We performed a comparison between Elastic Security and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."ELK is open-source, and it will give you the framework you need to build everything from scratch."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"The scalability is good. It can be scaled easily in the production environment."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"I like the indexing of the logs."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"I like the ease of deployment."
"The solution's technical support is great."
"The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure."
"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."
"It is easy to use."
"The product’s most valuable feature is log monitoring."
"The most valuable feature is that if the scanning does find something, it quarantines it. Then you can decide what you are going to do with it."
"Compared to other solutions, the user interface is good."
"This solution is very hard to implement."
"I would like more ways to manage permissions and restrict access to certain users."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"The tool should improve its scalability."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"The solution's query building is not that intuitive compared to other solutions."
"Their visuals and graphs need to be better."
"There should be support for multitenancy in the product."
"The support from McAfee ESM could improve. They could improve the speed."
"The only drawback is that they don't have any packet capturing or network behavior analysis."
"We acquired the IBM product because McAfee is slightly confusing to use, and it's broader."
"There are always multiple bugs in the product. For example, the console page was hanging multiple times. Afterwards, they released multiple upgrades for the same, multiple patches from McAfee."
"We would welcome integrations with some of the new McAfee acquisitions, e.g., behavioural analytics."
"Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface."
"There are some banking and transactional cases that are local, South America transactions. I would like to see them add features that can be used locally, to make those transactions more reliable."
Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 59 reviews while Trellix ESM is ranked 19th in Security Information and Event Management (SIEM) with 34 reviews. Elastic Security is rated 7.6, while Trellix ESM is rated 7.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Trellix Helix. See our Elastic Security vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.