We performed a comparison between Elastic Security and ExtraHop Reveal(x) 360 based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."The unified view of the threat landscape on a central dashboard is the most valuable feature."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"The integration between all the Defender products is the most valuable feature."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The most valuable feature is the machine learning capability."
"The most valuable feature is the speed, as it responds in a very short time."
"It's very stable and reliable."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"Stability-wise, I rate the solution a ten out of ten."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for network security and management."
"It is very easy to collect and handle data in ExtraHop Reveal(X) Cloud. Integration with Big Data is also easy. Many of our customers integrate it with Big Data platforms like Splunk or Elastic. It is also easy to handle and easy to understand."
"It is scalable."
"The support team is not competent or responsive."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The web filtering solution needs to be improved because currently, it is very simple."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"We should be able to use the product on devices like Apple, Linux, etc."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"Technical support could respond faster."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"We'd like to see some more artificial intelligence capabilities."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"It's a little bit of a learning curve to understand the logic of searching for things and trying to find what you're looking for in Elastic Security."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"There needs to be more support."
"They can include integration with SAP. Currently, no vendor provides network performance monitoring in the SAP market. It is a very big market. We have around 400 customers for SAP in Korea. In the USA, there are more than 10,000 customers."
"A drawback includes bucket storage limitations for payload data, necessitating timely extraction for thorough investigations."
Elastic Security is ranked 7th in Extended Detection and Response (XDR) with 58 reviews while ExtraHop Reveal(x) 360 is ranked 23rd in Extended Detection and Response (XDR) with 3 reviews. Elastic Security is rated 7.6, while ExtraHop Reveal(x) 360 is rated 8.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of ExtraHop Reveal(x) 360 writes "A competitive choice for network detection and response with exceptional user interface, ease of implementation and minimal false positives". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas ExtraHop Reveal(x) 360 is most compared with ExtraHop Reveal(x), Forescout Platform and Corelight.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
