We performed a comparison between SentinelOne Singularity Complete and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet is very user-friendly for customers."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It is stable and scalable."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Ability to get forensics details and also memory exfiltration."
"The management dashboard is the most valuable feature."
"The ability to quickly and easily identify threats on our machines is valuable. The fact that it protects the environment as a whole is also valuable. They have the ability to identify network nodes, and they have Ranger as a component of the solution that allows us to see the whole picture. We can see on what we have SentinelOne and on what we do not."
"The user interface, ease of maintenance, and the efficient way to identify the root cause of an incident to see all the factors that contributed to it are the most valuable features."
"The best thing is it has a secure shell command that you can use to get into any endpoint and do some jobs."
"The tool has helped us streamline and centralize things with a single solution. We are a small organization with a handful of people managing multiple sites. It is a simple tool with an easy-to-use UI. The product has an intuitive and up-to-date GUI."
"In terms of the engines that SentinelOne uses, it has stopped various scripts from running and it's highlighted lateral movement that we weren't expecting."
"The portal is the most valuable feature because it provides us with a single pane of glass view and is highly intuitive."
"They provide a map, a process tree, and that is pretty good for analysis."
"It allows the centralization of data and makes possible new sorts of correlations that were previously impossible using traditional SIEMs such as ArcSight or QRadar."
"Search language is easy to understand and teach to new users."
"The feature that we use the most is the correlation search engine within ES."
"Splunk setup is easy and straightforward. "
"The most valuable features include agility and Splunk Enterprise Security's ability to quickly search for alerted items, as well as the capacity to create custom alerts using the SQL language employed by Splunk."
"You can run reports against multiple devices at the same time. You are able to troubleshoot a single application on a thousand servers. You can do this with a single query, since it is very easy to do."
"I like the ease with which dashboards can be created."
"We are using Microsoft 365 and we're using the Exchange Mail Service. It's good for monitoring that in particular."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The SIEM could be improved."
"Cannot be used on mobile devices with a secure connection."
"The dashboard isn't easy to access and manage."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The solution should address emerging threats like SQL injection."
"I haven't seen the use of AI in the solution."
"The process of uninstalling and reinstalling older agent updates needs improvement."
"We'd like SentinelOne to upgrade automatically. It doesn't automatically update the agent if some system has an older version of the SentinelOne. It has to be triggered from the console."
"It would be nice if the console stored data daily, so that you could look at a timeline of events on a machine over a period of time, and currently this is not possible."
"Native integration with the mobile console is an area that can be improved."
"I would like to see something a little more sophisticated than simply being able to mark a false positive as safe or there's usually just one or two options in certain areas and they're a little rudimentary at this stage."
"Everything is now offered as a service, so the console and the licensing model can be improved to make things easier, especially when updating new versions of the software."
"As a cloud-based product, there is a minimum number of licenses that need to be purchased, which is unfortunate."
"SentinelOne Singularity Complete should focus on analytical data. Backend aggregation can make things faster in the front end."
"I love the solution, but I would like to see more accessibility to the machine-learning capabilities that are sprinkled around Splunk."
"We usually have to follow up with technical support on our open cases."
"Splunk can improve its third-party device application plugins."
"Splunk Enterprise Security has not helped reduce our alert volume."
"The training was mostly sales-focused, like how to monitor your sales. It was hard to then come back from doing the training and try to switch it to a cybersecurity focus because all the training we did was sales oriented. The basic training didn't really touch on any kind of cybersecurity use cases or anything like that. That would have been great to see in the training."
"It is a good product, but the Achilles heel for a lot of organizations is the cost model for it because it gets expensive. That's because the model is based on how much data it processes a day, which can be prohibitive, especially if you have a lot of data. A lot of customers may not be ready for the sticker shock on how to fully leverage the product. I realized that the reason for that is that when it was originally designed, it was kind of like a big data modeling application. If they want to have a bigger customer base, they can come out with subsets of their product that are focused on specific things and have different pricing models. It may help with the cost."
"Professional support is great, but too expensive."
"An area of improvement would be the licensing of the solution. They need a free license, which would allow faster lead times."
More SentinelOne Singularity Complete Pricing and Cost Advice →
SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. SentinelOne Singularity Complete is rated 8.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Wazuh, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.