We performed a comparison between Cybereason Endpoint Detection & Response and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The most valuable feature is the analysis, because of the beta structure."
"The product's initial setup phase is very easy."
"The dashboard is very good and you can consider it as an interactive UI."
"The interface is user-friendly."
"The initial setup is not overly complicated."
"For me, the technical support is good."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"There are quite a lot of things that we find useful. Splunk agents are useful and good. Its UI is quite impressive."
"The ability to rapidly diagnose problems in production and non-production, across hundreds of log files, is the most valuable feature."
"Search language is easy to understand and teach to new users."
"Splunk works based on parsing log files."
"What I really like is that even if you have already collected the data, you can extract fields and can build searches."
"It's basically one of the best SIEM products on the market."
"The ability to manipulate data in Splunk is unparalleled. Splunk’s powerful, flexible query language can morph difficult to understand log formats into usable data."
"My favorite example of improving of organization is saving a $60k/mo in payroll fraud and $10k/mo in wasted API credits by using simple searches and clear reports."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"I haven't seen the use of AI in the solution."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The solution is not user-friendly."
"Intelligence aspects need improvement"
"Cannot be used on mobile devices with a secure connection."
"The solution should address emerging threats like SQL injection."
"The only minor concern is occasional interference with desired programs."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"They need to improve their technical support services."
"The network coverage becomes an issue most of the time."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"There can be problems with the EDI."
"I feel that the product lacks reporting features and needs improvement."
"The reporting feature needs improvement."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"It is a good product, but the Achilles heel for a lot of organizations is the cost model for it because it gets expensive. That's because the model is based on how much data it processes a day, which can be prohibitive, especially if you have a lot of data. A lot of customers may not be ready for the sticker shock on how to fully leverage the product. I realized that the reason for that is that when it was originally designed, it was kind of like a big data modeling application. If they want to have a bigger customer base, they can come out with subsets of their product that are focused on specific things and have different pricing models. It may help with the cost."
"Splunk could improve its default machine-learning models. Also, Splunk Enterprise's native threat intelligence isn't that good. I prefer a custom threat intelligence model."
"More training on PetaData using artificial intelligence techniques to identify the events which are not normal and exceptions that would help the organization identify threats and malware on the go with results."
"Over time I will have more requirements and I can foresee the solution could improve the search algorithm to run and output the data faster."
"The product was designed for security and IT with business intelligence needs, such as PDF exporting, but this has not been the highest priority. While the functionality is there, it could be developed more."
"It can be tough to get a hold of somebody in technical support depending on the complexity of the issue."
"It works as intended for us, and we are getting everything that we need out of it. If anything, its initial setup can be improved a bit."
"We had an instance when Splunk failed and it took us a couple of days to recover."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 36th in Endpoint Detection and Response (EDR) with 19 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 246 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Darktrace, Cortex XDR by Palo Alto Networks and IBM Security QRadar, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
