We performed a comparison between CrowdStrike Falcon and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in EDR (Endpoint Detection and Response)."The price is low and quite competitive with others."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"This is stable and scalable."
"The solution was relatively easy to deploy."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The stability is very good."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"CrowdStrike Falcon's most valuable feature is the fact that it's not getting in the way of our workforce and their workflow."
"The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution."
"CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details."
"There are two things which customers really like about CrowdStrike. If they buy managed services from CrowdStrike, it offers them detection of security issues in one minute. If you buy their professional services, they offer insurance where you can claim up to $5 million if there's a breach. This is a huge upsell for customers."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"Cyberattack detection is very good. We use it for detecting different vulnerabilities, such as ransomware, virus, and malware. It is a good product today when compared to Symantec that we used previously."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon."
"We saw the granularity that we could get from Splunk far exceeded what we already had. We had the ability to have our security team really focus on the platform and stay within the platform, but they could correlate with a variety of other stakeholders, and our stakeholders were growing."
"The UI of Splunk makes it easier for our analysts to move around and see what they need to see."
"I really like the user interface and how it works."
"You can integrate Splunk with third-party security automation solutions and set rules for automatic response."
"If I need to integrate devices for logs, it is easier with Splunk. We can integrate different applications, network devices, and databases. It is also very rich in documents. It is the best."
"The most valuable feature is the incident dashboard, and the extensive use of correlation searches, which isn't available with a standard Splunk search package. This feature is important to me because it enables SOC analysts to do their job more efficiently and be able to investigate or mediate incidents at a faster pace."
"The product has a good security posture."
"The most valuable feature of Splunk is the management and built-in workflows."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We'd like to see more one-to-one product presentations for the distribution channels."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"I haven't seen the use of AI in the solution."
"The dashboard isn't easy to access and manage."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"CrowdStrike costs a little more than its competitors."
"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."
"CrowdStrike Falcon needs to improve their host management system."
"The installation process for this software needs to be simplified."
"CrowdStrike Falcon could improve if it became an XDR. When we look only to an end-point, we lost the context of the environment. I know it's another line of design of the product. However, if CrowdStrike becomes an XDR, it could be very good."
"The ability to receive text alerts natively in the console would be kind of cool."
"I would like to see a more accurate integration and an option to check the local machine."
"The price is too high."
"Its interface and usability can always be improved."
"The price has room for improvement."
"A lot of people are averse to using new tools so if they make it even more user-friendly than it already is, I think that could go a long way."
"Splunk could enhance its services by providing more comprehensive professional assistance aimed at optimizing our investment."
"Features related to content management must be improved."
"The algorithms customization of Splunk could improve. They have limited algorithms for machine learning support. If they can allow the user to add more machine learning algorithms, such as the ability to choose the algorithm that a user might want. Additionally, they should provide the required libraries for those algorithms, and then analyzes the data for use."
"We are waiting for Dashboard Studio to mature a little bit more. There are some things that we are using with Classic Dashboards which have not yet made it to Dashboard Studio. We are waiting for that."
"There can be a bit of complexity around some fields during the initial setup."
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
CrowdStrike Falcon is ranked 3rd in EDR (Endpoint Detection and Response) with 49 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 76 reviews. CrowdStrike Falcon is rated 8.6, while Splunk Enterprise Security is rated 8.6. The top reviewer of CrowdStrike Falcon writes "Robust threat hunting and great ability to do on-keyboard remote response and quarantining of devices". On the other hand, the top reviewer of Splunk Enterprise Security writes "Can be used to find any threats or vulnerabilities inside a user’s environment". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Microsoft Defender for Endpoint, Darktrace, Trend Micro Deep Security and Trend Vision One, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.