We performed a comparison between CrowdStrike Falcon and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"NGAV and EDR features are outstanding."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Fortinet is very user-friendly for customers."
"The stability is very good."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"The Protect functionality on the laptops provides great visibility into what's occurring, and the cloud management of the platform is what we needed."
"I like the overall reports of this solution. They are crisp, and to the point."
"Probably the most valuable thing to me is the real-time response piece. The fact that I can connect to an endpoint as long as it is on the Internet, no matter where it is globally. I can remove files from the endpoint, drop files on the endpoint, stop processes, reboot it, run custom scripts, and deploy software. Pretty much no other tool can do all that."
"It seems to do a pretty good job of protecting the host. It offers good insights that it gives you when it has a detection. It's pretty incredible."
"The EDR and XDR features have been most valuable."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"The 10 hours a week that we are freeing up from having to manage and monitor our AV solution has really allowed us to focus on other areas of the business. This has been a huge return on investment."
"What I really like is that even if you have already collected the data, you can extract fields and can build searches."
"Splunk's advantage is its search capability. Its search is notably faster. With Splunk, I can search easily on keywords. That is great."
"The most valuable feature is the DSS, also known as SPL, because it allows users to script advanced queries with limited knowledge."
"We solve issues that we previously could not since we now have the data."
"Splunk's interface is user-friendly, and it has apps and add-ons for most applications. We can easily normalize the data to make it readable and understand the logs. We easily get all the field extractions and enrichment done by using the apps and add-ons. This helps us understand the application logs because the raw data is useless unless we extract some useful information from it. These add-ons make it so much easier."
"The solution is stable and reliable."
"It is very easy to use and integrate. There are connectors for every technology."
"It is very simple to tweak or write a small piece of glue code to go ahead and create a new dashboard for a business unit to make near real-time decisions to focus more on other geographies when launching the product."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"We'd like to see more one-to-one product presentations for the distribution channels."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"Cannot be used on mobile devices with a secure connection."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The content-filtering features for children could be improved. We have young grandchildren aged 12 and 8. My daughter, their mother, wants to keep them from getting in trouble on the net. She looked at all these other solutions from Google, Microsoft, etc., and she couldn't figure out how to make any of those work. I told her that I bet CrowdStrike could handle this. Sure enough, CrowdStrike can do exactly that. It's the same solution that the Defense Department gets. It works, but it's a little complicated to implement. It could be simpler to set the policies."
"CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve."
"The console is a little cluttered and at times, finding what you're looking for is not intuitive."
"CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition."
"As the company has grown, the technical support has felt less personal."
"This solution could be improved with greater scope for admins to make changes to the solution."
"A year and a half ago or more, if you put in a support request by email, then it wasn't timely addressed. It could be a day to three days before you received a response, which was a bit frustrating. There was a lot of customer feedback around this issue, which has been greatly refined."
"I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
"Splunk does not provide any default threat intelligence like Microsoft Sentinel, but you can integrate any third-party threat intelligence with Splunk. By default, no threat intelligence suite is there, whereas, with IBM QRadar or Microsoft Sentinel, the default feature of threat intelligence is there. It is free. If Splunk can provide a default threat intelligence suite, it would be better."
"Splunk can be an expensive solution. Technical support could be improved as well."
"When we do a rollout from the server or host or anything, we'd like to see more automation. It would save us time."
"The threat detection system has room for improvement."
"I'd like to see more integration with more antivirus systems."
"Splunk Enterprise Security can be improved by including backup network detection and response and safe management to the paid platform."
"The solution could use a different licensing model."
"Splunk does not build apps. They only go back and validate the apps that somebody has already built. They should have remote consulting support. They have a wonderful solution. They have 24/7 security. Nobody needs to depend on any third party and will therefore just buy Splunk on the cloud."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 105 reviews while Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 228 reviews. CrowdStrike Falcon is rated 8.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.