We performed a comparison between Cybereason Endpoint Detection & Response and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."Impressive detection capabilities"
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The solution was relatively easy to deploy."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It is stable and scalable."
"This is stable and scalable."
"Fortinet is very user-friendly for customers."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"The initial setup was easy and straightforward."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"It gives all the information in a clear response."
"For me, the technical support is good."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"Splunk Enterprise Security is a standard solution providing good customer service and partnership."
"We can ingest and correlate data from virtually any type of system."
"It helps streamline troubleshooting and log analysis."
"It has a rapid response search environment in the event of an incident."
"The most valuable feature is that it's very good for log aggregation."
"Search language is easy to understand and teach to new users."
"Splunk helps us be more proactive. We can take predictive action to identify and block threats so that nothing harmful gets into the system."
"Correlating data across different systems via one interface will allow you to know your environment or identify incident data in ways you never imagined."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"ZTNA can improve latency."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The solution is not stable."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Detections could be improved."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"The product's reporting isn't great."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"The reporting feature needs improvement."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"Cybereason does not have sandbox functionality."
"Custom visualizations are real hard. While the default visualizations are good, creating enhanced visualizations are complex."
"I haven't found a way for me to create my own plugins and integrate them into Splunk, but this isn't necessarily a limitation; it could simply be a lack of knowledge on my part."
"Considering the contract thing and the whole legal area, it takes forever to get the contracts signed and to be able to agree to the terms and conditions for my company as well as for Splunk's team."
"There is improvement needed when importing from some types of data sources."
"I feel the solution to be too slow."
"Licensing costs can be a barrier for those with limited budgets."
"There are a lot of competitive products that are doing better than what Splunk is doing on the analytics side."
"I think the tech support response time could be a bit better. Sometimes I need to wait more than 24 hours for a response to my tickets."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 36th in Endpoint Detection and Response (EDR) with 19 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 251 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Darktrace, Cortex XDR by Palo Alto Networks and IBM Security QRadar, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.