No more typing reviews! Try our Samantha, our new voice AI agent.

Elastic Security vs Kandji comparison

Elastic and Kandji are both solutions in the Endpoint Detection and Response (EDR) category. Elastic is ranked #15 with an average rating of 8.5, while Kandji is ranked #31 with an average rating of 9.0. Elastic holds a 2.2% mindshare in EDR, compared to Kandji’s 0.5% mindshare. Additionally, 86% of Elastic users are willing to recommend the solution, compared to 100% of Kandji users who would recommend it.
Sponsored
Cortex XDR by Palo Alto Net...
Read 108 Cortex XDR by Palo Alto Networks reviews
  • 14,649 Views
  • 8,057 Comparison Views
96% willing to recommend
Elastic Security
Read 66 Elastic Security reviews
  • 11,636 Views
  • 4,189 Comparison Views
86% willing to recommend
Kandji
Read 2 Kandji reviews
  • 1,727 Views
  • 725 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Elastic Security and Kandji based on real PeerSpot user reviews.

Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Elastic Security vs. Kandji Report (Updated: March 2026).
Buyer's Guide
Elastic Security vs. Kandji
March 2026
Download the complete report
Helped 885,376 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
7th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
108
Ranking in other categories
Endpoint Protection Platform (EPP) (5th), Extended Detection and Response (XDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
Elastic Security
Ranking in Endpoint Detection and Response (EDR)
15th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
66
Ranking in other categories
Log Management (9th), Security Information and Event Management (SIEM) (5th), Security Orchestration Automation and Response (SOAR) (7th), Extended Detection and Response (XDR) (8th)
Kandji
Ranking in Endpoint Detection and Response (EDR)
31st
Average Rating
8.0
Reviews Sentiment
7.6
Number of Reviews
2
Ranking in other categories
Vulnerability Management (43rd), Mobile Device Management (MDM) (7th), Enterprise Mobility Management (EMM) (14th)
 

Mindshare comparison

As of March 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.4%, down from 4.0% compared to the previous year. The mindshare of Elastic Security is 2.2%, up from 2.2% compared to the previous year. The mindshare of Kandji is 0.5%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.4%
Elastic Security2.2%
Kandji0.5%
Other93.9%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
ABHISHEK_SINGH
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Read full review
Laurentiu Popescu - PeerSpot reviewer
Laurentiu Popescu
Chief Product Officer at ClusterPower
Has improved threat detection with deep log analysis and streamlined investigation workflows
The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.
Read full review
reviewer2795433 - PeerSpot reviewer
reviewer2795433
Cloud Ops Lead at a tech vendor with 10,001+ employees
Automated updates have strengthened security and save me time on daily device management
In my opinion, the best features Kandji offers are its UI, which is very clean and clear to use, not overly cluttered, allowing me to see the icon of all the different apps that I can install, and when I click on the little icon in my toolbar, it shows me any updates which I am able to install, making it very easy to use. The clean UI and ease of use definitely save me time, probably cutting the time in half for trying to figure out when to install updates myself, because the notifications are pushed to me, which is good since I want to keep my system up to date without interfering with my workflow. Kandji has impacted my organization positively by definitely increasing security because it notifies you when an update is ready to be installed, and if you do not install it within a reasonable time frame, it would automatically install it, which is good, and it probably has saved at least 30% of my time from manually having to look for updates since it just notifies me when the update is ready. Kandji's automatic installation feature ensures our team's compliance or security posture, as it makes sure we are up to date and all on the same version of a particular tool, which is very important for a technical IT team to avoid differences that might affect functionality.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Based on my experience, I would recommend Cortex XDR by Palo Alto Networks to other people."
"The dashboard is customizable."
"They did what they said, and this solution could apply to any scenario."
"The information the dashboard provides is very clear."
"The positive impacts I see from Cortex XDR by Palo Alto Networks include a complete 360-degree view of our security posture altogether, being a uniform platform where we are ingesting logs from multiple resources."
"The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."
"The product is very good, it has caught a lot of exploits that most products would not."
"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
More Cortex XDR by Palo Alto Networks pros
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"This solution enables us to monitor application performance from Elasticsearch and we can predict some behaviors for applications using ELK."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"All of the features on the solution are useful due to the fact that I have the full Stack, therefore I can collect and then visualize."
"ELK documentation is very good, so never needed to contact technical support."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
More Elastic Security pros
"I highly recommend Kandji to others looking into using it since I have not seen any game-breaking issues; it is highly reliable, scalable, improves security, and reduces the time individuals need to spend on system configuration for security updates."
"It's a very easy plug-and-play solution where you can just enroll the devices and choose the features you want."
 

