We performed a comparison between Cybereason Endpoint Detection & Response and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Ability to get forensics details and also memory exfiltration."
"NGAV and EDR features are outstanding."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The most valuable feature is the analysis, because of the beta structure."
"It is stable and scalable."
"This is stable and scalable."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"The solution is efficient."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"The interface is user-friendly."
"The initial setup is not overly complicated."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"The dashboard is very good and you can consider it as an interactive UI."
"Splunk Enterprise Security helped us with faster detection of threats."
"Splunk has improved our operations by giving us access to more information and allowing us to deploy more use cases."
"it can explain to management about what kind of traffic is visiting the network. It can also explain other traffic coming in and out, along with protecting against malware."
"The ability to quickly search logs, performance data, and other inputs has helped tremendously with troubleshooting."
"Its dashboard is valuable. If you have a good knowledge of how to create a dashboard, you can create any dashboard related to cybersecurity. If fine-tuned, the alarms that are triggered for instant review are also very valuable and useful."
"The best part of Splunk Enterprise Security is its customizable settings."
"Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
"Good for log collection and log management."
"ZTNA can improve latency."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The solution is not stable."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"They need to improve their technical support services."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"There can be problems with the EDI."
"I feel that the product lacks reporting features and needs improvement."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"Over time I will have more requirements and I can foresee the solution could improve the search algorithm to run and output the data faster."
"The UI can be improved. Dashboards and reports can be better in terms of graphics."
"We'd like Splunk to reduce false positives."
"Splunk's implementation process for managing multiple indexes can be complex, especially when dealing with a large number of components."
"Technical support needs to be more responsive."
"Splunk could be improved by reducing the cost. The cost is one of the biggest challenges for us in keeping to our production requirements."
"Previously, they developed custom connectors or add-ons for a lot of applications. But that number can be upgraded still. There are a lot of applications in the world that are not supported."
"They can incorporate the SOAR solution within the actual product so that we do not require two different products, two different installations, and two different pricing methods. In regards to UBA, I am familiar with the UBA that existed two years ago. I am not updated about it today, but two years ago, UBA required such an amount of data that from a cost perspective, it was not worth it. When you compare it to what you get out of the box with Microsoft Sentinel without additional costs, there is no match."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 36th in Endpoint Detection and Response (EDR) with 19 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace and CylancePROTECT, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.