CrowdStrike Falcon vs Splunk Enterprise

What users are saying about

Score 9.2 out of 10

Based on 97 reviews and ratings

Score 8.9 out of 10

Based on 374 reviews and ratings

Feature Set Ratings

Endpoint Security

9.2

CrowdStrike Falcon

92%

Splunk Enterprise

Feature Set Not Supported

N/A

CrowdStrike Falcon Endpoint Protection ranks higher in 7/7 features

Anti-Exploit Technology

9.3

93%

27 Ratings

N/A

0 Ratings

Endpoint Detection and Response (EDR)

9.7

97%

32 Ratings

N/A

0 Ratings

Centralized Management

9.3

93%

33 Ratings

N/A

0 Ratings

Hybrid Deployment Support

8.1

81%

4 Ratings

N/A

0 Ratings

Infection Remediation

9.2

92%

33 Ratings

N/A

0 Ratings

Vulnerability Management

9.0

90%

27 Ratings

N/A

0 Ratings

Malware Detection

9.5

95%

33 Ratings

N/A

0 Ratings

Security Information and Event Management (SIEM)

CrowdStrike Falcon

Feature Set Not Supported

N/A

9.0

Splunk Enterprise

90%

Splunk Enterprise ranks higher in 13/13 features

Centralized event and log data collection

N/A

0 Ratings

9.4

94%

50 Ratings

Correlation

N/A

0 Ratings

9.8

98%

49 Ratings

Event and log normalization/management

N/A

0 Ratings

9.6

96%

98 Ratings

Deployment flexibility

N/A

0 Ratings

9.4

94%

46 Ratings

Integration with Identity and Access Management Tools

N/A

0 Ratings

9.2

92%

46 Ratings

Custom dashboards and workspaces

N/A

0 Ratings

9.8

98%

100 Ratings

Host and network-based intrusion detection

N/A

0 Ratings

8.0

80%

35 Ratings

Data integration/API management

N/A

0 Ratings

9.0

90%

2 Ratings

Behavioral analytics and baselining

N/A

0 Ratings

7.5

75%

2 Ratings

Rules-based and algorithmic detection thresholds

N/A

0 Ratings

9.5

95%

2 Ratings

Response orchestration and automation

N/A

0 Ratings

7.0

70%

2 Ratings

Reporting and compliance management

N/A

0 Ratings

9.5

95%

2 Ratings

Incident indexing/searching

N/A

0 Ratings

9.0

90%

2 Ratings

Attribute Ratings

CrowdStrike Falcon Endpoint Protection is rated higher in 1 area: Support Rating
CrowdStrike Falcon Endpoint Protection and Splunk Enterprise are tied in 1 area: Likelihood to Recommend

CrowdStrike Falcon

93%

36 Ratings

9.3

Splunk Enterprise

93%

67 Ratings

CrowdStrike Falcon

N/A

0 Ratings

10.0

Splunk Enterprise

100%

17 Ratings

CrowdStrike Falcon

N/A

0 Ratings

9.0

Splunk Enterprise

90%

3 Ratings

CrowdStrike Falcon

N/A

0 Ratings

10.0

Splunk Enterprise

100%

2 Ratings

CrowdStrike Falcon

93%

13 Ratings

8.4

Splunk Enterprise

84%

33 Ratings

CrowdStrike Falcon

N/A

0 Ratings

9.0

Splunk Enterprise

90%

4 Ratings

CrowdStrike Falcon

N/A

0 Ratings

9.1

Splunk Enterprise

91%

1 Rating

Pros

Endpoint Isolation - instead of hoping an adversary was blocked in time. CrowdStrike locks down the endpoint beyond using the Windows Firewall. Allowing a whitelist of IPs brings additional management of that endpoint to another level that most other tools don't have.
Rich Data Recording - CrowdStrike is best described as a giant tape recorder in the sky. When it lands on the box, it truly provides insight into the those that other tools could only dream of.
Extensive APIs - CrowdStrike understands that they are not your only security vendor, so they have API usage for everything in their platform to automate and integrate to your heart's desire.
Cloud Visibility - CrowdStrike's cloud monitoring capabilities are agnostic of cloud platform. No longer does one need to worry about putting all their eggs in one basket because the endpoint tool prefers one platform over another.

