We performed a comparison between CrowdStrike Falcon and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two EDR (Endpoint Detection and Response) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product is very easy to use."
"The summarization of emails is a valuable feature."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"Microsoft 365 Defender is a good solution and easy to use."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"The anomaly detection is the most valuable feature."
"CrowdStrike Falcon's most valuable feature is the fact that it's not getting in the way of our workforce and their workflow."
"The solution can scale easily."
"The most valuable features are the complete IPS and IDS."
"There are two things which customers really like about CrowdStrike. If they buy managed services from CrowdStrike, it offers them detection of security issues in one minute. If you buy their professional services, they offer insurance where you can claim up to $5 million if there's a breach. This is a huge upsell for customers."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"At this point what is most valuable is the interface, which is easy to navigate."
"The most valuable features of CrowdStrike Falcon are the AI in detecting and real-time detections."
"The most valuable feature is the speed, as it responds in a very short time."
"It's very stable and reliable."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"The performance is good and it is faster than IBM QRadar."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"Elastic Security is very easy to adapt."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"There could be a way to proactively monitor unusual activity ."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"Intrusion detection and prevention would be great to have with 365 Defender."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products."
"They should provide us with good visibility for everything."
"The dashboard area must be improved. We have integration with Splunk, and we are creating a dashboard there. Their dashboard area must be up to date. It should have more details and more options to create the reports and things like that."
"On the firewall management side, there should be more granularity. There should also be more granularity for device control. Everything else is brilliant."
"It does take more time to scan than other solutions."
"Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices."
"Falcon could include more integrative features."
"Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"The training that is offered for Elastic is in need of improvement because there is no depth to it."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
CrowdStrike Falcon is ranked 3rd in EDR (Endpoint Detection and Response) with 101 reviews while Elastic Security is ranked 15th in EDR (Endpoint Detection and Response) with 58 reviews. CrowdStrike Falcon is rated 8.6, while Elastic Security is rated 7.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Fortinet FortiEDR, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, Microsoft Defender for Endpoint and AlienVault OSSIM. See our CrowdStrike Falcon vs. Elastic Security report.
See our list of best EDR (Endpoint Detection and Response) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.