We performed a comparison between Elastic Security and Intercept X Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft 365 Defender is simple to upgrade."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The most valuable aspect is undoubtedly the exploration capability"
"The integration between all the Defender products is the most valuable feature."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"It's open-source and free to use."
"Enables monitoring of application performance and the ability to predict behaviors."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"The scalability is good. It can be scaled easily in the production environment."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"It's very customizable, which is quite helpful."
"The Managed Detection and Response service provided by Intercept X Endpoint is highly valuable. With a team of 600-700 individuals monitoring systems, they swiftly respond to attacks, either informing us to isolate or directly removing threats. This full MDR service is especially recommended for sectors like finance, where data security is critical. The deep learning technology within Intercept X Endpoint enhances our security posture by analyzing behaviors and algorithms to differentiate between legitimate users and threats, effectively preventing attacks on our network infrastructure."
"The performance is good."
"This product integrates well with Sophos firewalls and should be seriously considered by Sophos Firewall clients."
"It's quite simple to use and user friendly."
"This solution can be used with any device, mobiles, desktops, or any appliances."
"It's a good antivirus software and has a lot of features. It now integrates with their on-premises firewall, which is perfect."
"Technical support is responsive and adept."
"Malware protection and application blocking are absolutely great. The DLP and malware features are very helpful. It is also very user-friendly, reliable, and scalable. It is easy to set up. We are also happy with its price and support."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"We should be able to use the product on devices like Apple, Linux, etc."
"At times, there may be delays in the execution of certain actions and their effects."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"The after sales service and support could be improved."
"Features that should be improved in the upgrade involve the excessive consumption of the the solution's processor, RAM and resources."
"It could be a bit easier to implement."
"The solution can be expensive, although we do see the value in it."
"In terms of the site-to-site VPN elements, they tend to concentrate. It's quite simple when there are Meraki devices at both ends of the VPN but if there is another user at one end, on another device, it can be a bit tricky. So they could really simplify that process a bit."
"As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."
"The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them."
"The product defends very well on its own but could possibly use enhancement in giving users more controls."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews. Elastic Security is rated 7.6, while Intercept X Endpoint is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient. See our Elastic Security vs. Intercept X Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.