We performed a comparison between CrowdStrike Falcon and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The product is very easy to use."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The comprehensiveness of Microsoft's threat detection is good."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"The integration with other Microsoft solutions is the most valuable feature."
"We like Falcon's network visibility. We can see how threats are evolving on PCS or in the company network. The solution's real-time incident response is very fast."
"It helps us to identify the threats according to the behavior of any process that is running on any particular system. It helps immensely to identify any malicious behavior on any endpoints."
"The features I like the most are the response time and the dashboard are both excellent."
"The initial setup was straightforward."
"It's very easy to set up."
"CrowdStrike Falcon offers a comprehensive dashboard that is highly effective in protecting against and blocking external infiltration attempts."
"Easy to use, intelligent, and stable threat detection software."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"It's not very complicated to install Elastic."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"The stability of the solution is good."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"We've found the initial setup to be quite straightforward."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"At times, there may be delays in the execution of certain actions and their effects."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"In a future release, I would like to see more integrations for data breaches and security features."
"We encounter occasional issues, such as when disabling network access for a host that uses CrowdStrike."
"They don't really have anything when it comes to scanning attachments."
"We would like to be able to perform on-demand scanning, rather than relying on the scheduler."
"We have had to open a case with the technical support to get some issues and bugs resolved."
"I would like to see equal support across all versions. Aside from that, I would say most of the features are there."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews. CrowdStrike Falcon is rated 8.8, while Elastic Security is rated 7.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and AlienVault OSSIM. See our CrowdStrike Falcon vs. Elastic Security report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
