We performed a comparison between Elastic Security and Swimlane based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."Free ingestion for Azure logs (with E5 licence)"
"The pricing of the product is excellent."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The product has huge integration varieties available."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"The solution is quite stable. The performance has been good."
"Enables monitoring of application performance and the ability to predict behaviors."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"It's open-source and free to use."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"The technical support from Swimlane is very good."
"The most valuable feature of the solution is the support."
"It provides us with a single portal for our logs from different solutions."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"I think the number one area of improvement for Sentinel would be the cost."
"I would like to see more AI used in processes."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"There is room for improvement in entity behavior and the integration site."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"The stability of the solution has room for improvement."
"The initial setup and deployment are complex."
"We faced a lot of issues with the product’s stability."
Elastic Security is ranked 6th in Security Orchestration Automation and Response (SOAR) with 59 reviews while Swimlane is ranked 17th in Security Orchestration Automation and Response (SOAR) with 3 reviews. Elastic Security is rated 7.6, while Swimlane is rated 7.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Swimlane writes "Great support, scalable, and easier to code". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender for Endpoint and CrowdStrike Falcon, whereas Swimlane is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Tines, Fortinet FortiSOAR and Cyware Fusion and Threat Response.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.