We performed a comparison between Cynet and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"It has great stability."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The feature I find most valuable, is the reality graphical user interface."
"Advanced detection and protection against ransomware paired with SOC monitoring are the most valuable features. They have 24/7 SOC monitoring and file activity. It is a very robust tool."
"We are protecting all our workstations."
"The interface is exceptionally clear and easy to understand."
"The most valuable aspect of this solution is that it is a complete solution, which makes cyber security very free and almost perfect. There is no such thing as perfect cyber security, but as far as it can go, sign it comes close to being perfect and holistic. Cynet is always comprehensive from the perspective of functionality, as well as from the standpoint that it encompasses not only technology but also processes and people. The triad of people, processes, and technology is crucial and should always be in place. To my knowledge, no other product or platform combines all three components into one, but Cynet does."
"Cynet is unique in that it has almost everything included and it was built up from the ground, instead of a bundle of purchased and composed modules. It gives you easier very good visibility than Sentinel One as well as a lower maintenance burden."
"The most valuable feature is the monitored support behind it."
"The level of automation is very good because the majority of the time, it blocks the attacks without requiring anything from our side. The technicians don't have to do anything. They are just alerted about what happened. So, the user intelligence works quite well."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"The feature that we have found the most valuable is scalability."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"The support could be more knowledgable to improve their offering."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"The licensing is a nightmare and has room for improvement."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The reporting functionality in Cynet may not be as comprehensive or flexible as desired."
"There are some shortcomings in Cynet's integration capabilities that need improvement."
"Increased application for SOAR abilities across interconnected devices would be a welcome improvement."
"The reporting is a little weak and could be improved. The other downside is that Cynet does not use the local time zone. It's based off of Greenwich Mean Time."
"The command line interface could be improved."
"I think the technical support could be better."
"In terms of what could be improved, I would say the usability of this product for new threats. Meaning, not everything which is new is properly seen by the product and not all the required actions are taken."
"There could be more customization options and detailed information provided in the reports."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"The training that is offered for Elastic is in need of improvement because there is no depth to it."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
Cynet is ranked 15th in Endpoint Detection and Response (EDR) with 35 reviews while Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews. Cynet is rated 8.8, while Elastic Security is rated 7.6. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, ESET Endpoint Protection Platform, Microsoft Defender for Endpoint and Cortex XDR by Palo Alto Networks, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint. See our Cynet vs. Elastic Security report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.