We performed a comparison between Elastic Security and Forescout Platform based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"The product is very easy to use."
"The integration between all the Defender products is the most valuable feature."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"The most valuable feature for me is Discover."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"It's very stable and reliable."
"The most valuable features of Elastic Security are it is open-source and provides a high level of security."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"The visibility is the main benefit. We now know how many devices are connected, what the use for each device is and what kind of devices we have in our environment."
"The threat prevention feature provides complete visibility."
"The most valuable feature is the ease of deployment, which does not require the use of an agent."
"The most valuable feature is the blocking of USB devices."
"The interface is easy to use."
"The most valuable features of ForeScout is the fact that it can do network access control either with 802.1x or without 802.1x."
"Forescout Platform's most valuable features are that it is very granular. We are able to cull out a lot of information about our particular device or endpoint. The configuration and the visibility are very seamless. Overall the solution is very easy to handle and it's very comprehensive."
"The standout strength of this solution lies in its unique capability to effectively manage unmanaged switches."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"Advanced attacks could use an improvement."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"Their visuals and graphs need to be better."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"The solution could always improve by adding more features to make it more robust."
"Forescout Platform's technical support is slow to respond and could be more knowledgeable."
"Forescout needs to improve its cloud management and remote connectivity."
"The fact that Forescout Platform doesn't have a presence in the South African region is a weakness because of which you can't ask for help from them if you have any problems."
"Forescout Platform could improve the vulnerability management as well as the control on the endpoint, which needs to be connected to my network."
"Initially, the implementation of the Forescout Platform took some time to figure out. The reason is we are a manufacturing unit and we have certain silos that are insulated areas where certain systems will not connect to the internet or to the LAN. Since there are many parts of it, we have to have an inclusive view of all those systems. It took a while for us to initially implement, but after a few months, everything worked well."
"We have found that the agent-based authentication, available within this solution could be improved."
"As a product, there is nothing to complain about. However, they should improve their overall support. You need that level of knowledge, that level of information is clearly not available. First and foremost, that information is not accessible. The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service."
Elastic Security is ranked 7th in Extended Detection and Response (XDR) with 58 reviews while Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews. Elastic Security is rated 7.6, while Forescout Platform is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.