No more typing reviews! Try our Samantha, our new voice AI agent.

CompassOne by Blackpoint Cyber vs Elastic Security comparison

Blackpoint Cyber and Elastic are both solutions in the Security Information and Event Management (SIEM) category. Blackpoint Cyber is ranked #40 with an average rating of 9.5, while Elastic is ranked #5 with an average rating of 8.5. Additionally, 100% of Blackpoint Cyber users are willing to recommend the solution, compared to 86% of Elastic users who would recommend it.
Sponsored
Cortex XDR by Palo Alto Net...
Read 108 Cortex XDR by Palo Alto Networks reviews
  • 14,649 Views
  • 6,006 Comparison Views
96% willing to recommend
CompassOne by Blackpoint Cyber
Read 5 CompassOne by Blackpoint Cyber reviews
  • 2,972 Views
  • 416 Comparison Views
100% willing to recommend
Elastic Security
Read 66 Elastic Security reviews
  • 11,636 Views
  • 7,098 Comparison Views
86% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 15, 2026

Elastic Security and CompassOne by Blackpoint Cyber are competitors in the cybersecurity sector, offering unique strengths. While Elastic Security is favored for its cost-effectiveness and customer service, CompassOne excels with its robust features, positioning it as a valuable investment.

Features: Elastic Security provides customizable dashboards, advanced threat detection, and strong analytics. CompassOne, on the other hand, offers automated response, continuous monitoring, and proactive defense features, enhancing its overall security capabilities.

Room for Improvement: Elastic Security could improve on integrating more automated responses, enhancing its continuous monitoring, and developing further proactive defense mechanisms. CompassOne may benefit from simplifying its user interface, reducing deployment complexity, and expanding its analytics capabilities.

Ease of Deployment and Customer Service: Elastic Security is known for its easy installation and prompt support, ensuring smooth integration. CompassOne, while having a more complex setup initially, compensates with comprehensive support that alleviates deployment challenges.

Pricing and ROI: Elastic Security offers competitive initial costs with a substantial ROI, thanks to its scalable infrastructure. CompassOne, despite higher pricing, justifies its cost through significant ROI driven by its advanced security features and effective threat mitigation.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed CompassOne by Blackpoint Cyber vs. Elastic Security Report (Updated: March 2026).
Buyer's Guide
CompassOne by Blackpoint Cyber vs. Elastic Security
March 2026
Download the complete report
Helped 885,376 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
7th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
108
Ranking in other categories
Endpoint Protection Platform (EPP) (5th), Extended Detection and Response (XDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
CompassOne by Blackpoint Cyber
Ranking in Endpoint Detection and Response (EDR)
35th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
Security Information and Event Management (SIEM) (40th), Vulnerability Management (44th), Application Control (10th), Managed Detection and Response (MDR) (10th)
Elastic Security
Ranking in Endpoint Detection and Response (EDR)
15th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
66
Ranking in other categories
Log Management (9th), Security Information and Event Management (SIEM) (5th), Security Orchestration Automation and Response (SOAR) (7th), Extended Detection and Response (XDR) (8th)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
ABHISHEK_SINGH
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Read full review
Gary Herbstman - PeerSpot reviewer
Gary Herbstman
Owner at Byte Solutions Inc.
Experienced reduced alert fatigue with streamlined notifications
We use Blackpoint Cyber MDR for our higher-end clients who need a higher level of control over security I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real. This feature ensures that I am notified only…
Read full review
Laurentiu Popescu - PeerSpot reviewer
Laurentiu Popescu
Chief Product Officer at ClusterPower
Has improved threat detection with deep log analysis and streamlined investigation workflows
The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Palo Alto is the best security solution in the market."
"The solution helps find bugs, and it is safe to use to prevent attacks by hackers."
"It blocks malicious files, prevents attacks, and doesn't require many updates because it is a very light application."
"It collects and caches and the knowledge of machine learning from different customers to take to the cloud, it makes it better to use for everybody, it allows for quick learning and updates and can, therefore, offer zero-day malware security, and this sharing of metadata helps make the solution very safe."
"Has great threat detection capabilities."
"Automation and playbooks have helped me significantly, as Cortex Xnor's playbooks predefine the workflow of the automation, such as response processes, alert triggering, and enriching the context, efficiently detecting and blocking malicious attacks with firewalls while eliminating workload and speeding responses for next-generation operations."
"The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that."
"From the Palo Alto side, whatever they buy, they integrate that really well into their integration suite, and that makes a massive difference."
More Cortex XDR by Palo Alto Networks pros
"The solution also watches over Microsoft 365 and keeps a copy of logs."
"Their SOC is phenomenal in not monitoring and responding and taking action."
"The solution is all encompassing and can incorporate email monitoring."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
"On a scale from one to ten, I would rate the overall solution as a ten."
"On my end, the most valuable feature of this solution is that I can install it and forget about it. After that, their SOC team takes over and they only call me when there's a problem."
"The most valuable features of Elastic Security are it is open-source and provides a high level of security."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"Its flexibility is most valuable; we can have a number of scenarios, and we can get logs from anything, and if we know how to use Logstash, we can tweak it in many ways, which makes the logging search on Elastic very easy."
"It's simple and easy to use."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"I would advise others to use this solution as it is relatively low cost and the implementation is quick, giving you results faster."
More Elastic Security pros
 

