Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Sangfor Endpoint Secure comparison

Elastic and Sangfor are both solutions in the Endpoint Detection and Response (EDR) category. Elastic is ranked #17 with an average rating of 8.0, while Sangfor is ranked #19 with an average rating of 8.2. Elastic holds a 2.4% mindshare in EDR, compared to Sangfor’s 0.7% mindshare. Additionally, 86% of Elastic users are willing to recommend the solution, compared to 100% of Sangfor users who would recommend it.
Elastic Security
Read 65 Elastic Security reviews
  • 11,035 Views
  • 3,752 Comparison Views
86% willing to recommend
Sangfor Endpoint Secure
Read 11 Sangfor Endpoint Secure reviews
  • 1,599 Views
  • 1,583 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Elastic Security and Sangfor Endpoint Secure are both prominent players in the endpoint security market. Elastic Security has the upper hand in affordability and customer support, while Sangfor Endpoint Secure stands out for its robust features and perceived value.

Features: Elastic Security offers comprehensive threat detection, real-time monitoring capabilities, and affordability. Sangfor Endpoint Secure provides an integrated platform, efficient response to threats, and extensive feature set, making it preferred for feature-rich solutions.

Room for Improvement: Elastic Security can improve scalability, integration with other security tools, and the breadth of its analytics capabilities. Sangfor Endpoint Secure could enhance reporting functionalities, reduce resource consumption, and streamline its user interface for greater accessibility.

Ease of Deployment and Customer Service: Elastic Security is known for straightforward deployment and excellent customer support. Sangfor Endpoint Secure offers a seamless deployment process but requires more initial configuration. Both provide strong customer service; however, Elastic Security generally receives higher marks for more accessible support.

Pricing and ROI: Elastic Security is favored for cost-effectiveness and solid return on investment, appealing to budget-conscious organizations. Sangfor Endpoint Secure is pricier but deemed worth the investment due to its advanced features and overall performance, yielding high user satisfaction despite the higher cost.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Elastic Security vs. Sangfor Endpoint Secure Report (Updated: September 2025).
Buyer's Guide
Elastic Security vs. Sangfor Endpoint Secure
September 2025
Download the complete report
Helped 869,760 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Endpoint Detection and Response (EDR)
17th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
65
Ranking in other categories
Log Management (11th), Security Information and Event Management (SIEM) (5th), Security Orchestration Automation and Response (SOAR) (7th), Extended Detection and Response (XDR) (9th)
Sangfor Endpoint Secure
Ranking in Endpoint Detection and Response (EDR)
19th
Average Rating
8.2
Reviews Sentiment
7.4
Number of Reviews
11
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of October 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Elastic Security is 2.4%, up from 2.1% compared to the previous year. The mindshare of Sangfor Endpoint Secure is 0.7%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Market Share Distribution
ProductMarket Share (%)
Elastic Security2.4%
Sangfor Endpoint Secure0.7%
Other96.9%
Endpoint Detection and Response (EDR)
 

Featured Reviews

SyedAli17 - PeerSpot reviewer
Centralized monitoring improves security posture through rapid data processing
The processing part of Elastic Security is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.
Read full review
Shiraz Ali - PeerSpot reviewer
Provides a unified and multi-layer security solution
I believe Sangfor Endpoint Secure could improve in terms of its user interface and management capabilities. Having a single, more user-friendly management console, like a one-window approach, would streamline the user experience and make it easier for administrators to handle security tasks more efficiently. Sangfor Endpoint Secure currently only allows one manager to control clients, and it lacks a backup system. It would be better if it supported a secondary manager for backup in case the primary one fails, ensuring uninterrupted service.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's very stable and reliable."
"Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing."
"The cost is reasonable. It's not overly pricey."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"Enables monitoring of application performance and the ability to predict behaviors."
"The solution's most valuable features are anomaly detection and connectivity reporting."
More Elastic Security pros
"Sangfor Endpoint Secure has some good policy certificates."
"The most valuable feature I have found in the system is its comprehensive end-to-end protection."
"We use the product for network protection from any malicious threat."
"The user-friendliness of Sangfor Endpoint Secure is particularly impressive. Even with basic technical knowledge, users can easily navigate the system, make changes, and implement updates."
"The product's initial setup phase was straightforward."
"It has a quick response time, threat intelligence, cybersecurity features, quick report generation, behavior analysis, dynamic detection, and quarantine features."
"I like the tool's honeypot feature. Some features include having a honeypot to detect attacks in a certain area. Additionally, there is RDP protection, which means that when we remote into our server or any endpoint, we must enter a password as a second layer of security. It can also integrate with next-generation firewalls."
"The tool's most valuable features are control access, endpoint security, and load balancing of ISPs."
More Sangfor Endpoint Secure pros
 

Cons

"I would like more ways to manage permissions and restrict access to certain users."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"Sometimes, the solution isn't the easiest to use."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"The interface could be more user friendly because it is sometimes hard to deal with."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
More Elastic Security cons
"Sometimes, the VPN is not secure and doesn't work properly in Sangfor Endpoint Secure."
"There are a few areas for improvement. We have encountered licensing issues on occasion, and sometimes updates don't apply properly."
"I face issues while migrating from Kaspersky to Sangfor Endpoint Secure."
"The interface has too many buttons, making it cluttered."
"When an issue occurs, the response time for first-level support and the time taken for meetings could be improved."
"Currently, the tool lacks reporting functionalities."
"It would be much more convenient if the migration tool could be installed directly on the customer's VMs, enabling a smoother migration process to the new infrastructure, with potential restrictions addressed accordingly."
"It is complicated to establish a tunnel due to technical issues in the VPN system."
More Sangfor Endpoint Secure cons
 

