Compare Cybereason Endpoint Detection & Response vs. Splunk

Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about CrowdStrike, SentinelOne, Cisco and others in Endpoint Detection and Response (EDR). Updated: January 2021.
457,209 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"Its most valuable features are its scalability and advanced threat protection for customers.""I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help.""For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors.""The most valuable features of this solution are the IPS and the integration with ISE.""The simplicity of use is its most valuable feature. You can very clearly see things.""The stability of the solution is perfect. I believe it's the most stable solution on the market right now.""I am really satisfied with the technical support.""It is a very stable program."

More Cisco AMP for Endpoints Pros »

"For me, the technical support is good.""The solution is efficient.""The dashboard is very good and you can consider it as an interactive UI."

More Cybereason Endpoint Detection & Response Pros »

"It's extremely scalable. It's a very robust solution and certainly has the capability of handling far bigger data requirements than a lot of the other tools. Generally what ends up happening with me is that my clients tend, for the most part, to be mid-tier organizations where the cost of that solutions would be accompanying requirements for people just becomes way too prohibitive. Especially considering the model that they use for costing, which is based on the volume of data. Of course, they're going to put everything including the Coke machine as the ability to collect data off of it, because of course the more they can put through the tool the more money they make.""It's very flexible. If you look from the cloud implementation it is there. Reports are made quickly. Unlike other tools, it caters to all kinds of technical information on the front very easily. There's no need to put in any technical information. You can pull on the reports very easily, take action, and notify stakeholders.""The search function for spam is like a google search. You just enter and it will quickly show you the results.""The initial setup is simple, not very complex. Initial deployment takes around 10 to 15 minutes to set up the entire base for Splunk including all three tiers.""We can present to our management in real time the security of the batch management for the PCs, security regarding the network equipment. We're currently working in the Azure Cloud project, so we can send any logs from the cloud to Splunk. We can monitor them and we can present to the managers and customers. It's a very good solution for reporting. We use Splunk for reporting and monitoring of any solution in the company.""It can log more logs than other solutions. It's a good way to troubleshoot problems.""The most valuable feature of Splunk is the log monitoring.""It helps us uncover bottlenecks in the network."

More Splunk Pros »

Cons
"We would like to have an API integration with a SIEM solution, because as far as I know, it currently hasn't yet been released.""I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails.""The solution needs more in-depth analytics.""In the next version of this solution, I would like to see the addition of local authentication.""The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device.""In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened.""The reporting and analytics areas of the solution need to be improved.""I would like more seamless integration."

More Cisco AMP for Endpoints Cons »

"The integration with Microsoft solutions and Microsoft capabilities needs to be improved.""Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group.""Cybereason does not have sandbox functionality."

More Cybereason Endpoint Detection & Response Cons »

"The tool itself is very difficult to configure. It's great for its number of inputs, for the different types of systems devices, and things that it could collect information from. To actually make good use of it, you need a fairly dedicated team of people that have some reasonably good programming or modeling skills to be able to do the things that you need to do with it. Whereas a lot of the other tools are better packaged for that, and so require a lot less training and a lot less dedication.""It does not give us permission to implement on-premise so we implement them on the cloud.""Spam has different plugins but by default, the logs are not organized, it shows that there are roll-ups that are out of the box. I saw many plugins that can help improve or extend Splunk's functionality but I haven't tried any of them.""Splunk does not build apps. They only go back and validate the apps that somebody has already built. They should have remote consulting support. They have a wonderful solution. They have 24/7 security. Nobody needs to depend on any third party and will therefore just buy Splunk on the cloud.""The security can be improved.""Cybersecurity and infrastructure monitoring have room for improvement.""If possible, we would like to have not only a log monitoring system but a network monitoring feature in this solution as well.""The product was difficult to back up the first time."

More Splunk Cons »

Pricing and Cost Advice
"The costs of 50 licenses of AMP for three years is around $9,360.""The price is very good.""The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost.""Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc.""In our case, it is a straightforward annual payment through our Enterprise Agreement.""Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection.""There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization.""The Enterprise Agreement is like an all-you-can-eat buffet of Cisco products. In that vein, it was very affordable."

