We performed a comparison between Elastic Security and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The unified view of the threat landscape on a central dashboard is the most valuable feature."
"Microsoft 365 Defender is simple to upgrade."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"The product has huge integration varieties available."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."
"The performance is good and it is faster than IBM QRadar."
"It is scalable."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"Stability-wise, I rate the solution a ten out of ten."
"It helps us with investigations."
"We had a quick deployment. The solution is easy to set up."
"I appreciate the value of real-time activity monitoring."
"I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on."
"For our day-to-day use cases, the correlation and attribution of different alerts are valuable. It is sort of an SIEM, but it is intelligent enough to run the queries and intentionally detect and prioritize attacks for you. At the end of the day, it is different data that you see. It correlates data for you and makes it meaningful. You can see that someone got an email and clicked a link. That link downloaded, for example, malware into the memory of the machine. From there, you can see that they started moving laterally to your environment. I quite like it because it gives visibility, so Workbench is what we use every day"
"One of the features I like in Trend Micro XDR is that you can drill down on the root-cause analysis for anything you find on the solution. I also like that it works for detection purposes. Behavior analytics is also what I like most about Trend Micro XDR. I love that it has features such as behavior detection, program detection, and memory scanning. By default, the solution protects against spyware, apart from the normal virus scan. Smart Scan and DLP are also available in Trend Micro XDR which I like as well."
"Scaling is not a problem at all."
"It is a stable product. It works very well."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."
"Email notification should be done the same way as Logentries does it."
"The solution's query building is not that intuitive compared to other solutions."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"I would like to have more integration with mobile device management."
"A room for improvement in Trend Micro XDR is more visibility into the alerts. We do get alerts from the solution, but when we are away, we need to have more visibility."
"It would be ideal if they could improve the control of connectivity between sensors."
"The deployment process could be more streamlined over the existing infrastructure, as it was not as easy as we thought."
"The solution lacks compatibility with other products. It needs to integrate better with other surrounding solutions."
"When you deploy these tools from Trend Micro, the integration and getting them to work together, are among the more difficult pieces of the puzzle. But when you get that set up and working, you're glad you did."
"The price could be lower."
"They should increase their potential for third-party integrations."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews. Elastic Security is rated 7.6, while Trend Vision One is rated 8.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Trellix Endpoint Security. See our Elastic Security vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.