We performed a comparison between Elastic Security and LogPoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Elastic Security is commended for its adaptability, extensive customization options, and seamless integration with the ELK Stack. LogPoint is noted for its advanced technology and extensive log-collection, parsing, and analysis mechanisms. Elastic Security could improve by reducing resource usage, automating threat response, and simplifying the user experience. LogPoint can improve its dashboard customization, resource efficiency, network hierarchy diagrams, and agent deployment.
Service and Support: Some Elastic Security users found their support helpful, while others experienced difficulties and delays. LogPoint's customer service receives high marks for its exceptional technical support and responsive engineers, but some users reported delays in receiving help from higher-level support.
Ease of Deployment: Elastic Security generally has a straightforward setup but may require trained specialists. The complexity of LogPoint's initial setup can range from complex and time-consuming to fast and easy, depending on the user's experience and the organization’s size.
Pricing: Elastic Security is considered affordable and cost-effective, with pricing based on the size of the monitored environment. LogPoint's fixed pricing model is seen as cost-effective and competitive.
ROI: Elastic Security has shown mixed results in terms of ROI, with some users expressing concerns about the quality of their premium support. LogPoint makes costs more predictable and enables companies to generate revenue through security operation services.
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Fortinet is very user-friendly for customers."
"This is stable and scalable."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The product detects and blocks threats and is more proactive than firewalls."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The visualization is very good."
"The most valuable feature for me is Discover."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"The feature that we have found the most valuable is scalability."
"It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."
"Technical support is responsive and very friendly."
"The search feature is valuable. The dashboards are also valuable for our bosses. Another valuable feature, which is the main feature of the product, is the centralization of all the logs."
"The solution's most valuable aspect is the combination of the software and the support that they have."
"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"They basically charge you in a better way."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The dashboard isn't easy to access and manage."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The SIEM could be improved."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Their visuals and graphs need to be better."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"The solution could offer better reporting features."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"It could use maybe a little more on the Linux side."
"It is complicated to collect daily logs from other systems."
"One of the downsides is it is not a SaaS solution. It must be on-premises."
"In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved."
"I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products."
"Log management could be better because transporting the log from a password to the client system takes time."
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"It is a good product, but its interface or GUI could be better."
"Sometimes, the product is not stable."
Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 59 reviews while Logpoint is ranked 26th in Security Information and Event Management (SIEM) with 20 reviews. Elastic Security is rated 7.6, while Logpoint is rated 7.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Logpoint is most compared with IBM Security QRadar, Rapid7 InsightIDR, Microsoft Sentinel, Wazuh and LogRhythm SIEM. See our Elastic Security vs. Logpoint report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.