We performed a comparison between Elastic Security and Trellix Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"Microsoft 365 Defender is simple to upgrade."
"The product integrates security into one tool instead of having third-party security tools."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The most valuable feature for me is Discover."
"Elastic is straightforward, easy to integrate, and highly customizable."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"It's not very complicated to install Elastic."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"The feature that we have found the most valuable is scalability."
"It provides a lot of information and great visibility, with really great options for managing the environment."
"We like the management of the ePO, and we like the management console."
"We really like the dashboard from Trellix and we've found that it's pretty informative."
"Would benefit with the addition of DLP features."
"The package of protection that it provides is useful. It has antivirus, malware protection, VPN, and a whole bunch of other features."
"The most valuable features are the prevention layer that detects the signature value and prevents threats in the network."
"I think the costing is fine compared to other products. Cost-wise you definitely get value for your money."
"The solution is stable."
"The licensing is a nightmare and has room for improvement."
"The tool gives inconsistent answers and crashes a lot."
"The logs could be better."
"The price should be adjustable by region."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"We'd like better premium support."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"The interface is complex."
"Tech support is not as helpful as they were in the past."
"The DAC (Dynamic Application Containment) component of this product needs improvement."
"The solution needs to offer better local technical support."
"It would be nice if the solution were to allow not just on-cloud management, but on-premises, as well."
"The solution consumes a lot of end user memory and CPU. Trellix doesn't really focus much on the anti-malware side."
"They can make it free, but that's not going to happen."
"Support-wise they need to be better."
Elastic Security is ranked 7th in Extended Detection and Response (XDR) with 58 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 94 reviews. Elastic Security is rated 7.6, while Trellix Endpoint Security is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Elastic Security vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.