We performed a comparison between CrowdStrike Falcon and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The solution was relatively easy to deploy."
"The setup is pretty simple."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The product's initial setup phase is very easy."
"There's almost no maintenance required. It's very low if there's any at all."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"The initial setup is a very fast process."
"The features I like the most are the response time and the dashboard are both excellent."
"It is an easy product to deploy."
"The initial setup was straightforward."
"The feature I like the most is the solution's detection."
"The most valuable feature is its threat analysis."
"Splunk Enterprise Security is a standard solution providing good customer service and partnership."
"It has the ability to correlate data, analyze and review it."
"We can present to our management in real time the security of the batch management for the PCs, security regarding the network equipment. We're currently working in the Azure Cloud project, so we can send any logs from the cloud to Splunk. We can monitor them and we can present to the managers and customers. It's a very good solution for reporting. We use Splunk for reporting and monitoring of any solution in the company."
"Splunk UBA is useful for fraud detection and for detection of APTs, advanced persistent threats."
"The connections to the database are very good and updating the data files is simple to do. The dashboards are useful and user-friendly."
"Its dashboard is valuable. If you have a good knowledge of how to create a dashboard, you can create any dashboard related to cybersecurity. If fine-tuned, the alarms that are triggered for instant review are also very valuable and useful."
"The product is adept at log mining."
"Three features stand out for me: the SDK for writing Python, the customizable and adaptable diagnostic dashboard, and the optimizer for collecting data."
"I haven't seen the use of AI in the solution."
"Making the portal mobile friendly would be helpful when I am out of office."
"The only minor concern is occasional interference with desired programs."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"FortiEDR can be improved by providing more detailed reporting."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it."
"Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."
"The Integration with tools, SOC tools, could be better."
"The pricing is a bit too high."
"The management of log aggregation is in need of improvement."
"CrowdStrike Falcon could improve the logs by making them free to the API."
"I have experience with a product called SentinelOne, which has a feature that allows for the customization of query languages. I would like to see such a feature for CloudStrike."
"The management of the solution could improve."
"It works as intended for us, and we are getting everything that we need out of it. If anything, its initial setup can be improved a bit."
"We had some connections issues with the solution at the beginning."
"The monitoring aspect of Splunk could be improved. We have to do some queries to get as much information as CrowdStrike or other solutions provide. If you run a big query, you will see a delay. That is the only concern we have because it will take some time if you query large data sets."
"Licensing costs can be a barrier for those with limited budgets."
"Certain sections of the developer documentation could use some updating and clarification."
"Splunk needs local technical support."
"The configuration had a bit of a learning curve."
"The use cases provided by Splunk are a good starting point, but could cover many additional topics to ensure that a smaller or less experienced shop might maximize the value of an ES deployment."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. CrowdStrike Falcon is rated 8.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.