No more typing reviews! Try our Samantha, our new voice AI agent.

Datto Endpoint Detection and Response (EDR) vs Elastic Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Datto Endpoint Detection an...
Ranking in Endpoint Detection and Response (EDR)
48th
Average Rating
7.6
Reviews Sentiment
7.0
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Elastic Security
Ranking in Endpoint Detection and Response (EDR)
15th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
66
Ranking in other categories
Log Management (11th), Security Information and Event Management (SIEM) (7th), Security Orchestration Automation and Response (SOAR) (10th), Extended Detection and Response (XDR) (12th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Datto Endpoint Detection and Response (EDR) is 1.2%, down from 2.0% compared to the previous year. The mindshare of Elastic Security is 2.3%, up from 2.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Elastic Security2.3%
Datto Endpoint Detection and Response (EDR)1.2%
Other92.9%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
reviewer2406663 - PeerSpot reviewer
Director at a computer software company with 11-50 employees
Effective risk response, easy deployment, and enhanced security
They use Datto EDR as part of the solutions that we supply Datto EDR has helped reduce overall security incident costs by fifteen percent. The ease of deployment has been good, and the responsiveness of the application to risks has been quite effective. The inclusion of web filtering would be…
Laurentiu Popescu - PeerSpot reviewer
Chief Product Officer at ClusterPower
Has improved threat detection with deep log analysis and streamlined investigation workflows
The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cortex XDR by Palo Alto Networks's ability to block sophisticated threats in real time is quite good and is on par with SentinelOne's."
"Cortex XDR by Palo Alto Networks is specifically designed to prevent zero-day attacks and is part of an ecosystem of Palo Alto, providing customers with a long-term vision to modify and redesign how security is applied in their company."
"From the Palo Alto side, whatever they buy, they integrate that really well into their integration suite, and that makes a massive difference."
"Palo Alto is one of the tech vendors that always provides top-of-the-line products."
"When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud."
"The product's initial setup phase is very easy."
"WildFire AI is the best option for this product."
"It is easy to use."
"The ease of deployment has been good."
"The most valuable feature of Datto EDR is the visibility of the endpoints."
"The insight that the solution provides is the most valuable aspect. The security scanning they do is excellent."
"Datto Endpoint Detection and Response is a perfect product for endpoint security."
"I would advise others to use this solution as it is relatively low cost and the implementation is quick, giving you results faster."
"The most valuable feature is the machine learning capability."
"The intelligence of the system has been very impressive; it's pretty accurate and gives you good details to create an intelligence report and present that to your C-level management."
"It's very stable and reliable."
"The solution is free."
"Overall, this product does what it is supposed to do, although there is always room for improvement."
"The stability of the solution is good."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
 

Cons

"Managing the product should be easier."
"I have run into some detection issues with Cortex XDR. It needs to be better at detection of internal attacks."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"For working with the solution, you only really need a web browser, however, we've found that working on Chrome, for example, is horrible."
"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."
"Additionally, I think the price is very high, and if it can be adjusted, I believe it will be a very good solution."
"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."
"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
"The deployment of the solution right now is terrible. We find it to be very bad. It could be improved enormously."
"The solution could improve by having more deployment methods."
"The solution should allow the automation of playbooks."
"The inclusion of web filtering would be good."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"Email notification should be done the same way as Logentries does it."
"Configuring the server is difficult and can be improved."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"Elastic Security consumes a lot of resources, requiring a substantial deployment setup."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"Sometimes, the solution isn't the easiest to use."
 

Pricing and Cost Advice

"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"I feel it is fairly priced."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"The pricing is a little bit on the expensive side."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"The price is on the higher side, but it's okay."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"Datto Endpoint Detection and Response is not an expensive solution."
"There is an annual license to use this solution. The price of the solution can be expensive depending on the company."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"There is no charge for using the open-source version."
"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"When compared to other products, the price is average or on the low side."
"Elastic Security is free to use."
"I can say that the product is cheaply priced."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Comms Service Provider
13%
Computer Software Company
9%
Manufacturing Company
8%
Retailer
7%
Comms Service Provider
9%
Financial Services Firm
9%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise12
Large Enterprise15
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Infocyte HUNT?
The price is quite low. On a scale of one to ten, I would rate it a four, meaning it is quite cheap.
What needs improvement with Infocyte HUNT?
The inclusion of web filtering would be good.
What is your primary use case for Infocyte HUNT?
They use Datto EDR as part of the solutions that we supply.
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several time...
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
What needs improvement with Elastic Security?
I do not have any specific recommendations for improvements in Elastic Security, but I feel that the AI module should...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Infocyte HUNT
Elastic SIEM, ELK Logstash
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Check Point Software, PwC, Grant Thornton, AT&T, DHL, U.S. Department of Defense
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Find out what your peers are saying about Datto Endpoint Detection and Response (EDR) vs. Elastic Security and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.