Elastic Security vs Trellix Endpoint Security comparison

Sponsored
Microsoft Defender XDR
Read 82 Microsoft Defender XDR reviews
  • 6,230 Views
  • 4,702 Comparison Views
97% willing to recommend
Elastic Security
Read 58 Elastic Security reviews
  • 9,361 Views
  • 7,675 Comparison Views
86% willing to recommend
Trellix Endpoint Security
Read 96 Trellix Endpoint Security reviews
  • 4,125 Views
  • 2,445 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Elastic Security and Trellix Endpoint Security based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Elastic Security vs. Trellix Endpoint Security Report (Updated: May 2024).
Buyer's Guide
Elastic Security vs. Trellix Endpoint Security
May 2024
Download the complete report
Helped 787,061 peers since 2012
 

Categories and Ranking

Microsoft Defender XDR
Sponsored
Ranking in Extended Detection and Response (XDR)
5th
Average Rating
8.4
Number of Reviews
82
Ranking in other categories
Endpoint Detection and Response (EDR) (7th), Microsoft Security Suite (1st)
Elastic Security
Ranking in Extended Detection and Response (XDR)
7th
Average Rating
7.6
Number of Reviews
58
Ranking in other categories
Log Management (5th), Security Information and Event Management (SIEM) (5th), Endpoint Detection and Response (EDR) (16th), Security Orchestration Automation and Response (SOAR) (6th)
Trellix Endpoint Security
Ranking in Extended Detection and Response (XDR)
10th
Average Rating
8.0
Number of Reviews
96
Ranking in other categories
Endpoint Protection Platform (EPP) (11th)
 

Market share comparison

As of June 2024, in the Extended Detection and Response (XDR) category, the market share of Microsoft Defender XDR is 23.3% and it increased by 248.9% compared to the previous year. The market share of Elastic Security is 4.8% and it increased by 23.9% compared to the previous year. The market share of Trellix Endpoint Security is 4.1% and it decreased by 30.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
Unique Categories:
Endpoint Detection and Response (EDR)
8.4%
Microsoft Security Suite
4.9%
Log Management
11.2%
Security Information and Event Management (SIEM)
5.3%
Endpoint Protection Platform (EPP)
4.5%
 

Featured Reviews

RT
May 9, 2024
Enables users to access any application and system within the organization
The best feature is probably the alert generation. When I do a security reset, the other session triggers instantly from the Defender console, and I can work on it. The policies are three times, but they are also ready to install it. The identity management feature is something we need for our use case. It wraps up the access management and XDR components, so it's not just Defender. It works well with Azure AD for access management. I didn't think I needed identity and access management in the past, but it's nice to have if you're performing a significant migration on a tight schedule. Defender XDR's coverage extends beyond Microsoft technologies. It covers all the endpoints of users in the organization. I can manage access to any application and system within the organization.
Read full review
RJ
Apr 6, 2023
Easy to use across different use cases but stability depends on your design of implementation
The initial setup depends on what you were expecting, but since we have experience with it and know what it's good for, it's an eight out of ten. The initial deployment typically takes about a day. Then there's an initial stage of the project to integrate some of the client's specific requirements, which can take additional time depending on the complexity of their environment. When it comes to maintenance, it depends on the project, and sometimes one person can support all roles. Usually, it's enough to have one engineer with deep technical knowledge of the operating system and the deployment and configuration of the system. The other role is an analytical role with project management and coordination skills to communicate with customers and drive delivery.
Read full review
AV
May 2, 2023
Useful for containment and taking a triage image
We build our own use cases and those provided by the vendor for specific upcoming attack scenarios. Configuring the rule set using Trellix Endpoint Security is very much flexible based on the IOCs Trellix Endpoint Security is good for doing containment immediately. We can get visibility of…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The integration with other Microsoft solutions is the most valuable feature."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The most valuable feature is the network security."
"The product integrates security into one tool instead of having third-party security tools."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The threat intelligence is excellent."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
More Microsoft Defender XDR pros
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"The most valuable features of Elastic Security are it is open-source and provides a high level of security."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
More Elastic Security pros
"It's easy to use and it's very powerful. It offers nice endpoint protection."
"It's easy to use."
"The solution offers very good endpoint security."
"The most valuable feature is the centralized console where everything can be controlled by the administration."
"This product has the capability to check a wide range of vulnerabilities and devices."
"The most valuable feature is ease of use."
"The package of protection that it provides is useful. It has antivirus, malware protection, VPN, and a whole bunch of other features."
"Trellix Endpoint Security offers robust access protection, addressing major concerns in prevention. It provides both application control and user access control within its access protection features."
More Trellix Endpoint Security pros
 

