We performed a comparison between Cisco Secure Endpoint and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"This is stable and scalable."
"The product detects and blocks threats and is more proactive than firewalls."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Forensics is a valuable feature of Fortinet FortiEDR."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Ability to get forensics details and also memory exfiltration."
"The most valuable feature is the analysis, because of the beta structure."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"The most valuable feature is signature-based malware detection."
"The product's initial setup phase was very simple."
"There are no issues or drops in the solution's performance...The solution's technical support was helpful."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"The most valuable feature at this moment is that Cisco AMP or Cisco Secure Endpoint solution is delivering a lot of things, and I always say to a lot of customers that if we didn't have Cisco AMP, we probably would have had ransomware somewhere. So, it's protecting us very well from a lot of hackers, malware, and especially ransomware."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"The product has huge integration varieties available."
"It's open-source and free to use."
"The most valuable feature for me is Discover."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Cannot be used on mobile devices with a secure connection."
"It takes about two business days for initial support, which is too slow in urgent situations."
"ZTNA can improve latency."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"In terms of the user experience, if the UX design could be much simpler [that would improve things]... if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something."
"The integration of the Cisco products for security could be better in the sense that not everything is integrated, and they aren't working together. In addition, not all products are multi-tenant, so you can't separate different customer environments from each other, which makes it a little bit hard for a managed service provider to deliver services to the customers."
"The reporting and analytics areas of the solution need to be improved."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"The solution needs more in-depth analytics."
"Due to the complexity of the technology that is used and its advanced threat detection capabilities, it is possible to encounter many delays in operation."
"The technical support is very slow."
"I would like to see integration with Cisco Analytics."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"The solution's query building is not that intuitive compared to other solutions."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
Cisco Secure Endpoint is ranked 9th in Endpoint Detection and Response (EDR) with 45 reviews while Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews. Cisco Secure Endpoint is rated 8.6, while Elastic Security is rated 7.6. The top reviewer of Cisco Secure Endpoint writes "Makes it possible to see a threat once and block it across all endpoints and your entire security platform". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint and Cisco Umbrella, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint. See our Cisco Secure Endpoint vs. Elastic Security report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.