We performed a comparison between Elastic Security and Exabeam Fusion SIEM based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"The scalability is good. It can be scaled easily in the production environment."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"The visualization is very good."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"The solution's initial setup process is easy."
"It's a very user-friendly product and it's a very comprehensive technology."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"The setup is not difficult. It was easy."
"Timeline based analysis; good platform support"
"The advanced analytics has a really great overview of user behavior."
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"The solution could improve the playbooks."
"There is room for improvement in entity behavior and the integration site."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"The AI capabilities must be improved."
"The product can be improved by reducing the cost to use AI machine learning."
"I would like to be able to monitor applications outside of the Azure Cloud."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"The training that is offered for Elastic is in need of improvement because there is no depth to it."
"This solution is very hard to implement."
"The interface could be more user friendly because it is sometimes hard to deal with."
"It could use maybe a little more on the Linux side."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"The biggest challenge has been related to the implementation."
"We still have questions surrounding hardware deployment."
"The organzation is rigid and not flexible in the way they operate"
"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"They should provide detailed information about detecting phishing emails."
"The only problem is that the UI is not very impressive."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
Elastic Security is ranked 5th in Log Management with 58 reviews while Exabeam Fusion SIEM is ranked 31st in Log Management with 10 reviews. Elastic Security is rated 7.6, while Exabeam Fusion SIEM is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Defender for Endpoint, IBM Security QRadar and CrowdStrike Falcon, whereas Exabeam Fusion SIEM is most compared with IBM Security QRadar, Palo Alto Networks Cortex XSOAR, Splunk Enterprise Security, Splunk User Behavior Analytics and Splunk SOAR. See our Elastic Security vs. Exabeam Fusion SIEM report.
See our list of best Log Management vendors, best Security Information and Event Management (SIEM) vendors, and best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.