We performed a comparison between Elastic Security and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"Its most significant advantage lies in its affordability."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"It's very stable and reliable."
"The cost is reasonable. It's not overly pricey."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"It's simple and easy to use."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"The solution is very easy to use."
"The telemetric report is the most valuable feature."
"Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage."
"For our day-to-day use cases, the correlation and attribution of different alerts are valuable. It is sort of an SIEM, but it is intelligent enough to run the queries and intentionally detect and prioritize attacks for you. At the end of the day, it is different data that you see. It correlates data for you and makes it meaningful. You can see that someone got an email and clicked a link. That link downloaded, for example, malware into the memory of the machine. From there, you can see that they started moving laterally to your environment. I quite like it because it gives visibility, so Workbench is what we use every day"
"The automatic EDR system that notifies us when something is wrong is valuable."
"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."
"I like that it is a comprehensive security solution with a lot of features. You can say XDR is an end-to-end security solution with endpoint security. It includes all your servers, networks, and other devices. The endpoint security solution does not cover this. Plus, machine learning and features like that are the main things in XDR solutions."
"I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"The support team is not competent or responsive."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The web filtering solution needs to be improved because currently, it is very simple."
"Better integration with third-party APMs would be really good."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
"It could use maybe a little more on the Linux side."
"The interface could be more user friendly because it is sometimes hard to deal with."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"I'd like to see alert time reduction so that they show up on the dashboard faster."
"The deployment process could be more streamlined over the existing infrastructure, as it was not as easy as we thought."
"I would like to have more integration with mobile device management."
"The solution only supports Windows and Mac. It would be helpful if it could support other OS, such as Linux."
"While blocking an IP address restricts access for 30 days, it eventually becomes accessible again."
"Reporting could be a little bit better. They are working on it, and it is getting better."
"A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult."
"The centralized dashboard has room for improvement."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 42 reviews. Elastic Security is rated 7.6, while Trend Vision One is rated 8.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trend Vision One is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Trend Micro Apex One and ESET Inspect. See our Elastic Security vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
