We performed a comparison between Elastic Security and Trellix Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"It's open-source and free to use."
"The most valuable feature is the machine learning capability."
"It's not very complicated to install Elastic."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"It's very stable and reliable."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"The user behavioral analysis feature is great."
"The solution is stable."
"The primary reason the solution is good is because of its ease-of-use."
"The package of protection that it provides is useful. It has antivirus, malware protection, VPN, and a whole bunch of other features."
"It provides a lot of information and great visibility, with really great options for managing the environment."
"Automatic user recovery prior to Windows booting up."
"The product is fairly reliable."
"The initial setup of Trellix Endpoint Security was straightforward."
"Advanced attacks could use an improvement."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"I would like more ways to manage permissions and restrict access to certain users."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"The solution's query building is not that intuitive compared to other solutions."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"The solution has problematic encryption, which needs reforming."
"The solution's documentation is not streamlined and is in bits and pieces, which should be in a single format."
"The management console is a little bit difficult to understand for admins. You need a lot of time in order to become familiar with that. It is a little bit complicated and not too easy to understand. Its price can also be improved. Its price is higher than its competitors. McAfee also needs to have better cloud integration and more data centers in the EU. The cloud center should be in Europe or in Germany. In Germany, it is really important to have access to your data within the same country. Customer data needs to be placed and processed in the same country."
"An area of improvement for this solution is to make it easier to manage."
"Trellix lacked email protection when it was a McAfee product. They added this feature during the merger with FireEye, but it hasn't been fully integrated. The core features will be integrated into the next release. FireEye has several solutions for EDR and sandboxing."
"We have a lot of problems with the user experience and it's difficult to implement. MacAfee's better than the ancient anti-virus solutions but it's a little slow to resolve. Many files with malware were destroyed through the network, and MacAfee doesn't detect anything."
"I would like to see more integration with third-party products."
"The solution needs to offer better local technical support."
Elastic Security is ranked 7th in Extended Detection and Response (XDR) with 58 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 94 reviews. Elastic Security is rated 7.6, while Trellix Endpoint Security is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Elastic Security vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.