We performed a comparison between Elastic Security and Trellix Active Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Impressive detection capabilities"
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The setup is pretty simple."
"Ability to get forensics details and also memory exfiltration."
"The most valuable feature is the ability to collect authentication information from service providers."
"It is scalable."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"It's a little lighter compared to the older version, which was mostly signature-based."
"The solution is scalable."
"We are hoping to automate detection and response and take advantage of user behavior analytics, given that we are working from home. About half of our workers are still remote, so Active Response gives us that visibility and lets us automate a number of those events."
"Making the portal mobile friendly would be helpful when I am out of office."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"It takes about two business days for initial support, which is too slow in urgent situations."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Detections could be improved."
"The solution should address emerging threats like SQL injection."
"The solution is not stable."
"It could use maybe a little more on the Linux side."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"We'd like to see some more artificial intelligence capabilities."
"Their visuals and graphs need to be better."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"I also expected Active Response 's user interface to be much more analytical."
"While the product is good, we are currently facing support issues."
"There are some components on the cloud that should also reside in the on-prem deployment models but don't."
Earn 20 points
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Trellix Active Response is ranked 58th in Endpoint Detection and Response (EDR). Elastic Security is rated 7.6, while Trellix Active Response is rated 6.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Active Response writes "Lighter with good stability and pretty good technical support". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Active Response is most compared with Trellix Endpoint Security (ENS) and Trellix Endpoint Detection and Response (EDR). See our Elastic Security vs. Trellix Active Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.