We performed a comparison between Cybereason Endpoint Detection & Response and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The most valuable feature is the analysis, because of the beta structure."
"The price is low and quite competitive with others."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Fortinet is very user-friendly for customers."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The product detects and blocks threats and is more proactive than firewalls."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"The initial setup process is straightforward."
"The solution is efficient."
"The initial setup is not overly complicated."
"For me, the technical support is good."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"The dashboard is very good and you can consider it as an interactive UI."
"The ability to ingest any data and display it in a way that anyone can understand."
"The correlation searches (properly configured) populate the Incident Management dashboard and provide me a quick birds-eye view of my most important concerns."
"We did not encounter any issues with scalability. It is almost seamless to add new index (storage) or search (used to analyze the data) nodes to the cluster."
"The most valuable feature is that it's very good for log aggregation."
"Its compatibility with other SIEMS is very useful."
"The data analysis part is good in Splunk, which is something that I like the most. It is also quite easy to use. Its dashboards, visualizations, and analytics are good."
"We have found all the features useful. However, the dashboarding and logging have been very helpful. Additionally, the log analysis does a great job."
"We can automatically suspend or terminate suspicious sessions."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The solution should address emerging threats like SQL injection."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The solution is not stable."
"I haven't seen the use of AI in the solution."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"It initially took some time to deploy."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"The reporting feature needs improvement."
"I feel that the product lacks reporting features and needs improvement."
"I would like to see an updated dashboard. The dashboard is a little out-of-date. It could be made prettier."
"The glass table feature does not perform as expected."
"Queries are not always as easy or straightforward as they might be, so it can be difficult to figure out what you need to look for."
"They should make data onboarding easier."
"The analytics of Splunk could be improved."
"The complexity could be worked on so that it's even easier and faster."
"The level of scalability depends on the license you have. You can expand or reduce it based on the environment. It does cost more money to scale, however."
"In terms of the interface, it could include some improvements for the look and feel."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 37th in Endpoint Detection and Response (EDR) with 19 reviews while Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 227 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace and Trend Micro ServerProtect, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.