We performed a comparison between Elastic Security and Trellix Active Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The setup is pretty simple."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The product detects and blocks threats and is more proactive than firewalls."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The product's initial setup phase is very easy."
"It is stable and scalable."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"It's simple and easy to use."
"It's open-source and free to use."
"I like the indexing of the logs."
"The most valuable features of Elastic Security are it is open-source and provides a high level of security."
"The product has huge integration varieties available."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"The solution is scalable."
"It's a little lighter compared to the older version, which was mostly signature-based."
"We are hoping to automate detection and response and take advantage of user behavior analytics, given that we are working from home. About half of our workers are still remote, so Active Response gives us that visibility and lets us automate a number of those events."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The support needs improvement."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"FortiEDR can be improved by providing more detailed reporting."
"It takes about two business days for initial support, which is too slow in urgent situations."
"Cannot be used on mobile devices with a secure connection."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"I haven't seen the use of AI in the solution."
"Better integration with third-party APMs would be really good."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"This solution is very hard to implement."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"I would like more ways to manage permissions and restrict access to certain users."
"There are some components on the cloud that should also reside in the on-prem deployment models but don't."
"While the product is good, we are currently facing support issues."
"I also expected Active Response 's user interface to be much more analytical."
Earn 20 points
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Trellix Active Response is ranked 57th in Endpoint Detection and Response (EDR). Elastic Security is rated 7.6, while Trellix Active Response is rated 6.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Active Response writes "Lighter with good stability and pretty good technical support". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Active Response is most compared with Trellix Endpoint Detection and Response (EDR) and Trellix Endpoint Security (ENS). See our Elastic Security vs. Trellix Active Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.