Pricing and Cost Advice

"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"This is an open-source product, so there are no costs."
"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."
"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
"Affordable but with additional costs"
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
More Elastic Security pricing and cost advice
"Sangfor Endpoint Secure's pricing is cheap. I rate it seven out of ten."
"The product is expensive compared to other vendors."
"Price-wise, Sangfor Endpoint Secure can be considered a competitively priced product in the market as it offers quite low prices compared to other solutions."
"Its "pay as you grow" model offers cost-effectiveness compared to major cloud providers."
"Sangfor Endpoint Secure is not a cheap solution."
"We were using Hyper-V. So, we switched to Sangfor because of the pricing."
"The solution is cheap. It is cheaper than other products by 15-20 percent."
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
869,760 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Government
10%
Comms Service Provider
8%
Financial Services Firm
7%
Financial Services Firm
14%
Computer Software Company
11%
Government
9%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise11
Large Enterprise14
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise3
Large Enterprise3
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
See all answers
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
See all answers
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
See all answers
What do you like most about Sangfor Endpoint Secure?
Sangfor Endpoint Secure has some good policy certificates.
See all answers
What needs improvement with Sangfor Endpoint Secure?
The interface has too many buttons, making it cluttered. It would be better if it were a simplified version with fewer buttons and a more consolidated layout.
See all answers
What is your primary use case for Sangfor Endpoint Secure?
Sangfor Endpoint Secure is easy to handle with its user-friendly interface. The four engines it utilizes for endpoint detection provide fewer false positives compared to other solutions. It is used...
See all answers
 

Comparisons

Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Compared 15% of the time
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
Compared 7% of the time
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Compared 7% of the time
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Compared 6% of the time
Microsoft Defender for Endpoint vs Elastic Security Logo
Microsoft Defender for Endpoint vs Elastic Security
Compared 6% of the time
More Elastic Security Competitors
Kaspersky Endpoint Detection and Response vs Sangfor Endpoint Secure Logo
Kaspersky Endpoint Detection and Response vs Sangfor Endpoint Secure
Compared 21% of the time
Bitdefender GravityZone EDR vs Sangfor Endpoint Secure Logo
Bitdefender GravityZone EDR vs Sangfor Endpoint Secure
Compared 11% of the time
ESET Inspect vs Sangfor Endpoint Secure Logo
ESET Inspect vs Sangfor Endpoint Secure
Compared 10% of the time
CrowdStrike Falcon vs Sangfor Endpoint Secure Logo
CrowdStrike Falcon vs Sangfor Endpoint Secure
Compared 9% of the time
Trend Vision One Endpoint Security vs Sangfor Endpoint Secure Logo
Trend Vision One Endpoint Security vs Sangfor Endpoint Secure
Compared 8% of the time
More Sangfor Endpoint Secure Competitors
 

Product Reports

Buyer's Guide
Elastic Security
October 2025
Elastic Security reportDownload Elastic Security product report
Buyer's Guide
Sangfor Endpoint Secure
September 2025
Sangfor Endpoint Secure reportDownload Sangfor Endpoint Secure product report
 

Also Known As

Elastic SIEM, ELK Logstash
No data available
 

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

  • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
  • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
  • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic

Organizations use Sangfor Endpoint Secure for endpoint protection and security management, managing devices, servers, and networks against malicious threats. It also assists in blocking websites, managing infrastructure, applications, antivirus needs, and aids in migrating to cloud environments.

Sangfor Endpoint Secure offers end-to-end protection, incorporating file protection, AI detection, behavior analysis, access control, and ISP load balancing. It facilitates VM migration with minimal downtime and includes a dual-end user interface for creating firewall rules, uploading images, and configuring VM settings. Enhancements such as Hyper-V capabilities, policy certificates, honeypot features, and next-generation firewall integrations are available. However, Sangfor Endpoint Secure could improve on console management, reporting functionalities, public cloud migration support, navigation, VPN system issues, licensing, update management, transitioning processes, and incorporating healing capabilities.

What are its most important features?
  • Comprehensive end-to-end protection including file protection
  • AI detection and behavior analysis
  • Access control and ISP load balancing
  • Ease of VM migration with minimal downtime
  • Streamlined dual-end user interface for firewall rules and VM settings
  • Hyper-V capabilities and policy certificates
  • Honeypot feature for attack detection and RDP protection
  • Integration with next-generation firewalls
What benefits or ROI should users look for?
  • Enhanced device, server, and network security from malicious threats
  • Simplified migration from on-premises to cloud environments
  • User-friendly navigation and management capabilities
  • Advanced detection and behavior analysis reducing potential threats
  • Streamlined enforcement of robust security policies

Sangfor Endpoint Secure is implemented across various industries to ensure comprehensive security management and protection. IT departments leverage its VM migration capabilities for seamless transitions to cloud environments. Healthcare organizations use it to secure sensitive patient data, while educational institutions utilize it for safeguarding academic records and personal information. Financial services employ it to protect critical transactional data and adhere to stringent compliance requirements.

Sangfor
 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Information Not Available
Buyer's Guide
Elastic Security vs. Sangfor Endpoint Secure
September 2025
Free Report: Elastic Security vs. Sangfor Endpoint Secure
Find out what your peers are saying about Elastic Security vs. Sangfor Endpoint Secure and other solutions. Updated: September 2025.
DOWNLOAD NOW
869,760 professionals have used our research since 2012.
See our Elastic Security vs. Sangfor Endpoint Secure report.
See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.