Cons

"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"Intrusion detection and prevention would be great to have with 365 Defender."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"The mobile app support for Android and iOS is difficult and needs improvement."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
More Microsoft Defender XDR cons
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"We'd like better premium support."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"The biggest challenge has been related to the implementation."
More Elastic Security cons
"Recently, Trellix has introduced a CDR, which involves more manual response than automatic. I believe they should enhance the system by adding features like automated response and the ability to create custom playbooks. This is crucial for an EDR solution, and currently, Trellix lacks this feature while other products offer it."
"The product could do more to keep administration alerted to detected threats on endpoints."
"Tech support is not as helpful as they were in the past."
"Trying to move away from the signature model for antivirus and malware blocking is something that would be nice. Instead of having to update every day, which is signature-based, moving to more of a kernel or architecture-based model would probably be beneficial."
"On the next release, they should build an easier way to see a repair option within the McAfee icon on your system tray. If there was an issue, you should be able to contact the user or just right-click on "repair". That would be a very good feature to add. That could be a place of improvement, just adding that button, or customizing it."
"The product is not easy to use."
"The software download features could stand improvement."
"I would like this solution to do what Palo Alto traps does because I would only need to run this one product."
More Trellix Endpoint Security cons
 

Pricing and Cost Advice

"Sometimes 365 Defender is expensive, but it can be moderate, depending on the organization's size and the license type. We're satisfied with the cost because it gives us a product that protects our entire environment with DLP. To compromise some cost, of course, we are to complete the most secure environment."
"For Defender, they have Endpoint Plan 1 and Endpoint Plan 2, but I don't know on what basis they have classified Endpoint Plan 1 and Plan 2, but it has given me enough pain to pick and design Endpoint Plan 1 or Endpoint Plan 2 for my organization. In fact, we are still struggling with it. Too many SKUs are confusing. There should not be too many SKUs, and they shouldn't charge for every new feature."
"While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment."
"The solution is affordable, and we haven't been hit with any hidden costs. The subscription model is straightforward, and it's easy to understand how much additional features cost. If we need to cancel a license or feature, we do that well in advance to avoid being charged for it, but overall, the pricing and licensing are simple and easy."
"We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
"I believe the pricing is fair and acceptable. I consider it to be reasonable and satisfactory."
"Microsoft purposely makes its license combinations complex and includes combinations like Microsoft 365 E3 and Microsoft 365 E5, Office 365 E3, Office 365 E5, and Office 365 E1, so you get confused. Microsoft tries to sell you a bundle of a lot of things together."
"We've managed to navigate it effectively through our enterprise agreement, and Microsoft's academic discounts have proven to be quite generous."
More Microsoft Defender XDR pricing and cost advice
"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"When compared to other products, the price is average or on the low side."
"We use the open-source version, so there is no charge for this solution."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"This is an open-source product, so there are no costs."
More Elastic Security pricing and cost advice
"I am happy with the pricing."
"The pricing is great and licensing fees are billed on a yearly basis."
"The product is expensive."
"It is reasonably priced."
"We pay for the license on an annual basis."
"No comment."
"It's fairly priced compared to other products on the market."
"The pricing is more or less the same as the other tools in the market."
More Trellix Endpoint Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
787,061 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
Computer Software Company
17%
Financial Services Firm
10%
Government
9%
Comms Service Provider
6%
Educational Organization
37%
Government
9%
Computer Software Company
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and p...
See all answers
What is your experience regarding pricing and costs for Microsoft 365 Defender?
Microsoft Defender XDR is expensive, especially for the full suite functionality. However, when compared to buying mu...
See all answers
What needs improvement with Microsoft 365 Defender?
Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR. Additionall...
See all answers
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several time...
See all answers
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it con...
See all answers
What is your experience regarding pricing and costs for Elastic Security?
Elastic Security is open-source. Unlike many older solutions where you must pay for data ingestion, Elastic allows yo...
See all answers
How does McAfee Endpoint Security compare with MVISION?
The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deplo...
See all answers
What do you like most about McAfee Endpoint Security?
It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications a...
See all answers
What is your experience regarding pricing and costs for McAfee Endpoint Security?
Trellix Endpoint Security is an affordable tool. Its renewal price is also quite low. The product is available as a s...
See all answers
 

