• Home
  • Elastic Security vs. Microsoft Defender XDR

Elastic Security vs Microsoft Defender XDR comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo

Fortinet FortiEDR

Read 30 Fortinet FortiEDR reviews
10,056 views|7,518 comparisons
82% willing to recommend
Elastic Logo

Elastic Security

Read 58 Elastic Security reviews
5,225 views|4,355 comparisons
86% willing to recommend
Microsoft Logo

Microsoft Defender XDR

Read 76 Microsoft Defender XDR reviews
4,384 views|3,243 comparisons
98% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Elastic Security vs. Microsoft Defender XDR
March 2024
Executive Summary

We performed a comparison between Elastic Security and Microsoft Defender XDR based on real PeerSpot user reviews.

Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Elastic Security vs. Microsoft Defender XDR Report (Updated: March 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
RafaelTorres
Valuable for remote work security and enhances endpoint protection effectively
FortiEDR excels in first-line defense for endpoints against malware, incorporating solutions for antivirus and data loss prevention, especially for... Read more →
Matthew DeGrandis
It's helpful for looking at multiple data sources to find find patterns or anomalies
We've used Elastic Security to solve some challenges involving various data sources. Things were being logged, but they were scattered around the... Read more →
Krzysztof Jóźwiak
Helps stop the lateral movement of advanced attacks, provides unified identity and access management
Microsoft Defender XDR provides unified identity and access management. Microsoft Defender XDR can extend beyond to cover more than just Microsoft... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture.""Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance.""The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers.""Forensics is a valuable feature of Fortinet FortiEDR.""This is stable and scalable.""We have FortiEDR installed on all our systems. This protects them from any threats.""It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain.""Additionally, when it comes to EDR, there are more tools available to assist with client work."

More Fortinet FortiEDR Pros →

"The solution is quite stable. The performance has been good.""The most valuable features of the solution are the prevention methods and the incident alerts.""ELK documentation is very good, so never needed to contact technical support.""One of the most valuable features of this solution is that it is more flexible than AlienVault.""We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive.""The most valuable features of Elastic Security are it is open-source and provides a high level of security.""The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for.""The stability of the solution is good."

More Elastic Security Pros →

"The most valuable features are spam filtering, attachment filtering, and antivirus protection.""The summarization of emails is a valuable feature.""I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender.""Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment.""The threat intelligence is excellent.""The EDR and the way it automatically responds to ransomware and other attacks are valuable features.""It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints.""The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."

More Microsoft Defender XDR Pros →

Cons
"Detections could be improved.""I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components.""FortiEDR can be improved by providing more detailed reporting.""The dashboard isn't easy to access and manage.""Once, we had an event that was locked and blocked, but information about it came to us two or three days later.""Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation.""The SIEM could be improved.""I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."

More Fortinet FortiEDR Cons →

"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues.""Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time.""An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot.""The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming.""There is room for improvement in the Kibana dashboard and in the asset management for the program.""The solution could also use better dashboards. They need to be more graphical, more matrix-like.""The solution does not have a UI and this is one of the reasons we are looking for another solution.""The tool should improve its scalability."

More Elastic Security Cons →

"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed.""It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console.""Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful.""The solution does not offer a unified response and standard data.""The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again.""This solution could be improved if it included features such as those offered by Malwarebytes.""What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution.""The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."

More Microsoft Defender XDR Cons →

Pricing and Cost Advice
  • "I know it is tough to get big budget additions up front, but I highly recommend deploying environment wide and adding the forensic service."
  • "There are no issues with the pricing."
  • "The price is comprable to other endpoint security solutions."
  • "The pricing is typical for enterprises and fairly priced."
  • "I'm not familiar with pricing, but it looks a bit costly compared to other vendors I think."
  • "The pricing is good."
  • "I would rate the solution's pricing an eight out of ten."
  • "The hardware costs about €100,000 and about €20,000 annually for access."

    • More Fortinet FortiEDR Pricing and Cost Advice →

  • "We use the open-source version, so there is no charge for this solution."
  • "We are using the free, open-source version of this solution."
  • "Elastic Stack is an open-source tool. You don't have to pay anything for the components."
  • "There is no charge for using the open-source version."
  • "This is an open-source product, so there are no costs."
  • "It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
  • "It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
  • "Compared to other products such as Dynatrace, this is one of the cheaper options."

