We performed a comparison between Elastic Security and Trellix Endpoint Detection and Response (EDR) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product detects and blocks threats and is more proactive than firewalls."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Impressive detection capabilities"
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Forensics is a valuable feature of Fortinet FortiEDR."
"This is stable and scalable."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It's open-source and free to use."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"ELK documentation is very good, so never needed to contact technical support."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"The solution is quite stable. The performance has been good."
"We've found the initial setup to be quite straightforward."
"The product is user-friendly."
"If there is any malicious behavior in the workstation or server, the tool stops or isolates it automatically and generates alerts."
"What we're using the most and what we found valuable in McAfee MVISION Endpoint Detection and Response are Web Control, Advanced Threat Protection, and Threat Prevention features."
"Trellix has a user-friendly interface."
"The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation."
"When Trellix detects some threats, the device is isolated in a quarantine zone for examination."
"It is a stable solution. Stability-wise, I rate the solution a nine out of ten...I rate the solution's technical support team a nine and a half or ten out of ten."
"It is a scalable solution and very easy to use."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"FortiEDR can be improved by providing more detailed reporting."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The SIEM could be improved."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Cannot be used on mobile devices with a secure connection."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"There isn't really a very good user experience. You need a lot of training."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"The alert feature of McAfee MVISION Endpoint Detection and Response needs improvement because for you to get the alerts, you have to log on to the portal. What my company needs is a tool that sends you alerts. For example, if it detects a threat on your machine, it should send you an alert. My company gets the alerts instead from the antivirus software rather than the EDR. If you want to see the alerts on McAfee MVISION Endpoint Detection and Response, you have to connect to the system manually. Another area for improvement in the tool is the reporting. My company needs weekly and monthly reports about the alerts, but you can't extract reports from McAfee MVISION Endpoint Detection and Response, so a decision was made to move to another EDR solution, particularly Microsoft Defender for Endpoint, next month. My company tested Microsoft Defender for Endpoint via a POC for one to three months. The resource usage of McAfee MVISION Endpoint Detection and Response is also an area for improvement because it consumes a lot of memory. For example, during the on-demand scan, you can't work because of the high CPU usage. You need to schedule the scans. McAfee MVISION Endpoint Detection and Response has a lot of modules, but my company doesn't use all modules."
"The dashboard and reporting features are not so user-friendly or intuitive, so they need some work."
"The endpoints and utilization are too high, which impacts the production activity."
"The graphical view for nodes must be increased."
"One of the issues about the product stems from the failure to work on its administrative scalability. The aforementioned area can be considered for improvement."
"The CPU utilization of the product is quite high compared to its competitors."
"The technical support must be improved."
"The console has a lot of bugs, and it creates many issues."
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Trellix Endpoint Detection and Response (EDR) is ranked 22nd in Endpoint Detection and Response (EDR) with 17 reviews. Elastic Security is rated 7.6, while Trellix Endpoint Detection and Response (EDR) is rated 7.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, Microsoft Defender for Endpoint and Sangfor Endpoint Secure. See our Elastic Security vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.