We performed a comparison between SentinelOne Singularity Complete and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."NGAV and EDR features are outstanding."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The product's initial setup phase is very easy."
"Ability to get forensics details and also memory exfiltration."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The most valuable features are asset tracking, patching, endpoint tagging, and policy updates."
"It is purely cloud-based, meaning you don't need to have something installed, such as a server on-prem. You have cloud management and can access it from anywhere, with integration with SSO, with one click. It's also very lightweight."
"The rollback feature is the most valuable aspect of the solution."
"The best part of the agent is that users can't remove or disable it, so endpoints will be safe. I can control it from the portal. I can see when it's updated and I can push updates from the portal. The greatness of SentinelOne is that our end-users don't see anything to do with the agents. Some of them don't even know it's on their laptops. And that's a good thing."
"Previously, we had some processes related to incident response which required more steps. We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the information we need is already in SentinelOne. We can briefly analyze and even respond from one management console. If someone has SOC, using the API, they can control everything. It's very cool. I think this is the future."
"The alerting features are the most valuable. We know that when something goes wrong, we get alerted instantly. That gives us a leg up. Even before the user knows what's happening, we're being alerted to step in and stop anything catastrophic from happening."
"The Microsoft integrations are most valuable right now."
"The most valuable features of SentinelOne are the lateral movement and the use of the Active Directory."
"Splunk would be my choice for the presentation layer because it comes with inbuilt reports and a dashboard that you can customize."
"It scales better in the cloud than on-premise."
"Positive features include replication capabilities, software development kits, and the architecture."
"The solution has proven to be quite stable."
"Good for log collection and log management."
"It helps streamline troubleshooting and log analysis."
"From the class that I took this week, being able to create notable events from whatever you find in the data set is pretty useful."
"Splunk works based on parsing log files."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The dashboard isn't easy to access and manage."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The solution is not stable."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"I haven't seen the use of AI in the solution."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"There should be more integration models with different security operations tools or soft tools."
"I would like to improve the reports because they are not so customizable and we would like more info from them."
"We did use the Ranger functionality. However, there was some scanning going on and it caused a lot of noise, so we had to disable it."
"They can improve the administrative interface. They can make it more user-friendly."
"I would like SentinelOne to add a threat-hunting report and more UEBA features. They could add more SIEM functionality. It would be nice to have the ability to easily drag all the logs from the agents, so there's no need for multiple agents installed on the endpoint."
"The solution can improve by adding more granular firewall capabilities."
"The filtering features of the application management console could be improved."
"Communication and documentation could be improved."
"This is not really a monitoring solution."
"Splunk could have more built-in use case presets that customers can build on and customize."
"The prices are complicated as we operate in a small third-world country."
"It works as intended for us, and we are getting everything that we need out of it. If anything, its initial setup can be improved a bit."
"The threat detection system has room for improvement."
"Deployment is not difficult but the lock sources and configurations can take time."
"DMC should be a little more intuitive with better dashboarding. Seeing the cause of data flow can be tough to track down."
"In terms of the interface, it could include some improvements for the look and feel."
More SentinelOne Singularity Complete Pricing and Cost Advice →
SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 176 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 228 reviews. SentinelOne Singularity Complete is rated 8.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Wazuh, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.