We performed a comparison between Elastic Security and Intercept X Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"The performance is good and it is faster than IBM QRadar."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"The most valuable feature is the ability to collect authentication information from service providers."
"It's very stable and reliable."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"This product integrates well with Sophos firewalls and should be seriously considered by Sophos Firewall clients."
"What I have found the most valuable about Sophos Intercept X is the ease of use with management administration and the solution's ability to stop exploits and ransomware."
"It is stable and has a good price. I find it very good."
"The most valuable features of Intercept X are server lockdown, auto-remediation, and encryption monitoring."
"The most valuable feature is that it literally works. We have reduced a lot of complaints after switching to Sophos."
"Solution for endpoint detection and response, with good stability and scalability. Users also benefit from email protection and data loss prevention."
"The security on offer is pretty good. We are happy with it."
"The stability on offer is fine."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"The management and automation of the cloud apps have room for improvement."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"It's a little bit of a learning curve to understand the logic of searching for things and trying to find what you're looking for in Elastic Security."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"I would like more ways to manage permissions and restrict access to certain users."
"The interface could be more user friendly because it is sometimes hard to deal with."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"The performance offered by the product needs improvement."
"Stability-wise, we had issues with some clients which had to be dealt with manually. The issue was with that installation part."
"We tried to set up Sophos Zero Trust within my Sophos central cloud. It only works with Microsoft and I use Google. I'd like to see Google added."
"The deployment part needs to be improved."
"The pricing could be a bit lower to match the normal retail pricing."
"It would be beneficial if you could expand support for Windows 7 and Windows Server 2008 without charging an additional fee."
"Integration with firewall solutions could be better."
"The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews while Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews. Elastic Security is rated 7.6, while Intercept X Endpoint is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient. See our Elastic Security vs. Intercept X Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.