We performed a comparison between Elastic Security and Trellix Endpoint Detection and Response (EDR) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The product detects and blocks threats and is more proactive than firewalls."
"Forensics is a valuable feature of Fortinet FortiEDR."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"It's not very complicated to install Elastic."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"The biggest strength of the solution is that it's an integrated product that includes EDR and antivirus."
"When Trellix detects some threats, the device is isolated in a quarantine zone for examination."
"Trellix has a user-friendly interface."
"It is a scalable solution and very easy to use."
"What we're using the most and what we found valuable in McAfee MVISION Endpoint Detection and Response are Web Control, Advanced Threat Protection, and Threat Prevention features."
"If there is any malicious behavior in the workstation or server, the tool stops or isolates it automatically and generates alerts."
"The product provides a one-click recovery of encrypted files."
"The product is user-friendly."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The solution should address emerging threats like SQL injection."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"ZTNA can improve latency."
"We find the solution to be a bit expensive."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"There isn't really a very good user experience. You need a lot of training."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"Some modules that are doing machine learning and artificial intelligence are blocking our processes."
"The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution."
"The dashboard and reporting features are not so user-friendly or intuitive, so they need some work."
"The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM."
"One of the issues about the product stems from the failure to work on its administrative scalability. The aforementioned area can be considered for improvement."
"The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms."
"An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool."
"The endpoints and utilization are too high, which impacts the production activity."
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Trellix Endpoint Detection and Response (EDR) is ranked 22nd in Endpoint Detection and Response (EDR) with 17 reviews. Elastic Security is rated 7.6, while Trellix Endpoint Detection and Response (EDR) is rated 7.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, CrowdStrike Falcon and Sangfor Endpoint Secure. See our Elastic Security vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.