    • More Elastic Security Pricing and Cost Advice →

  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What's the difference between Fortinet's FortiEDR and FortiClient?
    Top Answer:I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protection… more »
    What do you like most about Fortinet FortiEDR?
    Top Answer: Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team… more »
    Read all 22 answers   →
    What is your experience regarding pricing and costs for Fortinet FortiEDR?
    Top Answer:The pricing is significantly high. The implementation of this solution required us to allocate additional funds beyond… more »
    Read all 15 answers   →
    Datadog vs ELK: which one is good in terms of performance, cost and effic...
    Top Answer:With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times… more »
    Read all 7 answers   →
    What do you like most about Elastic Security?
    Top Answer:It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.
    Read all 26 answers   →
    What is your experience regarding pricing and costs for Elastic Security?
    Top Answer:The product offers an amazing pricing structure. Price-wise, the product is very competitive.
    Read all 18 answers   →
    What do you like most about Microsoft 365 Defender?
    Top Answer:I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an… more »
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment.
    Read all 29 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:Defender XDR has good threat visibility, but it could be better in some areas, like when we are hunting for a specific… more »
    Read all 37 answers   →
    Comparisons
    Also Known As
    enSilo, FortiEDR
    Elastic SIEM, ELK Logstash
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Learn More
    Fortinet
    Elastic
    Microsoft
    Overview

    Fortinet FortiEDR is a real-time endpoint protection, detection, and automated response solution. Its primary purpose is to detect advanced threats to stop breaches and ransomware damage. It is designed to do so in real time, even on an already compromised device, allowing you to respond and remediate incidents automatically so your data can remain protected.

    Fortinet FortiEDR Features

    Fortinet FortiEDR has many valuable key features, including:

    • Easily customizable
    • Real-time proactive risk mitigation & IoT security
    • Pre-infection protection
    • Post-infection protection
    • Track applications and ratings
    • Reduce the attack surface with risk-based proactive policies
    • Achieve analysis of entire log history
    • Optional managed detection and response (MDR) service

    Fortinet FortiEDR Benefits

    Some of the key benefits of using Fortinet FortiEDR include:

    • Protection: Fortinet FortiEDR provides proactive, real-time, automated endpoint protection with the orchestrated incident response across platforms. It stops the breach with real-time postinfection blocking to protect data from exfiltration and ransomware encryption.

    • Single unified console: Fortinet FortiEDR has a single unified console with an intuitive interface, which makes management easier. The solution automates mundane endpoint security tasks so your employees don’t need to do it.

    • Cost savings: With Fortinet FortiEDR you can eliminate post-breach operational expenses and breach damage costs.

    • Flexibility: Fortinet FortiEDR can be deployed on premises or on a secure cloud instance. With Fortinet FortiEDR, endpoints are protected both on- and off-line.

    • Scalability: Because Fortinet can be deployed quickly and has a small footprint, it is easy to scale up to protect hundreds of thousand endpoints.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Fortinet FortiEDR users.

    An Owner at a security firm says, "The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers. The customer has literally about 800 cash registers. That was the use case for Fortinet FortiEDR - to get that down into a tiny space. The only way to do that was to use this product because it had that ability to unbundle services that were a surplus.”

    Chandan M., Chief Technical Officer at Provision Technologies LLP, mentions, “The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration.” He also adds, “The security is also very good and the firewall response is good.”

    Harpreet S., Information Technology Support Specialist at Chemtrade Logistics, explains, "It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."

    DeAndre V., Senior Network Administrator at a financial services firm, states, “The dashboard is easy to follow and use. The deployment and uninstalling were easy. I like the detailed information about the path of a file that might be suspicious. Being able to check that out was easy to follow. Exceptions are easy to create and the interface is easy to follow with a nice appearance.

    Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


    Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

    Additional offerings and benefits:

    • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
    • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
    • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

    Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Sample Customers
    Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ... 
    Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    Top Industries
    REVIEWERS
    Financial Services Firm21%
    Comms Service Provider11%
    Manufacturing Company11%
    Pharma/Biotech Company5%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Government8%
    Manufacturing Company8%
    Financial Services Firm8%
    REVIEWERS
    Financial Services Firm29%
    Computer Software Company25%
    Healthcare Company13%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Comms Service Provider7%
    REVIEWERS
    Manufacturing Company19%
    Computer Software Company14%
    Financial Services Firm11%
    Government11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business50%
    Midsize Enterprise16%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business31%
    Midsize Enterprise19%
    Large Enterprise50%
    REVIEWERS
    Small Business60%
    Midsize Enterprise18%
    Large Enterprise23%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business44%
    Midsize Enterprise23%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    Buyer's Guide
    Elastic Security vs. Microsoft Defender XDR
    March 2024
    Free Report: Elastic Security vs. Microsoft Defender XDR
    Find out what your peers are saying about Elastic Security vs. Microsoft Defender XDR and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews while Microsoft Defender XDR is ranked 8th in Endpoint Detection and Response (EDR) with 76 reviews. Elastic Security is rated 7.6, while Microsoft Defender XDR is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Secureworks Taegis XDR. See our Elastic Security vs. Microsoft Defender XDR report.

    See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.

    We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.