• Home
  • Elastic Security vs. RSA enVision

Elastic Security vs RSA enVision comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews
32,763 views|18,195 comparisons
92% willing to recommend
Elastic Logo

Elastic Security

Read 58 Elastic Security reviews
15,439 views|12,697 comparisons
86% willing to recommend
RSA Logo

RSA enVision

Read 5 RSA enVision reviews
852 views|692 comparisons
80% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Security Information and Event Management (SIEM)
April 2024
Executive Summary

We performed a comparison between Elastic Security and RSA enVision based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM).
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: April 2024).
Download the complete report
769,065 professionals have used our research since 2012.
Featured Review
Anonymous User
Easy to integrate, offers good documentation, and the setup is simple
The main benefit is the ease of integration. Having a cloud-based SIEM means scalability. We also received very good support and documentation from... Read more →
Don Jarmon
A stable and scalable tool that provides visibility along with the consolidation of logs to its users
Elastic Security has allowed my organization to have visibility with the consolidation of the logs while also providing it the ability to be able... Read more →
Anonymous User
Though the solution offers good technical support, it needs to be made more user-friendly
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer.""The initial setup is very simple and straightforward.""The solution offers a lot of data on events. It helps us create specific detection strategies.""The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going.""Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises.""The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system.""We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility.""I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."

More Microsoft Sentinel Pros →

"The most valuable feature is the machine learning capability.""It's very stable and reliable.""I like the indexing of the logs.""I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users.""Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy.""ELK documentation is very good, so never needed to contact technical support.""The most valuable feature is the ability to collect authentication information from service providers.""The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."

More Elastic Security Pros →

"The most valuable feature of this solution is the reporting.""The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten.""The most valuable feature is the management features. It's capable of managing large enterprises."

More RSA enVision Pros →

Cons
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate.""Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes.""There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework.""Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems.""It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall.""Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider.""Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise.""If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."

More Microsoft Sentinel Cons →

"Better integration with third-party APMs would be really good.""It is difficult to anticipate and understand the space utilization, so more clarity there would be great.""The training that is offered for Elastic is in need of improvement because there is no depth to it.""This solution is very hard to implement.""I would like more ways to manage permissions and restrict access to certain users.""We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there).""There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated.""There isn't really a very good user experience. You need a lot of training."

More Elastic Security Cons →

"RSA enVision log manager is out of date and is not in use anymore.""In general, the solution currently isn't user-friendly.""The integration could be easier, it should support more products."

More RSA enVision Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

  • "We use the open-source version, so there is no charge for this solution."
  • "We are using the free, open-source version of this solution."
  • "Elastic Stack is an open-source tool. You don't have to pay anything for the components."
  • "There is no charge for using the open-source version."
  • "This is an open-source product, so there are no costs."
  • "It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
  • "It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
  • "Compared to other products such as Dynatrace, this is one of the cheaper options."

    • More Elastic Security Pricing and Cost Advice →

  • "We no longer pay a licensing fee because it is out of date and don't pay for support."
  • "On a scale of one to ten, where one is low, and ten is high price, I rate the pricing a six."

    • More RSA enVision Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    769,065 professionals have used our research since 2012.
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    Datadog vs ELK: which one is good in terms of performance, cost and effic...
    Top Answer:With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times… more »
    Read all 7 answers   →
    What do you like most about Elastic Security?
    Top Answer:It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.
    Read all 26 answers   →
    What is your experience regarding pricing and costs for Elastic Security?
    Top Answer:The product offers an amazing pricing structure. Price-wise, the product is very competitive.
    Read all 18 answers   →
    What do you like most about RSA enVision?
    Top Answer:The configuration part is very easy...The technical support was sincere in their responses...I rate the technical… more »
    Read all 3 answers   →
    What needs improvement with RSA enVision?
    Top Answer:Improvement-wise, enrichment of data and policy should be done to make it more user-friendly. Enrichment of web policy… more »
    Read all 3 answers   →
    What advice do you have for others considering RSA enVision?
    Top Answer:If you have a relatively simple IT infrastructure, you can go for RSA enVision. Structure, like a hybrid cloud or Telco… more »
    Read all 3 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    Elastic SIEM, ELK Logstash
    Learn More
    Microsoft
    Elastic
    RSA
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


    Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

    Additional offerings and benefits:

    • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
    • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
    • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

    Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

    RSA enVision is a comprehensive security information and event management (SIEM) solution offered by RSA, a leading provider of cybersecurity solutions. It enables organizations to collect, analyze, and manage security event data from various sources, providing real-time visibility into their IT infrastructure. With RSA enVision, organizations can proactively detect and respond to security incidents, ensuring the protection of critical assets and sensitive data. 

    The solution offers a wide range of features, including log management, event correlation, threat intelligence, and compliance reporting. One of the key strengths of RSA enVision is its ability to collect and normalize data from diverse sources, such as network devices, servers, applications, and databases. This allows organizations to gain a holistic view of their security posture and identify potential threats or vulnerabilities. 

    The event correlation capabilities of RSA enVision enable the detection of complex attack patterns and the identification of potential security incidents. By analyzing events in real-time and correlating them with historical data, the solution can provide actionable insights and alerts to security teams, enabling them to respond quickly and effectively. RSA enVision also offers advanced threat intelligence capabilities, leveraging machine learning and behavioral analytics to identify anomalous activities and potential indicators of compromise. This helps organizations stay ahead of emerging threats and proactively mitigate risks. 

    RSA enVision provides comprehensive compliance reporting capabilities, helping organizations meet regulatory requirements and demonstrate adherence to industry standards. The solution offers pre-built compliance reports for various regulations, such as PCI DSS, HIPAA, and GDPR, simplifying the audit process and reducing compliance-related costs. In summary, RSA enVision is a powerful SIEM solution that enables organizations to effectively manage their security events, detect and respond to threats, and meet compliance requirements. 

    With its robust features and capabilities, it provides organizations with the necessary tools to enhance their cybersecurity posture and protect their critical assets.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
    BPS (SUISSE), Hypovereinsbank Germany, MAX Hamburgers, Infoplex, Neotel, Telus
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm29%
    Computer Software Company25%
    Healthcare Company13%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Financial Services Firm13%
    Manufacturing Company10%
    Computer Software Company9%
    Energy/Utilities Company9%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    REVIEWERS
    Small Business60%
    Midsize Enterprise18%
    Large Enterprise23%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise56%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise12%
    Large Enterprise71%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    April 2024
    Download Free Report
    Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM). Updated: April 2024.
    DOWNLOAD NOW
    769,065 professionals have used our research since 2012.

    Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 58 reviews while RSA enVision is ranked 36th in Security Information and Event Management (SIEM) with 5 reviews. Elastic Security is rated 7.6, while RSA enVision is rated 6.8. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of RSA enVision writes "Though the solution offers good technical support, it needs to be made more user-friendly ". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender for Endpoint and CrowdStrike Falcon, whereas RSA enVision is most compared with NetWitness Platform, Splunk Enterprise Security and IBM Security QRadar.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.