No more typing reviews! Try our Samantha, our new voice AI agent.

Elastic Security vs Uptycs comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Elastic Security
Ranking in Endpoint Detection and Response (EDR)
15th
Ranking in Extended Detection and Response (XDR)
12th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
66
Ranking in other categories
Log Management (11th), Security Information and Event Management (SIEM) (7th), Security Orchestration Automation and Response (SOAR) (10th)
Uptycs
Ranking in Endpoint Detection and Response (EDR)
51st
Ranking in Extended Detection and Response (XDR)
39th
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
2
Ranking in other categories
Endpoint Protection Platform (EPP) (44th), Container Security (37th), Cloud Workload Protection Platforms (CWPP) (23rd), Cloud Security Posture Management (CSPM) (33rd), Cloud-Native Application Protection Platforms (CNAPP) (22nd), Cloud Detection and Response (CDR) (12th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Elastic Security is 2.3%, up from 2.2% compared to the previous year. The mindshare of Uptycs is 0.5%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Elastic Security2.3%
Uptycs0.5%
Other93.6%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Laurentiu Popescu - PeerSpot reviewer
Chief Product Officer at ClusterPower
Has improved threat detection with deep log analysis and streamlined investigation workflows
The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.
SangramGupta - PeerSpot reviewer
Security Consultant at Deloitte
Centralized visibility has improved risk-based vulnerability management but onboarding still needs simplification
From my perspective, the features of Uptycs that stand out more for my projects and organization are the vulnerability management, endpoint visibility, and asset inventory management features. I can share two specific outcomes that show this positive impact using Uptycs. First, it reduces significant time and effort from the asset inventory point of view because previously I needed to scan all of the assets which were in scope, but now I only scan those assets that are currently active and in scope, and the CMDB and asset inventory receive proper updates of those assets. Secondly, in vulnerability prioritization, I receive all the prioritized vulnerabilities so I can prioritize and mitigate or remediate them as soon as possible, which reduces the overall time of remediation as well.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The initial setup is pretty easy."
"The most valuable for us is the correlation feature."
"It has absolutely improved the way our organization functions, we are more secure, it is giving us more peace of mind, and it has found malicious activity happening on our endpoints that probably would not have been detected if we didn't have it."
"Cortex XDR's most valuable feature is its intelligence-based dashboards."
"If any application performs suspicious activities, such as changing registries or modifying other applications, Cortex XDR detects and blocks the entire application."
"I like that the product has behavior-based detection which offers many benefits over signature-based detection."
"The scalability of Cortex XDR by Palo Alto Networks is very good."
"The product is mostly automated, and we do not have to make decisions, because all the decisions are made by the product itself and we are not required to create any custom policies since the policies that are created are well defined in the product itself."
"The most valuable feature is the ability to collect authentication information from service providers."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"In my previous organization, I used this for central log management, increasing developer productivity."
"My advice is that this is a good product to use if you are financially contained, and you want to start with something small."
"I would advise others to use this solution as it is relatively low cost and the implementation is quick, giving you results faster."
"It's quite stable; we have not seen it going down at all for the last three years and it's working well consistently."
"Elastic Security is cost-effective compared to Defender and CrowdStrike."
"They have multiple great features."
"I have seen a return on investment from using Uptycs, saving almost 25 to 30 percent in terms of asset investigations or asset inventory management and vulnerability prioritization, which is significant."
 

Cons

"There are some limitations on the Traps agents."
"If Palo Alto reduces the pricing slightly for their products, it would make them more scalable in markets such as India and globally for cybersecurity."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"It is a complex solution to implement."
"Managing the product should be easier."
"It'll help if customization was easier."
"Cortex XDR by Palo Alto Networks is a very good product, but financially, it is very expensive, so the company should look into that area."
"It takes time to scan the servers and devices."
"Continuous upgrades can be quite inconvenient. My security testing team continuously reports vulnerabilities, and we have to fix and update the versions frequently."
"The solution could offer better reporting features."
"Better integration with third-party APMs would be really good."
"I do not have any specific recommendations for improvements in Elastic Security, but I feel that the AI module should get more mature."
"Their visuals and graphs need to be better."
"The signature security needs improvement."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"We'd like to see some more artificial intelligence capabilities."
"We end up facing a lot of issues after upgrades."
"Regarding improvements for Uptycs, I suggest simplified onboarding for complex cloud environments because the current onboarding method is complex and requires checks with the support team."
 

Pricing and Cost Advice

"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"I don't like that they have different types of licenses."
"I feel it is fairly priced."
"I don't have any issues with the pricing. We are satisfied with the price."
"It has a yearly renewal."
"Its pricing is kind of in line with its competitors and everybody else out there."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"I can say that the product is cheaply priced."
"Elastic Security is free to use."
"Compared to other products such as Dynatrace, this is one of the cheaper options."
"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."
"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
Information not available
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
903,807 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
11%
Comms Service Provider
9%
Comms Service Provider
9%
Financial Services Firm
8%
Government
8%
Manufacturing Company
8%
Financial Services Firm
18%
Construction Company
13%
Manufacturing Company
6%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise12
Large Enterprise15
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several time...
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
What needs improvement with Elastic Security?
I do not have any specific recommendations for improvements in Elastic Security, but I feel that the AI module should...
What needs improvement with Uptycs?
Regarding improvements for Uptycs, I suggest simplified onboarding for complex cloud environments because the current...
What is your primary use case for Uptycs?
I use Uptycs as part of cloud security threat detection, vulnerability management, and security operations initiative...
What advice do you have for others considering Uptycs?
My advice for others looking into using Uptycs is that if you are looking for a centralized solution for all security...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Elastic SIEM, ELK Logstash
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Comcast, Crossbeam, Flexport, Greenlight Financial, Lookout Security, PayNearMe
Find out what your peers are saying about Elastic Security vs. Uptycs and other solutions. Updated: June 2026.
903,807 professionals have used our research since 2012.