Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Symantec Endpoint Detection and Response comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Endpoint Detection and Response (EDR)
17th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
65
Ranking in other categories
Log Management (11th), Security Information and Event Management (SIEM) (5th), Security Orchestration Automation and Response (SOAR) (8th), Extended Detection and Response (XDR) (10th)
Symantec Endpoint Detection...
Ranking in Endpoint Detection and Response (EDR)
28th
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
30
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Elastic Security is 2.3%, up from 2.2% compared to the previous year. The mindshare of Symantec Endpoint Detection and Response is 0.5%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

SyedAli17 - PeerSpot reviewer
Centralized monitoring improves security posture through rapid data processing
The processing part of Elastic Security ( /products/elastic-security-reviews ) is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.
YusufAhmed - PeerSpot reviewer
Easy to use and competitively priced
Honestly, the product needs to continue the way it is, and I feel that everything will be fine. I haven't had any reasons to complain about the product. The product doesn’t offer MDM functionality under its current licensing model. In the future, I want the product to offer MDM. It can allow me to manage my mobile device more efficiently and effectively. Currently, there is a need for a separate license to be added to Symantec Endpoint Detection and Response to be able to use the MDM part. If both are bundled up under the same license, the administration part can be made easier.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of Elastic Security are it is open-source and provides a high level of security."
"The most valuable feature is the machine learning capability."
"It's not very complicated to install Elastic."
"The visualization is very good."
"The performance is good and it is faster than IBM QRadar."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"It is very simple to use."
"The most valuable feature of Symantec Endpoint Detection and Response is its ability to conduct large scans on the endpoints without affecting the network."
"The most valuable features of Symantec Endpoint Detection and Response are its immediate response and investigation."
"The Detection vulnerability is very effective."
"The solution does its job with no issues."
"A great feature of this solution is that it is very well-integrated with antivirus software. Other ADR solutions are implemented as single technologies and are not integrated with the provider, but Symantec offers AV plus ADR."
"The pricing is good."
"There are times when Symantec Endpoint Detection and Response tags an executable as malicious when it is trying to get executed on the machine. In this case, it prevents the execution and it gives you a process view of things where you can look into what has happened and whether it is a genuine process trying to access some system activities, or it's a malicious one. Depending upon the process, it gives you a clear identification, and we can do the containment from the interface itself and isolate the machine from the network. The process review on network isolation is good."
 

Cons

"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"The biggest challenge has been related to the implementation."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"The interface is very complicated."
"The solution’s scalability and stability could be improved."
"Symantec Endpoint Detection and Response could improve the reporting. It is very difficult to create reports from the user interface."
"It is not possible to buy it from the company itself, or resellers in other countries. If it is available, I see that it is offered as part of a larger service. For me, this was not suitable."
"They do need to minimize the number of agents installed on a server."
"The solution can always be more stable and more secure."
"The network forensics feature could be improved."
"The GUI could be better."
 

Pricing and Cost Advice

"We use the open-source version, so there is no charge for this solution."
"Compared to other tools, Elastic Security is a cheaper solution."
"The solution is not expensive and costs around ten dollars a month."
"We are using the free, open-source version of this solution."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
"We are satisfied with the pricing."
"The product is cheap."
"Of late, because of the Broadcom purchase, its price has been increasing."
"Symantec Endpoint Detection and Response is expensive."
"Compared to the tools of competitors, Symantec Endpoint Detection and Response is a cheaply priced product."
"The more devices we have the more expensive it becomes, which is where the challenge is."
"The price is reasonable."
"We have a yearly subscription, and the pricing is fair."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
860,825 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Government
9%
Financial Services Firm
9%
Comms Service Provider
7%
Financial Services Firm
12%
Computer Software Company
12%
Manufacturing Company
8%
University
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Since Elastic Security is community-based, it does not require significant costs. This is beneficial for SMEs as they do not need extensive budgets for security solutions.
What is your experience regarding pricing and costs for Symantec Endpoint Detection and Response?
I am not aware of the pricing details, as that falls under the management's responsibility.
What needs improvement with Symantec Endpoint Detection and Response?
There are several areas where Symantec Endpoint Detection and Response can improve, including shell features, web control, asset management, and device control. Specifically, the application contro...
 

Also Known As

Elastic SIEM, ELK Logstash
No data available
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Information Not Available
Find out what your peers are saying about Elastic Security vs. Symantec Endpoint Detection and Response and other solutions. Updated: June 2025.
860,825 professionals have used our research since 2012.