We performed a comparison between Cynet and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft 365 Defender is a good solution and easy to use."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"I have found the ability to delete unwanted threats beneficial."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The initial setup is very fast and very easy."
"The feature that I have found most valuable is that the configuration and the usage of the product are not so complicated. For people responsible for using this infrastructure for the first line of workstation monitoring, it's quite easy to use."
"Its ability to revert back from a previous state is quite notable. This feature is particularly valuable because, for maintaining integrity, it can inspect the socket for any firewall modifications. In practice, it allows us to return to a previous configuration when everything was functioning correctly."
"The most valuable feature is the monitored support behind it."
"We are very satisfied with the level of performance we get."
"A reliable security system that automatically quarantines anything suspicious."
"The product is very easy to use. Customers really appreciate that."
"It is quite stable. I would rate the stability of the solution a nine out of ten."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"Elastic is straightforward, easy to integrate, and highly customizable."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"Elastic Security is very easy to adapt."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"The solution does not offer a unified response and standard data."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"Intrusion detection and prevention would be great to have with 365 Defender."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"The licensing is a nightmare and has room for improvement."
"SIEM - Although with their Centralised Log Management Cynet has created the basis for SIEM functionality, this is to be expanded in the near future."
"Its dashboard is not so good. On the dashboard, they don't show the count for client endpoints, which is a failure of this product. This count should be shown on the dashboard. I have 1,000 clients, but I can't see it anywhere on the dashboard."
"They have automated response capability, and they're moving more and more into SOAR capability. They have built-in deception technology with host-file users, phantoms, etc. We used to call them honeypots. So, they're on target. They're doing a really good job, and they should continue to improve with SOAR."
"They have some things in the pipeline, we understand, and they're going to be able to support Android and all these other devices soon. The key is the devices - which is an aspect that is lacking right now. Every company has that problem, not just Cynet."
"The command line interface could be improved."
"I would like to see support for mobile protection and some additional reports included."
"One thing to note is that I highly recommend adding a deep learning-based prevention environment as an additional layer to Cynet. However, I always advise my customers to start with Cynet or XDR, for example, and then focus on the people, technology, and processes involved. This is the best approach to ensure that you are not breached with ransomware. While Cynet can prevent most attacks, there have been cases where ransomware has been quicker than Cynet's detection capabilities. In these situations, an additional tool is necessary to ensure complete protection, and that is what I sell as well."
"The reporting is a little weak and could be improved. The other downside is that Cynet does not use the local time zone. It's based off of Greenwich Mean Time."
"Sometimes, the solution isn't the easiest to use."
"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."
"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
"We'd like better premium support."
"Technical support could respond faster."
Cynet is ranked 15th in Endpoint Detection and Response (EDR) with 35 reviews while Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews. Cynet is rated 8.8, while Elastic Security is rated 7.6. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of Elastic Security writes "Customizable with great dashboards but the premium support is poor". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, ESET Endpoint Protection Platform, Microsoft Defender for Endpoint and Cortex XDR by Palo Alto Networks, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint. See our Cynet vs. Elastic Security report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.