We performed a comparison between Elastic Security and Fidelis Elevate based on real PeerSpot user reviews.
Find out in this report how the two EDR (Endpoint Detection and Response) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The most valuable feature is the network security."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"Enables monitoring of application performance and the ability to predict behaviors."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"The most valuable feature is the ability to collect authentication information from service providers."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"Elastic Security is very easy to adapt."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"Reporting is great, it is easy to do a quick search through 45 days of data for something of interest."
"It has also improved our hunt ability with quick search tools, to zone in on malware or other anomalies. It is able to link items to incidents from other consoles, and works natively with the SIEM."
"The initial setup is very straightforward. The deployment of the server doesn't take so long; about a day or two max."
"Compared to similar solutions, it's quite scalable. You just need to add more storage to scale-up."
"The solution's technical support is perfect, so I rate the technical support a ten out of ten"
"What I like the most about this solution is the complexity. It covers a lot of areas, unlike other solutions."
"There are many valuable features. The NDR gives very good network visibility, and the endpoint module has a great feature called "Live Connect" for remote connections. They also have "Tasks" that can be run on endpoints to gather specific information or retrieve logs."
"It ensures the stability of network behavior across various aspects of our network and offers responsive capabilities to address incidents promptly"
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"I would like more ways to manage permissions and restrict access to certain users."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"The solution could offer better reporting features."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"We position the solution as an antivirus, but this part of the solution needs improvement. They need to generally enhance the features that they have, rather than adding anything new."
"The interface bug needs to be squashed once and for all. This has been the predominant issue with an otherwise stellar product. It reboots itself unscheduled, about once a month, due to a memory buffer flaw in the interface."
"The reports in the endpoint area of Elevate can be improved."
"There is room for improvement in email security. It's a security issue. If you're aiming for XDR, covering the entire threat landscape is crucial."
"Fidelis Endpoint is an expensive product making it one of its shortcomings that needs improvement."
"I encounter difficulty removing certain entries in behavior or alerts; likewise, I am unable to add specific calls."
"Configuration, in terms of building the collector and communicating with endpoints, is complex."
Elastic Security is ranked 15th in EDR (Endpoint Detection and Response) with 58 reviews while Fidelis Elevate is ranked 40th in EDR (Endpoint Detection and Response) with 7 reviews. Elastic Security is rated 7.6, while Fidelis Elevate is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Fidelis Elevate writes "Advanced threat detection capabilities with comprehensive incident response features providing robust cybersecurity for organizations". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, Microsoft Defender for Endpoint and IBM Security QRadar, whereas Fidelis Elevate is most compared with Microsoft Defender for Endpoint, Darktrace, CrowdStrike Falcon, VMware Carbon Black Cloud and Trellix Endpoint Security (ENS). See our Elastic Security vs. Fidelis Elevate report.
See our list of best EDR (Endpoint Detection and Response) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.