We performed a comparison between SentinelOne Singularity Complete and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The price is low and quite competitive with others."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The most valuable feature is the analysis, because of the beta structure."
"It is stable and scalable."
"The solution was relatively easy to deploy."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The solution is powerful because we just have to update the agent by using the console, which is simple to do. I just select the endpoints and click "Update" on the console. That is it, because it is very easy to use."
"We collect a lot of telemetry from Singularity Complete."
"The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform."
"Previously, we had some processes related to incident response which required more steps. We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the information we need is already in SentinelOne. We can briefly analyze and even respond from one management console. If someone has SOC, using the API, they can control everything. It's very cool. I think this is the future."
"The most valuable features are threat hunting, the ability to disconnect or disable a machine's network connection in real time, and the ability to restore the connection once the issue is resolved quickly."
"The tool deletes the problem-causing process and prevents issues."
"The solution can search for hidden and dormant threats on encrypted traffic in your environment."
"Scalable endpoint protection solution that takes seconds to set up per device. It has a rollback feature and offers good technical support."
"The ability to ingest different log types from many different products in our environment is most valuable."
"The logs on the solution are excellent."
"The most valuable feature is the log aggregation, being able to scan through all of the logs."
"The solution helped reduce our alert volume."
"We were able to create a catalog of dashboards and have a holistic view at all levels. We could understand our business much better. Real-time errors, which were buried in emails before now, surfaced up on dashboards."
"We can quickly search for almost anything across many log sources in seconds."
"The most valuable feature of Splunk is the log monitoring."
"The fact that Splunk is a platform and not just a SIEM solution is a key benefit."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Making the portal mobile friendly would be helpful when I am out of office."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The SIEM could be improved."
"Cannot be used on mobile devices with a secure connection."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"SentinelOne could improve by creating an autopilot or automated way to roll out the solution more efficiently which would be helpful."
"SentinelOne's performance and the accuracy of its incident filtering could be improved."
"The stability of SentinelOne should be improved."
"This solution would be more attractive to customers if the price were lower."
"The solution needs better reporting on new threats and malware. The reporting is present, but I can't find the information easily."
"Singularity Complete needs to improve its ability to granularly select and extract the executable files that I want to run."
"SentinelOne needs to provide more documentation for administrators and analytics."
"SentinelOne Singularity Complete could improve by having DNS filtering. Other competitor solutions have this feature."
"I would like some additional AI capabilities to provide additional information about things going wrong and things going well."
"It needs integration with a configuration management solution."
"Adding custom visualization in Splunk has been improved over the years but can still be made better by integrating more and more JavaScript visualization sources."
"The administration of the cluster and app deployment to indexers or search heads can be done only using ssh access and command line, there is no GUI tools for that."
"The only thing which can be improved is that they are too subjective on whom their Splunk4Good initiative can be applied. They market it as you only need to be a nonprofit, but there is more to it."
"The price of the solution could be cheaper."
"Its setup is a little bit complex for a distributed environment. Their support can also be better. If we miss the response for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply."
"While scheduled reports can be embedded, Splunk dashboard can not be embedded directly without enabling cross origin."
More SentinelOne Singularity Complete Pricing and Cost Advice →
SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 176 reviews while Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 228 reviews. SentinelOne Singularity Complete is rated 8.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and ESET Endpoint Protection Platform, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.