Cons

"The encryption is not up to the mark."
"It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system."
"Based on our experience so far, its implementation is quite complex."
"Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied."
"There is also no recovery feature; if some endpoint is under attack there must be the possibility of recovering it or restoring it to a normal state."
"The dashboard could use some significant improvement, just making it more useful with more information. It has a limited amount of information right now. It is customizable, but I'd love to see a better out-of-box dashboard."
"There are some default policies which sometimes affect our applications and cause them to run around."
"Product might have some bugs."
More Cortex XDR by Palo Alto Networks cons
"The solution does not tie into other EDR products like CyberArk or CrowdStrike but that might be more useful."
"The interface could be more intuitive. More transparency is needed in the interface as a lot of details are hidden behind the scenes, making them difficult or impossible to access."
"The interface could be more intuitive."
"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"The feature we keep asking for is a vulnerability scan."
"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"Some texts seem to report items as normal too quickly."
"The solution should generate an automatic product that integrates with ELK Stack to use artificial intelligence."
"The signature security needs improvement."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"This solution is very hard to implement."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
More Elastic Security cons
 

Pricing and Cost Advice

"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"I don't like that they have different types of licenses."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"Its pricing is kind of in line with its competitors and everybody else out there."
"Cortex XDR's pricing is ok."
"The price is on the higher side, but it's okay."
"Every customer has to pay for a license because it doesn't work with what you get from a managed services provider."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"The pricing is in line with other products."
"The pricing is reasonable."
"The solution is free."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"The solution is not expensive and costs around ten dollars a month."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"We are using the free, open-source version of this solution."
"There is no charge for using the open-source version."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"When compared to other products, the price is average or on the low side."
More Elastic Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
885,376 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
13%
Manufacturing Company
8%
Computer Software Company
8%
Financial Services Firm
8%
Computer Software Company
12%
Retailer
7%
Healthcare Company
7%
Outsourcing Company
7%
Computer Software Company
10%
Government
9%
Comms Service Provider
9%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise47
No data available
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise11
Large Enterprise15
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
See all answers
What is your experience regarding pricing and costs for Blackpoint Cyber MDR?
The pricing is great considering what we are receiving.
See all answers
What needs improvement with Blackpoint Cyber MDR?
While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a b...
See all answers
What is your primary use case for Blackpoint Cyber MDR?
The solution serves as a baseline security offering. We have implemented it for every client that we do business with.
See all answers
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several time...
See all answers
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it con...
See all answers
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 9% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Compared 3% of the time
More Cortex XDR by Palo Alto Networks Competitors
Huntress Managed EDR vs CompassOne by Blackpoint Cyber Logo
Huntress Managed EDR vs CompassOne by Blackpoint Cyber
Compared 16% of the time
SentinelOne Wayfinder Managed Detection & Response vs CompassOne by Blackpoint Cyber Logo
SentinelOne Wayfinder Managed Detection & Response vs CompassOne by Blackpoint Cyber
Compared 7% of the time
CrowdStrike Falcon Complete MDR vs CompassOne by Blackpoint Cyber Logo
CrowdStrike Falcon Complete MDR vs CompassOne by Blackpoint Cyber
Compared 6% of the time
Adlumin Security Operations vs CompassOne by Blackpoint Cyber Logo
Adlumin Security Operations vs CompassOne by Blackpoint Cyber
Compared 6% of the time
Arctic Wolf Managed Detection and Response vs CompassOne by Blackpoint Cyber Logo
Arctic Wolf Managed Detection and Response vs CompassOne by Blackpoint Cyber
Compared 4% of the time
More CompassOne by Blackpoint Cyber Competitors
Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Compared 8% of the time
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
Compared 5% of the time
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Compared 5% of the time
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Compared 4% of the time
Microsoft Defender for Endpoint vs Elastic Security Logo
Microsoft Defender for Endpoint vs Elastic Security
Compared 3% of the time
More Elastic Security Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2026
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Managed Detection and Response (MDR)
February 2026
CompassOne by Blackpoint Cyber reportDownload CompassOne by Blackpoint Cyber product report
Buyer's Guide
Elastic Security
March 2026
Elastic Security reportDownload Elastic Security product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Blackpoint Cyber Managed Detection + Response, Blackpoint Cyber Managed Detection and Response
Elastic SIEM, ELK Logstash
 

