 Arjan Stijntjes
Security Consultant
Read full review
Cisco
Splunk User Behavior Analytics application is necessary when any company wants to capture the threat based on user behavior instead of just counting the number of occurrences of particular event. With Splunk UBA, we can analyse number of anomalies captured and which in turn creating threats which are nearly true positive.
Verified User
Anonymous
Read full review
Pros
Microsoft
  • detect threats and suspicious activities
  • pro-active measurements on possible breaches
  • identity security posture
🛡 Arjan Stijntjes | TrustRadius Reviewer
🛡 Arjan Stijntjes
Security Consultant
Read full review
Cisco
  • Monitor and troubleshoot for any system errors.
  • Get the insights on application data sets and do some predictive analysis.
Verified User
Anonymous
Read full review
Cons
Microsoft
  • setup can be complicated, with AD complexity
  • Sometimes the load on DCs is pretty high, leading to performance issues
  • Better tuning options for preventing false-positive/bening alerts
🛡 Arjan Stijntjes | TrustRadius Reviewer
🛡 Arjan Stijntjes
Security Consultant
Read full review
Cisco
  • Performance-wise, it can be improved. Queries take a long time.
  • Dataset exploration - More data visualization charts can be added.
Verified User
Anonymous
Read full review
Alternatives Considered
Microsoft
Microsoft Defender for Identity is more specialized on the Identity platform, it is a single solution compared to a multi-solution. The integration is better when using the XDR suite in combination with Sentinel. Microsoft Defender for Identity gives a better overview of the security posture
🛡 Arjan Stijntjes | TrustRadius Reviewer
🛡 Arjan Stijntjes
Security Consultant
Read full review
Cisco
Easier we were using Splunk Enterprise on heavy forwarder on which all the add-on were installed and were using Splunk Cloud with respect to search head and indexers stack. And with Splunk Enterprise Security premium app, we were relying on correlation rules which were throwing more number of false positive but after implementing Splunk UBA, we are now getting real-time true positive threat or incidents.
Verified User
Anonymous
Read full review
Return on Investment
Microsoft
  • Cost impact was pretty high
  • Learning curve, needed time (money) for training
  • Greatly improved detections and gives more insights
🛡 Arjan Stijntjes | TrustRadius Reviewer
🛡 Arjan Stijntjes
Security Consultant
Read full review
Cisco
  • Fewer team members to work on real threats.
  • Less time required to deal with real incidents.
  • Easy to implement across the network.
Verified User
Anonymous
Read full review
ScreenShots