We performed a comparison between SentinelOne Singularity Complete and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"NGAV and EDR features are outstanding."
"Ability to get forensics details and also memory exfiltration."
"The product's initial setup phase is very easy."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The alerting features are the most valuable. We know that when something goes wrong, we get alerted instantly. That gives us a leg up. Even before the user knows what's happening, we're being alerted to step in and stop anything catastrophic from happening."
"The most valuable features of SentinelOne are the endpoint detection of threats, and it does not only rely on signatures for detection."
"The Deep Visibility feature is the most useful part of the EDR platform. It gives us good insights into what is actually happening on the endpoints, e.g., when we have malicious or suspicious activity. We came from a legacy type AV previously, so we didn't have that level of visibility or understanding. For simplifying threat-hunting, it is extremely useful, where traditional techniques in threat hunting are quite laborious. We can put in indicators of compromise and it will sweep the environment for them, then they would give us a breakdown of what assets have been seen and where they have been seen, which is more of a forensics overview."
"For me, the most valuable feature is the Deep Visibility. It gives you the ability to search all actions that were taken on a specific machine, like writing register keys, executing software, opening, reading, and writing files. All that stuff is available from the SentinelOne console. I'm able to see which software is permanent on a machine, and how that happened, whether by registry keys or writing it to a special folder on the machine."
"We have had very few false positives or false negatives, which allows our analysts to focus on their work instead of dealing with noise."
"It protects your machine, and it does an excellent job using AI to determine an attack and stop the attack. Its most powerful feature is prevention, and it can unwind ransomware activity as well. So, it is a really useful product in that sense."
"The management dashboard is the most valuable feature."
"The single pane of glass is probably the most valuable. That is a big one. We could see everything from one view."
"Compared to IBM QRadar, Splunk Enterprise Security offers faster alert resolution."
"The most valuable features of Splunk Enterprise Security are its high-performance data collection, flexible query language, and its versatility across the organization."
"I like the ease with which dashboards can be created."
"The alerts are very effective."
"The flexibility of the search capability is most valuable. You can use it for more than just a basic log aggregator. It is powerful in that regard."
"Splunk UBA is useful for fraud detection and for detection of APTs, advanced persistent threats."
"We are using Microsoft 365 and we're using the Exchange Mail Service. It's good for monitoring that in particular."
"Splunk Enterprise Security comes with 300 pre-deployed use cases that can be easily customized to meet the specific needs of our organization, without the need to purchase additional tools."
"Detections could be improved."
"FortiEDR can be improved by providing more detailed reporting."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We find the solution to be a bit expensive."
"The only minor concern is occasional interference with desired programs."
"There are features that I would like them to add. They have little to do with endpoint protection, but if they could add encryption and DLP on, it would make it even better."
"I would like to improve the reports because they are not so customizable and we would like more info from them."
"Deployment strategy for large organizations that do not use active directory (AD)."
"The adware and pop-up blockers have room for improvement."
"The application management needs improvements, but I understand that they are working on it. We talked to them a few months ago, and it is something they are trying to get up to speed and fix. This way, we will be able to disable critical apps or vulnerable apps through SentinelOne. We will be able to patch applications or disable applications through the Application Management tab."
"They could add “right click>scan” where most users were trained to do so in handling flash drives."
"I would like to see a better control panel for the managed service side of it."
"SentinelOne Singularity Complete could improve by having DNS filtering. Other competitor solutions have this feature."
"We will receive alerts only for the administrators and deployment servers, but not for all servers."
"Splunk does not build apps. They only go back and validate the apps that somebody has already built. They should have remote consulting support. They have a wonderful solution. They have 24/7 security. Nobody needs to depend on any third party and will therefore just buy Splunk on the cloud."
"In terms of the interface, it could include some improvements for the look and feel."
"I would like to see ability to master management. In terms of clustering, how it manages clustering needs improvement."
"Splunk could have more built-in use case presets that customers can build on and customize."
"The tool itself is very difficult to configure. It's great for its number of inputs, for the different types of systems devices, and things that it could collect information from. To actually make good use of it, you need a fairly dedicated team of people that have some reasonably good programming or modeling skills to be able to do the things that you need to do with it. Whereas a lot of the other tools are better packaged for that, and so require a lot less training and a lot less dedication."
"I would like some additional AI capabilities to provide additional information about things going wrong and things going well."
"Queries are not always as easy or straightforward as they might be, so it can be difficult to figure out what you need to look for."
More SentinelOne Singularity Complete Pricing and Cost Advice →
SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. SentinelOne Singularity Complete is rated 8.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Wazuh, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.