We performed a comparison between Elastic Security and McAfee ePolicy Orchestrator based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product can integrate with any device."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"It's not very complicated to install Elastic."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"The solution is quite stable. The performance has been good."
"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."
"The most valuable feature is the ability to collect authentication information from service providers."
"The feature that we have found the most valuable is scalability."
"We get fewer false positives than with other solutions."
"We implemented data transfer protection, which allows transfer in one direction only. Users can copy from the PC to the USB but not from the USB to the PC. That way, if someone is carrying a virus on a USB, it will not be transferred to the PC."
"The most valuable features of this solution are the antivirus and the DLP."
"What I like the most is the ability to manage centrally, to manage the various devices, the platform, and the endpoint, all from one console."
"You have to have some experience, however, it's pretty simple to understand."
"The best part is management in McAfee ePolicy Orchestrator."
"McAfee is helping us to clean all of the viruses from the machines, protecting our desktops from the latest threats."
"The most valuable feature of the solution is the central management console, which is used for DLP, endpoint security, drive encryption, and application control."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"There is room for improvement in entity behavior and the integration site."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"The solution could improve the playbooks."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"The interface could be more user friendly because it is sometimes hard to deal with."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
"The solution's query building is not that intuitive compared to other solutions."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"The areas of concern where improvements are needed are related to the product's assignment policy and tag assignment, where users can assign the policies with the help of tags and sort out the systems."
"I would like to see McAfee reduce the amount of manual work required."
"Sometimes agents hang. We have to reinstall the agents."
"The way that ePolicy launches the updates is very slow. It would be great if that was faster."
"Lacks a single plug-in for multiple uses."
"There needs to be support for Mac computers. Currently, McAfee does not work on iOS."
"One thing that I don't like is that McAfee products change very often and upgrade very often."
"McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors."
Elastic Security is ranked 6th in Security Orchestration Automation and Response (SOAR) with 59 reviews while McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 39 reviews. Elastic Security is rated 7.6, while McAfee ePolicy Orchestrator is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender for Endpoint and CrowdStrike Falcon, whereas McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Symantec Data Loss Prevention, Zscaler DLP, Trend Micro Integrated Data Loss Prevention and Forcepoint Data Loss Prevention. See our Elastic Security vs. McAfee ePolicy Orchestrator report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.