CrowdStrike Falcon vs Splunk Enterprise | TrustRadius

What users are saying about

Score 8.9 out of 10

Based on 46 reviews and ratings

Get Started Free

Score 8.8 out of 10

Based on 310 reviews and ratings

Feature Rating Comparison

CrowdStrike Falcon

Splunk Enterprise

Anti-Exploit Technology

Endpoint Detection and Response (EDR)

Centralized Management

Hybrid Deployment Support

Infection Remediation

Vulnerability Management

Malware Detection

CrowdStrike Falcon

Splunk Enterprise

Centralized event and log data collection

Correlation

Event and log normalization/management

Deployment flexibility

Integration with Identity and Access Management Tools

Custom dashboards and workspaces

Host and network-based intrusion detection

Pros

Ransomware protection. We ran a ransomware simulation with obfuscated executables to hide malware signatures and CrowdStrike found and stopped 15 out of 15.
Malware/adware detection. Packaged adware in official installers are instantly blocked without interfering with the install of the primary application.

Read full review

Information Security Analyst

Randall-ReillyMarketing and Advertising, 201-500 employees

View all 20 answers on this topic

Allow for separation of control where we don't let some employees have access to production but still can diagnose issues.
Common location to go for all logs even if the logs themselves aren't in the same place.
Ability to ingest logs from different locations without having to change the code to put logs in a certain place (pro and con).

Read full review

Verified User

Engineer in Engineering

Computer Software Company, 201-500 employees

View all 61 answers on this topic

Cons

We get false positive detections when we run an email signature script for our users. These false positives can be a distraction. We've implemented a whitelist for those behaviors, but had some difficulty in figuring out how to configure CrowdStrike to recognize these executions since the file name and hash were always different (the executing file was firstname_lastname.exe, and that was too Vague to whitelist.

Read full review

Director of Information Technology

TransPakPackage/Freight Delivery, 1001-5000 employees

View all 20 answers on this topic

Even though there is a search tool as a help function, you still have to read through many documentation to find the answers you're looking for and sometimes you don't find it. The help function in Splunk could be improved to be more intuitive or have a built-in help per report, panel or dashboard.
Creating a Splunk dashboard is rather straightforward however, customization is not. Splunk could be improved to provide more tools or features for customization such as adding colors and font options for text and graphs or graphics.
My dashboard has a lot of useful information and I want the important panels and reports at the top but there is no easy way to do this. Perhaps Splunk could be improved to allow features such as adding URL links to other dashboards or some other clever way to emphasize the important data in my dashboard without compromising space.

Read full review

Verified User

Professional in Information Technology

Investment Management Company, 1001-5000 employees

View all 61 answers on this topic

Likelihood to Renew

No score

No answers yet

No answers on this topic

Splunk Enterprise 10.0

Based on 17 answers

We are using Splunk extensively in our projects and we have recently upgraded to Splunk version 6.0 which is quite efficient and giving expected results. We keep track of updates and new features Splunk introduces periodically and try to introduce those features in our day to day activities for improvement in our reporting system and other tasks.

Read full review

Verified User

Consultant in Information Technology

Retail Company, 10,001+ employees

View all 17 answers on this topic

Usability

No score

No answers yet

No answers on this topic

Splunk Enterprise 9.0

Based on 3 answers

You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all.

Read full review

Kenneth Taitingfong

Splunk Architect / Engineer

CRGT Inc.Information Technology and Services, 1001-5000 employees

View all 3 answers on this topic

Reliability and Availability

No score

No answers yet

No answers on this topic

Splunk Enterprise 10.0

Based on 1 answer

When properly setup and configured, Splunk is extremely reliable.

Read full review

Verified User

Engineer in Other

Computer Software Company, 1001-5000 employees

View all 1 answers on this topic

Support Rating

CrowdStrike Falcon 8.6

Based on 13 answers

When I receive support, it is always useful and informative. However, the support doesn't get back to me in the most timely manner. Often, by the time I hear back from support I have already resolved the issue. But for bigger issues, that need more in-depth help the support team has been incredibly valuable.

Read full review

Verified User

Analyst in Information Technology

Telecommunications Company, 1001-5000 employees

View all 13 answers on this topic

Splunk Enterprise 8.6

Based on 24 answers

Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method.

Read full review

Verified User

Engineer in Information Technology

Information Technology & Services Company, 201-500 employees

View all 24 answers on this topic

Implementation Rating

No score

No answers yet

No answers on this topic

Splunk Enterprise 9.0

Based on 2 answers

Smooth without too many major issues.

Read full review

Verified User

Consultant in Information Technology

Transportation/Trucking/Railroad Company, 1001-5000 employees

View all 2 answers on this topic

Alternatives Considered

Overall I found CrowdStrike Falcon's EDR capabilities superior to their competitors. Also, the user interface has taken its time to mature and is very intuitive and has a natural flow. Policy configuration and assignment as well as the features and settings within the config were more complete and met all our requirements. Lastly, the agent plays nice with everything else running on systems. We hardly ever have issues of Falcon interfering with users or services, and false positives are kept at a minimum.

Read full review

Sr Systems Engineer

InnovaSystemsComputer Software, 201-500 employees

View all 20 answers on this topic

Splunk is proving to be a formidable replacement for Qradar, which we had as our previous SIEM. Qradar was powerful, but not easy to customize and quite limited. Splunk is not per se a "SIEM" but it can be in the way you used it. Also there is an Enterprise Security App that is available to buy and sit on top of Splunk, and that will take care of any concerns with needing a full-fledged SIEM. Splunk wins.

Read full review

Verified User

Manager in Information Technology

Higher Education Company, 501-1000 employees

View all 61 answers on this topic

Scalability

No score

No answers yet

No answers on this topic

Splunk Enterprise 9.1

Based on 1 answer

Splunk can scale in to the petabyte per day range which of course is awesome

Read full review

Regional Director

ePlus inc.Information Technology and Services, 501-1000 employees

View all 1 answers on this topic

Return on Investment

CrowdStrike has cut our security costs.
Has given us more insight into our end points.
It has helped with our older PC's CPU usage.
Cut our cost and time from managing multiple platforms down to managing one platform with better insight than what we had with multiple security platforms.

Read full review

Verified User

C-Level Executive in Information Technology

Security & Investigations Company, 1-10 employees

View all 20 answers on this topic

I'm not a data analyst so I can not provide concrete examples on how the business has benefited from implementing Splunk. However, the analysts I have worked with have provided a wealth of support in reducing workstation issues across the enterprise. This alone reduces the time it takes to determine where the exact problem lies between a workstation and the servers it tries to communicate with.

Read full review

Verified User

Professional in Professional Services

Information Technology and Services Company, 51-200 employees

View all 61 answers on this topic

Pricing Details

General

Free Trial

Yes

Free/Freemium Version

—

Premium Consulting/Integration Services

Yes

Entry-level set up fee?

No

CrowdStrike Falcon Editions & Modules

Edition

Falcon Pro	$6.99¹
Falcon Enterprise	$14.99²
Falcon Premium	$17.99²

per endpoint/month (for 5-250 endpoints, billed annually)
per endpoint/month (minimum number of endpoints applies)

Additional Pricing Details

—

General

Free Trial

Yes

Free/Freemium Version

Yes

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Splunk Enterprise Editions & Modules

—

Additional Pricing Details

—

Rating Summary

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

Add comparison