Read full review

Bryan Bowie

Principal Incident Responder (Sr.)

VerizonSecurity & Investigations, 10,001+ employees

View all 36 answers on this topic

Real-time + Scheduled alerts - i-e you can set up alerts which are actively monitoring your logs
Pretty good response time for search results. With our key/value logging, Splunk makes it blazing fast to query the data.
Dashboards provide insights into historical data
Love how Splunk indexes all of the data and provides keys to search on

Read full review

Pooja Gada

Engineering Tech Lead

Qventus, IncHospital & Health Care, 51-200 employees

View all 67 answers on this topic

Cons

The ability to do a system-level scan like a traditional AV is missing and isn't a feature CrowdStrike is planning on implementing. Old school IT guys are going to be curious about this.
Host management and deletion are clunky and take 45 days for a machine to fall off your subscription license.

Read full review

Randy Munroe

Information Security Analyst

Randall-ReillyMarketing and Advertising, 201-500 employees

View all 36 answers on this topic

At times some queries can run slowly if indices are not on a portion of the query you use.
Setup time initially can be difficult if your logs aren't stored in common locations or in a common way to write the log.
Ability to ingest logs from different locations without having to change code to put logs in a certain place (pro and con).
Searches can be a bit more difficult to look through if your log isn't pulled in a manner that is easy to read through splunk.

Read full review

Verified User

Engineer in Engineering

Computer Software Company, 201-500 employees

View all 67 answers on this topic

Pricing Details

General

Free Trial

Yes

Free/Freemium Version

—

Premium Consulting/Integration Services

Yes

Entry-level set up fee?

Starting Price

$6.99 per endpoint/month (for 5-250 endpoints, billed annually)

CrowdStrike Falcon Editions & Modules

Edition

Falcon Pro	$6.99¹
Falcon Enterprise	$14.99²
Falcon Premium	$17.99²

per endpoint/month (for 5-250 endpoints, billed annually)
per endpoint/month (minimum number of endpoints applies)

Additional Pricing Details

—

General

Free Trial

Yes

Free/Freemium Version

Yes

Premium Consulting/Integration Services

—

Entry-level set up fee?

Starting Price

—

Splunk Enterprise Editions & Modules

—

Additional Pricing Details

—

Likelihood to Renew

No score

No answers yet

No answers on this topic

Splunk Enterprise 10.0

Based on 17 answers

We are using Splunk extensively in our projects and we have recently upgraded to Splunk version 6.0 which is quite efficient and giving expected results. We keep track of updates and new features Splunk introduces periodically and try to introduce those features in our day to day activities for improvement in our reporting system and other tasks.

Read full review

Verified User

Consultant in Information Technology

Retail Company, 10,001+ employees

View all 17 answers on this topic

Usability

No score

No answers yet

No answers on this topic

Splunk Enterprise 9.0

Based on 3 answers

You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all.

Read full review

Kenneth Taitingfong

Splunk Architect / Engineer

CRGT Inc.Information Technology and Services, 1001-5000 employees

View all 3 answers on this topic

Reliability and Availability

No score

No answers yet

No answers on this topic

Splunk Enterprise 10.0

Based on 2 answers

When properly setup and configured, Splunk is extremely reliable.

Read full review

Verified User

Engineer in Other

Computer Software Company, 1001-5000 employees

View all 2 answers on this topic

Support Rating

CrowdStrike Falcon 9.3

Based on 13 answers

When I receive support, it is always useful and informative. However, the support doesn't get back to me in the most timely manner. Often, by the time I hear back from support I have already resolved the issue. But for bigger issues, that need more in-depth help the support team has been incredibly valuable.

Read full review

Verified User

Analyst in Information Technology

Telecommunications Company, 1001-5000 employees

View all 13 answers on this topic

Splunk Enterprise 8.4

Based on 33 answers

Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method.

