We performed a comparison between Elastic Security and Trellix Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"The most valuable feature is the machine learning capability."
"The cost is reasonable. It's not overly pricey."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"I like the indexing of the logs."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"When Intel acquired McAfee they worked on the protocol so that all vendors can work on the same platform. It's a very big improvement in McAfee. All McAfee products talk to each other. Other vendor's products can join this platform as well so it makes it more powerful on the enterprise side for McAfee."
"The solution is stable."
"The most valuable features are the adaptive tech on McAfee."
"One valuable feature is Threat Prevention with the on-demand scan."
"It's easy to use and it's very powerful. It offers nice endpoint protection."
"We can manage everything from the central console and it is very easy."
"The product is fairly reliable."
"This is a good solution for antivirus and malware protection."
"The web filtering solution needs to be improved because currently, it is very simple."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The support team is not competent or responsive."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"The solution does not offer a unified response and standard data."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"We'd like to see some more artificial intelligence capabilities."
"In terms of improvement, there could be more automation in responding to and evaluating detections."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"It would be a lot easier if I could add multiple user accounts within a single device."
"Users can just install software into their computers. We need some sort of application control system that, if there are any pieces of software that are not whitelisted, then the solution could flag it or maybe alert the administers. That would be very helpful."
"The management console is a little bit difficult to understand for admins. You need a lot of time in order to become familiar with that. It is a little bit complicated and not too easy to understand. Its price can also be improved. Its price is higher than its competitors. McAfee also needs to have better cloud integration and more data centers in the EU. The cloud center should be in Europe or in Germany. In Germany, it is really important to have access to your data within the same country. Customer data needs to be placed and processed in the same country."
"The security of this solution needs improvement."
"We experienced some bad behavior when we first installed the product. The system also starts slowly in some instances. If for some reason this solution crashes, we could lose all our data."
"I would like this solution to do what Palo Alto traps does because I would only need to run this one product."
"Support-wise they need to be better."
"The endpoint has room for improvement because it's restrictive, it's very sensitive. Sometimes it can delete something that you need and so sometimes you have to disable the antivirus."
Elastic Security is ranked 7th in Extended Detection and Response (XDR) with 58 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 94 reviews. Elastic Security is rated 7.6, while Trellix Endpoint Security is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Elastic Security vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.