Try our new research platform with insights from 80,000+ expert users

Corelight vs Fidelis Elevate comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 6, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Corelight
Ranking in Network Detection and Response (NDR)
19th
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
5
Ranking in other categories
Network Traffic Analysis (NTA) (6th)
Fidelis Elevate
Ranking in Network Detection and Response (NDR)
13th
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
7
Ranking in other categories
Endpoint Detection and Response (EDR) (32nd), Threat Deception Platforms (6th), SSL/TLS Decryption (2nd), Managed Detection and Response (MDR) (24th), Extended Detection and Response (XDR) (25th)
 

Mindshare comparison

As of July 2025, in the Network Detection and Response (NDR) category, the mindshare of Corelight is 4.6%, down from 5.3% compared to the previous year. The mindshare of Fidelis Elevate is 1.3%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Network Detection and Response (NDR)
 

Featured Reviews

Dan Jeske - PeerSpot reviewer
An open-source solution that gave us insight into our clients' network traffic flow
We use the solution for packet capture sampling. We offer it as part of our managed service. It's so we can identify east-west traffic on a customer's network Corelight is low-cost and made on open-source, and the code is Zeek. It's an easy way for us to get visibility in a client's environment.…
Mostafa Ameen - PeerSpot reviewer
Advanced threat detection capabilities with comprehensive incident response features providing robust cybersecurity for organizations
The initial aspect concerns two engines. The first one mentioned is available for searching behaviors directly. The second engine involves the Google Ade tool, which operates on the machine. The challenge arises when attempting to rectify protection rules, causing confusion. It would be beneficial to enhance Rigixs Query. I encounter difficulty removing certain entries in behavior or alerts; likewise, I am unable to add specific calls.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is easy to deploy and easy to handle."
"Corelight is easy to use."
"The most valuable feature is the embedded IDS from Suricata."
"It's an easy way for us to get visibility in a client's environment."
"It's easy to create additional dashboards specific to supporting specific tasks."
"It has also improved our hunt ability with quick search tools, to zone in on malware or other anomalies. It is able to link items to incidents from other consoles, and works natively with the SIEM."
"It ensures the stability of network behavior across various aspects of our network and offers responsive capabilities to address incidents promptly"
"There are many valuable features. The NDR gives very good network visibility, and the endpoint module has a great feature called "Live Connect" for remote connections. They also have "Tasks" that can be run on endpoints to gather specific information or retrieve logs."
"The initial setup is very straightforward. The deployment of the server doesn't take so long; about a day or two max."
"The solution's technical support is perfect, so I rate the technical support a ten out of ten"
"Reporting is great, it is easy to do a quick search through 45 days of data for something of interest."
"What I like the most about this solution is the complexity. It covers a lot of areas, unlike other solutions."
"It has a rating system now so you can rate things up or down, depending on your environment. This means alerting can be customized, yet still pick up anomalies."
 

Cons

"The solution’s architecture is complex and difficult to understand. There are multiple machines and VMs."
"In the next release, building a graphical user interface would be helpful."
"Corelight hasn’t added features in a long time."
"Machine learning could be a good improvement, but it's very costly."
"They can enhance the interface of the product. They can make it more interactive and also easier to use for feature access."
"Configuration, in terms of building the collector and communicating with endpoints, is complex."
"The reports in the endpoint area of Elevate can be improved."
"Fidelis Endpoint is an expensive product making it one of its shortcomings that needs improvement."
"We position the solution as an antivirus, but this part of the solution needs improvement. They need to generally enhance the features that they have, rather than adding anything new."
"There is room for improvement in email security. It's a security issue. If you're aiming for XDR, covering the entire threat landscape is crucial."
"The interface bug needs to be squashed once and for all. This has been the predominant issue with an otherwise stellar product. It reboots itself unscheduled, about once a month, due to a memory buffer flaw in the interface."
"I encounter difficulty removing certain entries in behavior or alerts; likewise, I am unable to add specific calls."
 

Pricing and Cost Advice

"It's a yearly fee and depends on what you are looking for."
"You license by the number of days of logs you need to maintain visibility for. Forty-five days is a good solid number for a company with around a 10k user base."
"It's quite expensive but we can customize it to reduce the price."
"Fidelis Endpoint is an expensive product. My company makes yearly payments toward the licensing cost of the solution."
"It's somehow expensive. From one to ten, I would rate it a five. They need to improve the prices. It's very high."
report
Use our free recommendation engine to learn which Network Detection and Response (NDR) solutions are best for your needs.
860,168 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Government
12%
Computer Software Company
12%
Manufacturing Company
8%
Financial Services Firm
21%
Computer Software Company
11%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Corelight?
It's easy to create additional dashboards specific to supporting specific tasks.
What is your experience regarding pricing and costs for Corelight?
The solution is too expensive compared to others. If you have the technical knowledge, it's good. Corelight is a very big gap between you and others if you’re new.
What do you like most about Fidelis Elevate?
It ensures the stability of network behavior across various aspects of our network and offers responsive capabilities to address incidents promptly
What is your experience regarding pricing and costs for Fidelis Elevate?
It's somehow expensive. From one to ten, I would rate it a five. They need to improve the prices. It's very high. We lose customers for price. It's not always worth it for them. Even for enterprise...
What needs improvement with Fidelis Elevate?
The initial aspect concerns two engines. The first one mentioned is available for searching behaviors directly. The second engine involves the Google Ade tool, which operates on the machine. The ch...
 

Also Known As

No data available
Fidelis Elevate Platform, Fidelis Enterprise, Fidelis Cloud, Fidelis Managed Detection and Response, Fidelis Deception, Fidelis Decryption, Fidelis Endpoint, Fidelis Network
 

Overview

 

Sample Customers

Education First
First Midwest Bank
Find out what your peers are saying about Corelight vs. Fidelis Elevate and other solutions. Updated: June 2025.
860,168 professionals have used our research since 2012.