We performed a comparison between Elastic Security and Intercept X Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"The threat intelligence is excellent."
"Microsoft 365 Defender is simple to upgrade."
"The integration, visibility, vulnerability management, and device identification are valuable."
"The solution is quite stable. The performance has been good."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"The most valuable feature is the ability to collect authentication information from service providers."
"The feature that we have found the most valuable is scalability."
"Elastic is straightforward, easy to integrate, and highly customizable."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"ELK documentation is very good, so never needed to contact technical support."
"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."
"It's a good antivirus software and has a lot of features. It now integrates with their on-premises firewall, which is perfect."
"It is easy to change the size of its capabilities, i.e. to expand processes or scale the size of users."
"The initial setup is pretty straightforward."
"I have found the most valuable feature to be the EDR."
"Synchronization with the firewall is most valuable."
"There are additional security features in Sophos Intercept X as well as proxy rules and settings that help us in minimizing the sites that our agents can go to, even after their work hours."
"The solution is easy to install."
"Sophos Intercept X has a host of valuable features, including its anti-malware feature, which we considered key."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"The price should be adjustable by region."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"The web filtering solution needs to be improved because currently, it is very simple."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"It could use maybe a little more on the Linux side."
"Better integration with third-party APMs would be really good."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"It's a little bit of a learning curve to understand the logic of searching for things and trying to find what you're looking for in Elastic Security."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"Features that should be improved in the upgrade involve the excessive consumption of the the solution's processor, RAM and resources."
"It consumes a lot of resources, and something needs to be done for that."
"They might want to offer an MSP model for licensing, to offer the solution as a software as a service."
"There is some issue with the reporting and refreshing information on resources that have been eliminated."
"To be a perfect product, the price would have to be a bit better."
"The solution is heavy in the usage of resources, you can notice the performance decrease. This should prove in the future."
"The EDR could be improved, and perhaps the User Interface."
"This solution is not in the high ratings on many of the top review sites. This solution has to be near the top for me to continue using it."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews while Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews. Elastic Security is rated 7.6, while Intercept X Endpoint is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient. See our Elastic Security vs. Intercept X Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.