More Cisco AMP for Endpoints Pricing and Cost Advice »

"In terms of pricing, it's a good solution.""This product is somewhat expensive and should be cheaper."

More Cybereason Endpoint Detection & Response Pricing and Cost Advice »

"It's a little bit expensive for a small to medium enterprise.""Splunk's cost is very high. They need to review the pricing. They have to go back and totally readdress the market.""Splunk should be able to integrate with other product using the free version.""The pricing and licensing of the product are quite high.""Splunk is really expensive.""I think that most of the monitoring solutions are expensive.""I think that most of the log analytics solutions are expensive and I'm not sure if it's worth it.""Our customers often complain that the price of Splunk is too high."

More Splunk Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
457,209 professionals have used our research since 2012.
Questions from the Community
Top Answer: The solution's integration capabilities are excellent. It's one of the best features.
Top Answer: Nice to have URL management, password protection of the app, more details of the machine & user running the app.
Top Answer: The primary use case is for endpoint protection. For the larger deployments, we use it for our policy enforcement as… more »
Ask a question

Earn 20 points

Top Answer: Dynatrace and Splunk are two different solutions that provide insight from different perspectives. Dynatrace is… more »
Top Answer: Focused on log collection and analysis. IT Operations - Predict and prevent problems with log (trap/syslog/Windows… more »
Popular Comparisons
Compared 8% of the time.
Compared 8% of the time.
Compared 6% of the time.
Compared 6% of the time.
Compared 5% of the time.
Also Known As
Cybereason EDR, Cybereason Deep Detect & RespondSplunk Enterprise Security
Learn
Cisco
Cybereason
Video Not Available
Splunk
Overview

Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.

Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.

Offer
Learn more about Cisco AMP for Endpoints
Learn more about Cybereason Endpoint Detection & Response
Learn more about Splunk
Sample Customers
Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial BankLockheed Martin, Spark Capital, DocuSign, Softbank CapitalSplunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Top Industries
REVIEWERS
Healthcare Company20%
Government13%
University7%
Comms Service Provider7%
VISITORS READING REVIEWS
Comms Service Provider29%
Computer Software Company23%
Government5%
Financial Services Firm4%
VISITORS READING REVIEWS
Computer Software Company31%
Comms Service Provider21%
Insurance Company5%
Financial Services Firm5%
REVIEWERS
Financial Services Firm17%
Energy/Utilities Company14%
Computer Software Company10%
Retailer9%
VISITORS READING REVIEWS
Computer Software Company31%
Comms Service Provider17%
Financial Services Firm8%
Government6%
Company Size
REVIEWERS
Small Business36%
Midsize Enterprise16%
Large Enterprise48%
VISITORS READING REVIEWS
Small Business19%
Midsize Enterprise19%
Large Enterprise61%
REVIEWERS
Small Business14%
Midsize Enterprise14%
Large Enterprise71%
REVIEWERS
Small Business26%
Midsize Enterprise15%
Large Enterprise59%
VISITORS READING REVIEWS
Small Business17%
Midsize Enterprise18%
Large Enterprise65%
Find out what your peers are saying about CrowdStrike, SentinelOne, Cisco and others in Endpoint Detection and Response (EDR). Updated: January 2021.
457,209 professionals have used our research since 2012.

Cybereason Endpoint Detection & Response is ranked 11th in Endpoint Detection and Response (EDR) with 4 reviews while Splunk is ranked 1st in Security Information and Event Management (SIEM) with 31 reviews. Cybereason Endpoint Detection & Response is rated 7.8, while Splunk is rated 8.0. The top reviewer of Cybereason Endpoint Detection & Response writes "Efficient with an easy to use interface and excellent technical support". On the other hand, the top reviewer of Splunk writes "Good support with an intuitive dashboard but the cost is too high". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, SentinelOne, CylancePROTECT, Microsoft Defender Antivirus and Sophos Intercept X, whereas Splunk is most compared with Datadog, Dynatrace, IBM QRadar, Graylog and ELK Kibana.

See our list of .

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.