We compared Elastic Security and Microsoft Defender for Endpoint based on our user's reviews in several parameters.
Overall, users appreciate both Elastic Security and Microsoft Defender for Endpoint for their comprehensive threat protection, user-friendly interfaces, and effective incident response capabilities. Elastic Security stands out for its strong threat hunting functionalities and log management, while Microsoft Defender for Endpoint is praised for its efficient system management and reporting. Elastic Security users value its affordability and flexible licensing, while Microsoft Defender for Endpoint users highlight its reasonable pricing and seamless integration with other Microsoft products. However, Elastic Security users feel it could improve its threat monitoring capabilities and incident response system, while Microsoft Defender for Endpoint users suggest areas for enhancement such as easier navigation and improved integration with other security tools.
Features: Elastic Security is valued for its strong threat hunting functionalities, efficient log management, and seamless integration with other Elastic solutions. Microsoft Defender for Endpoint is praised for its real-time monitoring and detection, efficient system management and reporting, and seamless integration with other Microsoft products.
Pricing and ROI: The setup cost for Elastic Security is regarded positively by users, who appreciate its minimal associated costs and hassle-free experience. On the other hand, Microsoft Defender for Endpoint is also praised for its reasonable pricing, straightforward setup process, and flexible licensing options., Elastic Security's positive ROI is attributed to its tangible benefits and delivered results, while Microsoft Defender for Endpoint's success lies in its performance, effectiveness, ease of use, and real-time insights.
Room for Improvement: Elastic Security product has room for improvement in its threat monitoring capabilities, incident response system, integration with other security tools, navigation, user interface, and customizable features. Microsoft Defender for Endpoint also has areas that could be enhanced.
Deployment and customer support: The feedback on the duration to establish a new tech solution for Elastic Security varies, with users having different timeframes for deployment, setup, and implementation phases. In contrast, Microsoft Defender for Endpoint also has mixed feedback, with some users spending longer on deployment compared to others who completed both deployment and setup within a week. Looking at the context of the terms used is crucial., Customers have found Elastic Security's customer service to be helpful and supportive, while Microsoft Defender for Endpoint is praised for its efficiency, promptness, and ability to address concerns.
The summary above is based on 114 interviews we conducted recently with Elastic Security and Microsoft Defender for Endpoint users. To access the review's full transcripts, download our report.
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The solution was relatively easy to deploy."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"The feature that we have found the most valuable is scalability."
"It's simple and easy to use."
"It is scalable."
"ELK documentation is very good, so never needed to contact technical support."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"The scalability is good. It can be scaled easily in the production environment."
"The solution has an easy-to-use interface, is always updated, and is user-friendly."
"It's one of the best antiviruses on the market."
"This is not an inventory solution, but it helps you take count of how many workstations you have, as well as what software is installed on each of them."
"We like that it has a free version available."
"I like that it's easy to deploy because it already comes with Windows 10. Overall, it has all the features that we need. Easy to deploy, comes with updates, and comes with Windows updates. You don't have to really manage or update the signature."
"Defender is stable, I haven't had any problems with viruses when using it, and it's easy to update."
"It's effective against most types of infection, and the firewall is perfect for protection."
"The stability keeps getting better and better."
"Cannot be used on mobile devices with a secure connection."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"FortiEDR can be improved by providing more detailed reporting."
"The solution should address emerging threats like SQL injection."
"I haven't seen the use of AI in the solution."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The only minor concern is occasional interference with desired programs."
"It's a little bit of a learning curve to understand the logic of searching for things and trying to find what you're looking for in Elastic Security."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"There isn't really a very good user experience. You need a lot of training."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"In India at least, it seems to be a bit more expensive than other options."
"Notifications are always popping up — I hate that."
"I wish they would extend the use of the Security Central portal, even for the free option of Defender. Because, as companies grow, it is labor intensive to manage the AV and detection part of it. For companies already subscribed to Office 365, I think this would be a good enhancement."
"Microsoft support could be more knowledgeable."
"If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us."
"I am not sure if I will be using this product in the future because of the price."
"The initial setup can be a bit complex."
"The scanning is slow when it is working with incoming emails."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews. Elastic Security is rated 7.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and CrowdStrike Falcon, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and ESET Endpoint Protection Platform. See our Elastic Security vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
