We performed a comparison between Elastic Security and Intercept X Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its most significant advantage lies in its affordability."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"The performance is good and it is faster than IBM QRadar."
"The feature that we have found the most valuable is scalability."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"It's open-source and free to use."
"It's very customizable, which is quite helpful."
"It is scalable."
"We've found the initial setup to be quite straightforward."
"Scalability is good."
"It is a very scalable solution."
"The most valuable features are ease of use and the GUI."
"The security on offer is pretty good. We are happy with it."
"This solution is easy to configure."
"After that, the client switched to Sophos to get the protection they lacked. It either works or it doesn’t and Sophos works."
"The most valuable features of Sophos Intercept X are the ease of use and the policy options that are simple to understand. Overall, the protection is good."
"The most valuable feature is the supervisory side of it where we can watch the throughputs, and even the loading of the device, to see how much traffic is happening."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"The data recovery and backup could be improved."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"At times, there may be delays in the execution of certain actions and their effects."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"There isn't really a very good user experience. You need a lot of training."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"Features that should be improved in the upgrade involve the excessive consumption of the the solution's processor, RAM and resources."
"This solution is not in the high ratings on many of the top review sites. This solution has to be near the top for me to continue using it."
"It would be better if it can automatically generate a report for each and every user so that the users get to know the things that shouldn't be accessed from their PCs. It can have information about malicious and non-malicious sites so users are aware of them, and they don't access malicious websites. Such reports can be generated at the end of the day. We should also be able to get through to their support team quickly. Currently, it takes more than half an hour to get through to a technical person."
"It would be a value-add if they can include integration with other technologies or solutions, like Fortinet, Blue Coat, etc."
"They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event."
"The Data Loss Prevention module can be better. It should also have threat hunting capabilities."
"I would like to have a built-in firewall, rather than having to integrate one."
"Needs more flexible reporting, particularly for medium to large size companies."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews. Elastic Security is rated 7.6, while Intercept X Endpoint is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient. See our Elastic Security vs. Intercept X Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.