Cons

"It takes time to scan the servers and devices."
"I would like to see improvement in the tool's user interface, particularly in the area of managing alerts and providing more reporting capabilities."
"It would be good to have a better way to search for a file within the UI."
"The dashboard could use some significant improvement, just making it more useful with more information."
"There is a severe gap in functionality between Windows, Linux, and Mac versions."
"The solution needs better reports. I think they should let the customer go in and customize the reports."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."
More Cortex XDR by Palo Alto Networks cons
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"The training that is offered for Elastic is in need of improvement because there is no depth to it."
"I want to find an automatic security system in the tool, like a SOAR solution. I am looking forward to seeing a SOAR system in the tool."
"Technical support could respond faster."
"The Integration module could be improved. It is a pain to build integration with any product."
More Elastic Security cons
"Kandji should give open customization."
 

Pricing and Cost Advice

"I don't recall what the cost was, but it wasn't really that expensive."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"I don't like that they have different types of licenses."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."
"The price was fine."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"The solution is not expensive and costs around ten dollars a month."
"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."
"Compared to other tools, Elastic Security is a cheaper solution."
"Affordable but with additional costs"
"We are using the free, open-source version of this solution."
"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
More Elastic Security pricing and cost advice
"Users have to pay a yearly licensing fee for Kandji, which is expensive."
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
885,376 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
13%
Manufacturing Company
8%
Computer Software Company
8%
Financial Services Firm
8%
Computer Software Company
10%
Government
9%
Comms Service Provider
9%
Manufacturing Company
7%
Financial Services Firm
11%
Computer Software Company
11%
Manufacturing Company
10%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise47
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise11
Large Enterprise15
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
See all answers
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several time...
See all answers
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it con...
See all answers
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
See all answers
What is your experience regarding pricing and costs for Kandji?
My experience with pricing, setup cost, and licensing is that their pricing structure is bucket-based, requiring lice...
See all answers
What needs improvement with Kandji?
I have not been involved in the purchase process of Kandji, but I understand it is very Apple-centric and they have v...
See all answers
What is your primary use case for Kandji?
My main use case for Kandji is that within my organization, I have a Mac as my work laptop, and Kandji is used for se...
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 9% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Compared 3% of the time
More Cortex XDR by Palo Alto Networks Competitors
Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Compared 8% of the time
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
Compared 5% of the time
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Compared 5% of the time
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Compared 4% of the time
Microsoft Defender for Endpoint vs Elastic Security Logo
Microsoft Defender for Endpoint vs Elastic Security
Compared 3% of the time
More Elastic Security Competitors
Jamf Pro vs Kandji Logo
Jamf Pro vs Kandji
Compared 20% of the time
Microsoft Intune vs Kandji Logo
Microsoft Intune vs Kandji
Compared 18% of the time
CrowdStrike Falcon vs Kandji Logo
CrowdStrike Falcon vs Kandji
Compared 14% of the time
Microsoft Defender for Endpoint vs Kandji Logo
Microsoft Defender for Endpoint vs Kandji
Compared 12% of the time
Open EDR vs Kandji Logo
Open EDR vs Kandji
Compared 6% of the time
More Kandji Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2026
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Elastic Security
March 2026
Elastic Security reportDownload Elastic Security product report
Buyer's Guide
Vulnerability Management
February 2026
Kandji reportDownload Kandji product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Elastic SIEM, ELK Logstash
No data available
 

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?
  • Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
  • Multi-layered Security: Combines various security measures for comprehensive protection.
  • Endpoint Protection: Safeguards against malware and exploits.
  • Behavioral Analysis: Monitors suspicious activity for early detection.
  • Automatic Threat Response: Automates responses to neutralize threats.
What benefits should users expect?
  • Ease of Use: Simplifies security management with intuitive design.
  • Resource Efficiency: Minimizes impact on system resources.
  • Integration Capabilities: Works well with existing security setups.
  • Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks
Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

  • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
  • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
  • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic

Kandji’s automations are a force multiplier. They free your technology team from repetitive tasks, letting you focus energy on more impactful projects. Kandji has purpose-built experiences from setup and app installs to software updates and computer restarts. It’s what your teams expect from a company with high standards. From increased efficiency to lower cost of ownership, your bottom line is our top priority.

Kandji
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Information Not Available
Buyer's Guide
Elastic Security vs. Kandji
March 2026
Free Report: Elastic Security vs. Kandji
Find out what your peers are saying about Elastic Security vs. Kandji and other solutions. Updated: March 2026.
DOWNLOAD NOW
885,376 professionals have used our research since 2012.
See our Elastic Security vs. Kandji report.
See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.