We performed a comparison between Fidelis Elevate and Splunk SOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The stability is very good."
"The solution was relatively easy to deploy."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"NGAV and EDR features are outstanding."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It ensures the stability of network behavior across various aspects of our network and offers responsive capabilities to address incidents promptly"
"Compared to similar solutions, it's quite scalable. You just need to add more storage to scale-up."
"Reporting is great, it is easy to do a quick search through 45 days of data for something of interest."
"There are many valuable features. The NDR gives very good network visibility, and the endpoint module has a great feature called "Live Connect" for remote connections. They also have "Tasks" that can be run on endpoints to gather specific information or retrieve logs."
"What I like the most about this solution is the complexity. It covers a lot of areas, unlike other solutions."
"The initial setup is very straightforward. The deployment of the server doesn't take so long; about a day or two max."
"After rack and stack, devices were up and running base configurations within two hours. As with any IPS, tuning is required to stop false positives. This is no different, but the ease of use of the interface allowed my team to start making adjustments within a few hours."
"It has also improved our hunt ability with quick search tools, to zone in on malware or other anomalies. It is able to link items to incidents from other consoles, and works natively with the SIEM."
"It's pretty easy when it comes to setting up assets. If you want to fetch emails or call a REST API, you can set up an asset and grab that information."
"The solution’s dashboard is really good and customizable. It also has a good UI."
"The solution allows us to customize playbooks and incorporate custom code, allowing us to drag and drop elements while still writing code to build the integrations we need."
"The ability to automate Splunk SOAR and customize the playbook use cases is the most valuable feature and is very exciting for me."
"The best feature is the integration and the custom Python code that we can write. Splunk SOAR provides us with both of these capabilities, allowing us to integrate different security solutions with Splunk SOAR and take remediation actions directly on those security tools."
"The automation part of the product is great."
"Very flexible integration with other tools"
"I have found all the security automation platform features of Splunk SOAR to be good. The Automation playbook development is highly useful."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The solution is not stable."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The dashboard isn't easy to access and manage."
"The solution should address emerging threats like SQL injection."
"Making the portal mobile friendly would be helpful when I am out of office."
"I haven't seen the use of AI in the solution."
"There is room for improvement in email security. It's a security issue. If you're aiming for XDR, covering the entire threat landscape is crucial."
"The reports in the endpoint area of Elevate can be improved."
"The interface bug needs to be squashed once and for all. This has been the predominant issue with an otherwise stellar product. It reboots itself unscheduled, about once a month, due to a memory buffer flaw in the interface."
"Configuration, in terms of building the collector and communicating with endpoints, is complex."
"I encounter difficulty removing certain entries in behavior or alerts; likewise, I am unable to add specific calls."
"We position the solution as an antivirus, but this part of the solution needs improvement. They need to generally enhance the features that they have, rather than adding anything new."
"Fidelis Endpoint is an expensive product making it one of its shortcomings that needs improvement."
"Creating playbooks using the solution’s playbook editor, for me, is very cumbersome. There have been instances where I have said to myself that I just don't want to use this editor. I might just use a code block and write my own code within it... The functionality in the playbook editor is 80 percent there, but that 20 percent is still lacking. They could make it more efficient."
"The scalability could be better."
"The cost of Splunk SOAR has room for improvement."
"It would be ideal if we could automate processes even more."
"Suppose I am initially granted user rights or analyst rights, but later on, I also get admin rights. SOAR is unable to amend the limitations of my role. I raised a support ticket with Splunk about this. They said it's a bug in their 5.3.5 version. To fix this, I had to reinstall the entire platform from scratch.."
"Splunk SOAR can improve IoT/OT security-related case studies or your use cases. Their integration with identity and access management (IAM) solutions is a bit shaky. They don't have good integration with a lot of IAM solutions. They do have good capability in terms of user access management internally, but even with privileged user access, they have a good module. However, if they have to integrate with solutions, such as CyberArk or IBM IAM solutions they are lacking, the visibility of user access is not that much."
"Splunk's support for integration is subpar and has room for improvement."
"The Splunk SOAR platform was not designed specifically for case management which is why this area needs improvement."
Fidelis Elevate is ranked 41st in Endpoint Detection and Response (EDR) with 7 reviews while Splunk SOAR is ranked 3rd in Security Orchestration Automation and Response (SOAR) with 30 reviews. Fidelis Elevate is rated 8.4, while Splunk SOAR is rated 8.0. The top reviewer of Fidelis Elevate writes "Advanced threat detection capabilities with comprehensive incident response features providing robust cybersecurity for organizations". On the other hand, the top reviewer of Splunk SOAR writes "Takes most of the work away, but the time they take to implement new features is a little bit of concern". Fidelis Elevate is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, VMware Carbon Black Cloud, Trellix Endpoint Security (ENS) and Darktrace, whereas Splunk SOAR is most compared with Palo Alto Networks Cortex XSOAR, Cortex XSIAM, ServiceNow Security Operations, Torq and Swimlane.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
