We performed a comparison between CrowdStrike Falcon and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"I have found the ability to delete unwanted threats beneficial."
"The comprehensiveness of Microsoft's threat detection is good."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control."
"It has definitely minimized resources. When everything was on-prem, there was a lot more work maintaining it. One of the big value tickets: I don't have lists of hundreds of exceptions for certain applications that I have to maintain, add, delete, and move. The very nature of the product has lessened my workload considerably."
"The solution is silent and sits on your system as one single agent."
"At this point what is most valuable is the interface, which is easy to navigate."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"Falcon's best feature is its detection and blocking of threats."
"There's almost no maintenance required. It's very low if there's any at all."
"The visualization is very good."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"Enables monitoring of application performance and the ability to predict behaviors."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"We've found the initial setup to be quite straightforward."
"The most valuable feature for me is Discover."
"We should be able to use the product on devices like Apple, Linux, etc."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"The data recovery and backup could be improved."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement."
"Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."
"Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices."
"The current database schema presents challenges and has potential for improvement."
"The price is too high."
"CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
"I would like to see the machine learning feature enhanced."
"We sometimes get false positives."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"Better integration with third-party APMs would be really good."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"The interface could be more user friendly because it is sometimes hard to deal with."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 105 reviews while Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews. CrowdStrike Falcon is rated 8.8, while Elastic Security is rated 7.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Trend Vision One, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and AlienVault OSSIM. See our CrowdStrike Falcon vs. Elastic Security report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
