We performed a comparison between Elastic Security and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its most significant advantage lies in its affordability."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"The product is very easy to use."
"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."
"The product has huge integration varieties available."
"I like the indexing of the logs."
"The most valuable feature is the machine learning capability."
"It's open-source and free to use."
"The visualization is very good."
"Elastic Security is very easy to adapt."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"VisionOne offers a clear window into the security posture of our endpoints."
"The most important thing for us as a customer is that we can spend more time in other places as it's simpler to have that overview. We have much more time for other tasks."
"They were one of the companies, early on, that spent a lot of time integrating their toolsets, and I was really impressed with that... the endpoint management system could reach out to the Deep Discovery system on the network and pick up something that it perceived as a suspicious object."
"The most valuable feature is the network protection shield on every server, which isolates attacks and prevents our clients from being affected."
"Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage."
"Drilling down further, we can analyze how our users are utilizing their workstations, including the websites they visit."
"The zero-day vulnerability is valuable."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"The price should be adjustable by region."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"This solution is very hard to implement."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"The solution's query building is not that intuitive compared to other solutions."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"The support should be improved."
"The solution could always be made to be more secure."
"They should increase their potential for third-party integrations."
"When you deploy these tools from Trend Micro, the integration and getting them to work together, are among the more difficult pieces of the puzzle. But when you get that set up and working, you're glad you did."
"Having more variables within the playbook would be useful. It would allow us to have more refined playbooks for the business. It would allow us to take stronger action through a playbook. It will give us confidence to target a particular area of business where our risk tolerance might be higher or lower. We would like to have more granular playbooks."
"The agent system is very slow, it needs to improve its performance."
"We'd like to see a few more integrations."
"The price could be lower."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews. Elastic Security is rated 7.6, while Trend Vision One is rated 8.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Micro Apex One, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Trellix Endpoint Security. See our Elastic Security vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.