We performed a comparison between CrowdStrike Falcon and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The product detects and blocks threats and is more proactive than firewalls."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The stability is very good."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution."
"Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"The detection is very reliable. Also, OverWatch is a great feature."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"CrowdStrike enables the infrastructure managers to visualize all the events and get information about the network."
"Easy to use, intelligent, and stable threat detection software."
"We are happy with CloudStrike's ease of use and touch notification."
"You can check up on security from the dashboards."
"The level of robustness on offer is very good."
"We did not encounter any issues with scalability. It is almost seamless to add new index (storage) or search (used to analyze the data) nodes to the cluster."
"Low barrier to start searching with the ability to normalize data on the fly."
"We can do things in minutes instead of days."
"The solution allows easy gathering and ingestion of the data."
"The flexibility of the solution is quite good."
"Easy to deploy and simple to use."
"The only minor concern is occasional interference with desired programs."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We find the solution to be a bit expensive."
"We'd like to see more one-to-one product presentations for the distribution channels."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"Detections could be improved."
"The SIEM could be improved."
"In a future release, I would like to see more integrations for data breaches and security features."
"There is room for improvement in managing multiple customer IDs."
"The console is a little cluttered and at times, finding what you're looking for is not intuitive."
"CrowdStrike Falcon could improve if it became an XDR. When we look only to an end-point, we lost the context of the environment. I know it's another line of design of the product. However, if CrowdStrike becomes an XDR, it could be very good."
"On the firewall management side, there should be more granularity. There should also be more granularity for device control. Everything else is brilliant."
"Falcon could include more integrative features."
"The support for different OS versions needs improvement because sometimes due to business conditions, updating our OS is impossible."
"CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
"The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system."
"The prices are complicated as we operate in a small third-world country."
"Splunk Enterprise Security can be improved by including backup network detection and response and safe management to the paid platform."
"While scheduled reports can be embedded, Splunk dashboard can not be embedded directly without enabling cross origin."
"There are limitations with Splunk not detecting all user activity, especially on mainframes and network devices."
"The UI can be improved. Dashboards and reports can be better in terms of graphics."
"I feel as though a major focus of upcoming releases should be set on Machine Learning, Predictive Analytics, and I would enjoy to see more security focused add-ons and apps developed by the vendor."
"This solution could be improved by better pricing in general and by easier installation."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. CrowdStrike Falcon is rated 8.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.