Comparisons

CrowdStrike Falcon vs Microsoft Defender XDR Logo
CrowdStrike Falcon vs Microsoft Defender XDR
Compared 45% of the time
Microsoft Defender for Cloud vs Microsoft Defender XDR Logo
Microsoft Defender for Cloud vs Microsoft Defender XDR
Compared 15% of the time
Microsoft Purview Compliance Manager vs Microsoft Defender XDR Logo
Microsoft Purview Compliance Manager vs Microsoft Defender XDR
Compared 5% of the time
Wazuh vs Microsoft Defender XDR Logo
Wazuh vs Microsoft Defender XDR
Compared 4% of the time
Microsoft Purview Data Governance vs Microsoft Defender XDR Logo
Microsoft Purview Data Governance vs Microsoft Defender XDR
Compared 1% of the time
More Microsoft Defender XDR Competitors
Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Compared 40% of the time
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
Compared 8% of the time
Microsoft Sentinel vs Elastic Security Logo
Microsoft Sentinel vs Elastic Security
Compared 7% of the time
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Compared 5% of the time
Microsoft Defender for Endpoint vs Elastic Security Logo
Microsoft Defender for Endpoint vs Elastic Security
Compared 5% of the time
More Elastic Security Competitors
Microsoft Defender for Endpoint vs Trellix Endpoint Security Logo
Microsoft Defender for Endpoint vs Trellix Endpoint Security
Compared 21% of the time
Trellix Endpoint Security (ENS) vs Trellix Endpoint Security Logo
Trellix Endpoint Security (ENS) vs Trellix Endpoint Security
Compared 17% of the time
CrowdStrike Falcon vs Trellix Endpoint Security Logo
CrowdStrike Falcon vs Trellix Endpoint Security
Compared 7% of the time
Cortex XDR by Palo Alto Networks vs Trellix Endpoint Security Logo
Cortex XDR by Palo Alto Networks vs Trellix Endpoint Security
Compared 5% of the time
Trend Micro Deep Security vs Trellix Endpoint Security Logo
Trend Micro Deep Security vs Trellix Endpoint Security
Compared 5% of the time
More Trellix Endpoint Security Competitors
 

Product Reports

Buyer's Guide
Microsoft Defender XDR
May 2024
Microsoft Defender XDR reportDownload Microsoft Defender XDR product report
Buyer's Guide
Elastic Security
June 2024
Elastic Security reportDownload Elastic Security product report
Buyer's Guide
Trellix Endpoint Security
May 2024
Trellix Endpoint Security reportDownload Trellix Endpoint Security product report
 

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
Elastic SIEM, ELK Logstash
McAfee Endpoint Security, McAfee Complete Endpoint Protection, McAfee Endpoint Protection, Total Protection for Endpoint, Intel Security Total Protection for Endpoint, MCAFEE Complete Endpoint Protection
 

Learn More

Microsoft
Elastic
Trellix
 

Overview

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

  • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
  • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
  • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Trellix Endpoint Security provides aggressive robust protection for every endpoint in an enterprise organization. Trellix uses dynamic threat intelligence and mounts a superb defense across the complete threat lifecycle. This solution will keep your organization more secure and resistant to any possible threat of risks. Trellix offers an amalgamated suite of next-generation endpoint security tools. These tools give users the benefit of machine learning, intuitive intelligence, and greater assistance to ensure their networks are being protected non-stop against threats - potential or realized - and can stop attacks before they happen. Trellix uses MDR (managed detection and response) and XDR (extended detection and response) to give users a comprehensive endpoint security solution.

Trellix Endpoint Security Benefits

  • Intuitive Protection: Trellix Endpoint Security learns and matures to ensure organizations are continuously protected in today’s aggressive threat environment. Users have full visibility and greater control of all endpoints and are able to utilize Trellix Endpoint Security’s potent threat detection, prevention, investigation, and response to keep their enterprises safe and secure.

  • Streamlined Security Protection: Users have a single view of full transparency into how their networks are performing and the overall effectiveness of the security. Users can access the solution from anywhere and manage automated workflows. The solution allows for a streamlined security process to improve the overall reliability of the organization's security and can effortlessly scan through hundreds of thousands of endpoints in minutes.

  • Robust Risk Management: Stop attacks before they occur and keep abreast of potential threats with intuitive threat prioritization. Receive easy to understand risk assessment and repair guidance without delay to prevent any possible lapses in security. Test scenarios will allow users to see how the organization would respond to a threat scheme.

Trellix Endpoint Security Top Features

  • Consolidated Management: Trellix offers numerous deployment options. The unique consolidated management process provides full transparency, cost-effective processes, improved IT functionality, and streamlined operations.

  • Intuitive Processes: Trellix can identify zero-day threats using machine learning and develop workable risk assessment to prevent attacks. Trellix intuitively creates protocols to recognize problematic processes that could lead to future attacks.
  • Reduced Impact on Resources: Trellix learns to focus on suspicious or anomalous activities by quickly identifying trusted activities to greatly reduce CPU consumption.

Reviews from Real Users

“It has a great console. We can manage everything from the central console and it is very easy. Every year we are getting the benefits of legacy also. It's easy to set up.” - S Fazlul H., IT Lead Engineer, Information Technology at Banglalink

“There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.” - Sabari K. Senior Engineer at a comms service provider

 

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
inHouseIT, Seagate Technology
Buyer's Guide
Elastic Security vs. Trellix Endpoint Security
May 2024
Free Report: Elastic Security vs. Trellix Endpoint Security
Find out what your peers are saying about Elastic Security vs. Trellix Endpoint Security and other solutions. Updated: May 2024.
DOWNLOAD NOW
787,061 professionals have used our research since 2012.
See our Elastic Security vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.