Read full review

Verified User

Engineer in Information Technology

Information Technology & Services Company, 201-500 employees

View all 33 answers on this topic

Implementation Rating

No score

No answers yet

No answers on this topic

Splunk Enterprise 9.0

Based on 4 answers

Smooth without too many major issues.

Read full review

Verified User

Consultant in Information Technology

Transportation/Trucking/Railroad Company, 1001-5000 employees

View all 4 answers on this topic

Alternatives Considered

Crowdstrike Falcon Endpoint protection is based on AIML enhanced technology,l. It's cloud-based so users don't need to connect to their office network to get their policy synchronization done from Server to endpoints agents. Also, the Crowdstrike Falcon agent size is small and it consumes fewer resources of the machine.

Read full review

Verified User

Consultant in Information Technology

Information Technology & Services Company, 51-200 employees

View all 36 answers on this topic

I wanted to learn a new language that I can quickly master and implement. Splunk is easy, fun to use and best of all, it can be developed in hours not days or weeks. Splunk is fundamentally a programming language that is minimal but yet powerful enough to collect, analyze and visualize data.

Read full review

Verified User

Professional in Information Technology

Investment Management Company, 1001-5000 employees

View all 67 answers on this topic

Scalability

No score

No answers yet

No answers on this topic

Splunk Enterprise 9.1

Based on 1 answer

Splunk can scale in to the petabyte per day range which of course is awesome

Read full review

Rick Yetter

Regional Director

ePlus inc.Information Technology and Services, 501-1000 employees

View all 1 answers on this topic

Return on Investment

CrowdStrike has cut our security costs.
Has given us more insight into our end points.
It has helped with our older PC's CPU usage.
Cut our cost and time from managing multiple platforms down to managing one platform with better insight than what we had with multiple security platforms.

Read full review

Verified User

C-Level Executive in Information Technology

Security & Investigations Company, 1-10 employees

View all 36 answers on this topic

Overall very positive. It has provided visibility to what is going on within our network.
One drawback is the time it takes to get up to speed with the application, but this is up to the user, and Splunk education is excellent.
In my field, IT Security, there are few other friends to have in your back pocket better than Splunk. They are just that good.

Read full review

Verified User

Manager in Information Technology

Higher Education Company, 501-1000 employees

View all 67 answers on this topic

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

Anti-Exploit Technology

Endpoint Detection and Response (EDR)

Centralized Management

Hybrid Deployment Support

Infection Remediation

Vulnerability Management

Malware Detection

CrowdStrike Falcon

Splunk Enterprise

Centralized event and log data collection

Correlation

Event and log normalization/management

Deployment flexibility

Integration with Identity and Access Management Tools

Custom dashboards and workspaces

Host and network-based intrusion detection

Data integration/API management

Behavioral analytics and baselining

Rules-based and algorithmic detection thresholds

Response orchestration and automation

Reporting and compliance management

Incident indexing/searching

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

CrowdStrike Falcon

Splunk Enterprise

Likelihood to Recommend

CrowdStrike Falcon

Splunk Enterprise

Pros

CrowdStrike Falcon

Splunk Enterprise

Cons

CrowdStrike Falcon

Splunk Enterprise

Pricing Details

General

Free Trial

Free/Freemium Version

Premium Consulting/Integration Services

Entry-level set up fee?

Starting Price

CrowdStrike Falcon Editions & Modules

Edition

Additional Pricing Details

General

Free Trial

Free/Freemium Version

Premium Consulting/Integration Services

Entry-level set up fee?

Starting Price

Splunk Enterprise Editions & Modules

Additional Pricing Details

Likelihood to Renew

CrowdStrike Falcon

Splunk Enterprise

Usability

CrowdStrike Falcon

Splunk Enterprise

Reliability and Availability

CrowdStrike Falcon

Splunk Enterprise

Support Rating

CrowdStrike Falcon

Splunk Enterprise

Implementation Rating