Elastic Security vs Open EDR comparison

Elastic Security

Read 60 Elastic Security reviews

5,149 Views
4,191 Comparison Views

85% willing to recommend

Open EDR

Read 1 Open EDR review

1,993 Views
830 Comparison Views

100% willing to recommend

Elastic Security

Open EDR

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Elastic Security and Open EDR based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR).

To learn more, read our detailed Endpoint Detection and Response (EDR) Report (Updated: July 2024).

Buyer's Guide

Endpoint Detection and Response (EDR)

July 2024

Download the complete report

Helped 793,295 peers since 2012

Categories and Ranking

Elastic Security

Ranking in Endpoint Detection and Response (EDR)

16th

Average Rating

7.6

Number of Reviews

Ranking in other categories

Log Management (5th), Security Information and Event Management (SIEM) (5th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (7th)

Open EDR

Ranking in Endpoint Detection and Response (EDR)

46th

Average Rating

8.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of July 2024, in the Endpoint Detection and Response (EDR) category, the mindshare of Elastic Security is 3.6%, up from 2.2% compared to the previous year. The mindshare of Open EDR is 1.1%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR)

Unique Categories:

Log Management

4.5%

Security Information and Event Management (SIEM)

7.2%

No other categories found

Featured Reviews

Matthew DeGrandis

System Administrator at a financial services firm with 11-50 employees

Mar 9, 2023

It's helpful for looking at multiple data sources to find find patterns or anomalies

We primarily use Elastic Security as a log aggregator, so we use it like a SIEM. It ingests all our logs and reports on them in aggregate We've used Elastic Security to solve some challenges involving various data sources. Things were being logged, but they were scattered around the organization.…

Read full review

Timothy Muriithi

Chief Information Officer at a tech consulting company with 51-200 employees

Feb 8, 2023

I also like the ability to remotely manage update packages on your systems, and the fact that there is an open source version

I'm personally reviewing Xcitium Open EDR. We haven't started selling it as a solution to other people. The client is on-prem, but they also have a cloud-based EDR OpenEDR includes a firewall and antivirus in one solution. I also like the ability to remotely manage update packages on your…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."

"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."

"Elastic is straightforward, easy to integrate, and highly customizable."

"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."

"The most valuable feature is the speed, as it responds in a very short time."

"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."

"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."

"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."

More Elastic Security pros

"Comodo includes a firewall and antivirus in one solution. I also like the ability to remotely manage update packages on your systems. Comodo can even find a lost device and secure it remotely."

Cons

"Their visuals and graphs need to be better."

"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."

"We'd like to see some more artificial intelligence capabilities."

"Elastic Security could improve the documentation. It would help if they were more simple and clean."

"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."

"The interface could be more user friendly because it is sometimes hard to deal with."

"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."

"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."

More Elastic Security cons

"Comodo includes a firewall and antivirus in one solution. I also like the ability to remotely manage update packages on your systems. Comodo can even find a lost device and secure it remotely."

Pricing and Cost Advice

"I can say that the product is cheaply priced."

"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."

"The solution is free."

"The product offers an amazing pricing structure. Price-wise, the product is very competitive."

"Compared to other products such as Dynatrace, this is one of the cheaper options."

"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."

"Affordable but with additional costs"

"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."

More Elastic Security pricing and cost advice

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

793,295 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

18%

Financial Services Firm

10%

Government

10%

University

Computer Software Company

17%

Government

11%

Retailer

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...

See all answers

What do you like most about Elastic Security?

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...

See all answers

What is your experience regarding pricing and costs for Elastic Security?

The solution is not expensive and costs around ten dollars a month.

See all answers

What do you like most about Open EDR?

Comodo includes a firewall and antivirus in one solution. I also like the ability to remotely manage update packages on your systems. Comodo can even find a lost device and secure it remotely.

See all answers

What is your experience regarding pricing and costs for Open EDR?

I'm currently trying the free version.

See all answers

What needs improvement with Open EDR?

OpenEDR could be easier to deploy on mobile devices.

See all answers

Comparisons

Wazuh vs Elastic Security

Compared 38% of the time

Splunk Enterprise Security vs Elastic Security

Compared 8% of the time

Microsoft Sentinel vs Elastic Security

Compared 7% of the time

IBM Security QRadar vs Elastic Security

Compared 6% of the time

CrowdStrike Falcon vs Elastic Security

Compared 6% of the time

More Elastic Security Competitors

Trellix Endpoint Security (ENS) vs Open EDR

Compared 18% of the time

Microsoft Defender for Endpoint vs Open EDR

Compared 14% of the time

SentinelOne Singularity Complete vs Open EDR

Compared 11% of the time

CrowdStrike Falcon vs Open EDR

Compared 11% of the time

Trend Vision One Endpoint Security vs Open EDR

Compared 8% of the time

More Open EDR Competitors

Product Reports

Buyer's Guide

Elastic Security

July 2024

Download Elastic Security product report

Buyer's Guide

Endpoint Detection and Response (EDR)

July 2024

Download Open EDR product report

Also Known As

Elastic SIEM, ELK Logstash

No data available

Learn More

Elastic

Video not available

Xcitium

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Open EDR® is a sophisticated, free, open source endpoint detection and response solution. It provides analytic detection with Mitre ATT&CK visibility for event correlation and root cause analysis of adversarial threat activity and behaviors in real time. This world-class endpoint telemetry platform is available to all cyber-security professionals, and every sized organization, to defend against threat actors and cyber criminals.

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Information Not Available

Buyer's Guide

Endpoint Detection and Response (EDR)

July 2024

Download Free Report

Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR). Updated: July 2024.

DOWNLOAD NOW

793,295 professionals have used our research since 2012.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.