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?
  • Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
  • Multi-layered Security: Combines various security measures for comprehensive protection.
  • Endpoint Protection: Safeguards against malware and exploits.
  • Behavioral Analysis: Monitors suspicious activity for early detection.
  • Automatic Threat Response: Automates responses to neutralize threats.
What benefits should users expect?
  • Ease of Use: Simplifies security management with intuitive design.
  • Resource Efficiency: Minimizes impact on system resources.
  • Integration Capabilities: Works well with existing security setups.
  • Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

CompassOne by Blackpoint Cyber delivers comprehensive MDR capabilities, offering SLA-driven alert notifications, in-depth network discovery, and Microsoft 365 log preservation. Its SOC team efficiently manages monitoring tasks, ensuring genuine threats are prioritized and distractions minimized.

CompassOne enhances cybersecurity by offering email monitoring, app control, and effective threat identification, preventing incidents like a compromised device affecting corporate networks. While prompt in threat reporting, a need exists for detailed analysis and vulnerability scanning. Users seek integration with platforms such as CyberArk and CrowdStrike and support for Linux systems. The platform strengthens security through alert monitoring, virus prevention, account takeover prevention, and establishing a security baseline for both organizational and lab environments, with up to half of an organization's staff utilizing it and expansion plans in progress.

What are the key features of CompassOne?
  • SLA Notifications: Provides timely alerts to ensure swift threat response.
  • Network Discovery: Offers detailed insight into local networks.
  • Microsoft 365 Log Preservation: Maintains extensive records for compliance.
  • Email Monitoring and App Control: Detects and blocks suspicious activities efficiently.
  • Threat Prioritization: Minimizes distractions by focusing on genuine threats.
What benefits should users expect from CompassOne?
  • Efficient Monitoring: Relieves teams by offloading monitoring tasks to expert SOC teams.
  • Threat Mitigation: Protects against device compromise and secures networks.
  • Comprehensive Security: Extends capabilities through email and application vigilance.
  • Strategic Deployment: Adaptable for both enterprise and lab environments.

In sectors where security monitoring is crucial, CompassOne is implemented to observe computers, servers, and Office 365 environments, mitigating risks thoughtfully and efficiently. Companies engage its robust MDR functionalities to fend off viruses and account breaches while leveraging its security implementation services for a foundational security setup.

Blackpoint Cyber
Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

  • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
  • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
  • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic
 

Sample Customers

CBI Health Group, University Honda, VakifBank
CoreRecon, Peerless Tech Solutions, Lorien Health
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Buyer's Guide
CompassOne by Blackpoint Cyber vs. Elastic Security
March 2026
Free Report: CompassOne by Blackpoint Cyber vs. Elastic Security
Find out what your peers are saying about CompassOne by Blackpoint Cyber vs. Elastic Security and other solutions. Updated: March 2026.
DOWNLOAD NOW
885,376 professionals have used our research since 2012.
See our CompassOne by Blackpoint Cyber vs. Elastic Security report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.