We performed a comparison between CrowdStrike Falcon and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"NGAV and EDR features are outstanding."
"The solution was relatively easy to deploy."
"Ability to get forensics details and also memory exfiltration."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that."
"The feature I like the most is the solution's detection."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"We have seen a reduction to the performance hit to our operating systems."
"CrowdStrike Falcon's most valuable features are the lightweight agent which has absolutely zero performance issues. There is no performance deterioration on the laptop on the network. It is a signature-less antivirus and anti-malware solution, it doesn't depend on signatures which better protects the systems."
"Falcon's best feature is its detection and blocking of threats."
"It's very easy to set up."
"The most valuable feature is its threat analysis."
"The speed of the search engine"
"The visibility is amazing with easy dashboard creation."
"it can explain to management about what kind of traffic is visiting the network. It can also explain other traffic coming in and out, along with protecting against malware."
"The most valuable feature of Splunk is the management and built-in workflows."
"We are much faster finding and addressing issues with Splunk."
"The reporting aspect is good and it does what I need it to do."
"The solution is the market leader."
"The correlation search functions that generate all the notables are valuable. That can get pretty complicated, and it handles that pretty well."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"I haven't seen the use of AI in the solution."
"The dashboard isn't easy to access and manage."
"FortiEDR can be improved by providing more detailed reporting."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The SIEM could be improved."
"The solution should address emerging threats like SQL injection."
"There is room for improvement in managing multiple customer IDs."
"If we have a dashboard capability to uninstall agents, I think that would be great."
"CrowdStrike Falcon could improve the logs by making them free to the API."
"Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices."
"Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that."
"The ability to receive text alerts natively in the console would be kind of cool."
"I have experience with a product called SentinelOne, which has a feature that allows for the customization of query languages. I would like to see such a feature for CloudStrike."
"The performance could be better."
"Although the technical support is adequate, there is still room for improvement."
"It is a good product, but the Achilles heel for a lot of organizations is the cost model for it because it gets expensive. That's because the model is based on how much data it processes a day, which can be prohibitive, especially if you have a lot of data. A lot of customers may not be ready for the sticker shock on how to fully leverage the product. I realized that the reason for that is that when it was originally designed, it was kind of like a big data modeling application. If they want to have a bigger customer base, they can come out with subsets of their product that are focused on specific things and have different pricing models. It may help with the cost."
"Certain sections of the developer documentation could use some updating and clarification."
"The threat detection system has room for improvement."
"The security can be improved."
"There are a lot of competitive products that are doing better than what Splunk is doing on the analytics side."
"From the commercial point of view, they have to bring down their costs."
"We do have to educate developers on how to not blow it up. It is a little to easy to write an expensive query and overly stress the system. This could be improved."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 106 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. CrowdStrike Falcon is rated 8.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.