We compared Elastic Security and Microsoft Defender for Endpoint based on our user's reviews in several parameters.
Overall, users appreciate both Elastic Security and Microsoft Defender for Endpoint for their comprehensive threat protection, user-friendly interfaces, and effective incident response capabilities. Elastic Security stands out for its strong threat hunting functionalities and log management, while Microsoft Defender for Endpoint is praised for its efficient system management and reporting. Elastic Security users value its affordability and flexible licensing, while Microsoft Defender for Endpoint users highlight its reasonable pricing and seamless integration with other Microsoft products. However, Elastic Security users feel it could improve its threat monitoring capabilities and incident response system, while Microsoft Defender for Endpoint users suggest areas for enhancement such as easier navigation and improved integration with other security tools.
Features: Elastic Security is valued for its strong threat hunting functionalities, efficient log management, and seamless integration with other Elastic solutions. Microsoft Defender for Endpoint is praised for its real-time monitoring and detection, efficient system management and reporting, and seamless integration with other Microsoft products.
Pricing and ROI: The setup cost for Elastic Security is regarded positively by users, who appreciate its minimal associated costs and hassle-free experience. On the other hand, Microsoft Defender for Endpoint is also praised for its reasonable pricing, straightforward setup process, and flexible licensing options., Elastic Security's positive ROI is attributed to its tangible benefits and delivered results, while Microsoft Defender for Endpoint's success lies in its performance, effectiveness, ease of use, and real-time insights.
Room for Improvement: Elastic Security product has room for improvement in its threat monitoring capabilities, incident response system, integration with other security tools, navigation, user interface, and customizable features. Microsoft Defender for Endpoint also has areas that could be enhanced.
Deployment and customer support: The feedback on the duration to establish a new tech solution for Elastic Security varies, with users having different timeframes for deployment, setup, and implementation phases. In contrast, Microsoft Defender for Endpoint also has mixed feedback, with some users spending longer on deployment compared to others who completed both deployment and setup within a week. Looking at the context of the terms used is crucial., Customers have found Elastic Security's customer service to be helpful and supportive, while Microsoft Defender for Endpoint is praised for its efficiency, promptness, and ability to address concerns.
The summary above is based on 114 interviews we conducted recently with Elastic Security and Microsoft Defender for Endpoint users. To access the review's full transcripts, download our report.
"Ability to get forensics details and also memory exfiltration."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The stability is very good."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"It is stable and scalable."
"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"It's very stable and reliable."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"The feature that we have found the most valuable is scalability."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"It captures data through machine learning, which is built-in on the back-end. It also provides built-in analytics and a threat intelligence feature. It is a one-stop solution that doesn't require an antivirus because it comes prebuilt into Windows 10."
"The solution has an easy-to-use interface, is always updated, and is user-friendly."
"The integration of Defender, Security Center, and the Microsoft compliance score, is the feature we use most to share the results with our clients and to create a roadmap together."
"I like the simplicity of the portal and the integration with Microsoft Intune. Microsoft Defender for Endpoint is easy to use and implement."
"The biggest benefit to Windows Defender is that it is built-in to the operating system by Microsoft."
"Auto-remediation: When the product sees malware, it resolves the issue immediately. This protects the machine."
"It is a very advanced system based on AI. It has a very large database of places or sites on the internet where you should not go. It is continuously online."
"It is easy to use because it is already pre-installed in Windows 10. We don't have to do anything to configure it. You can also configure the firewall by using a group policy so that it can be easily adopted in an environment."
"I haven't seen the use of AI in the solution."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"ZTNA can improve latency."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The dashboard isn't easy to access and manage."
"Cannot be used on mobile devices with a secure connection."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The support needs improvement."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"I would like more ways to manage permissions and restrict access to certain users."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"Microsoft Defender for Endpoint can use more advertising to promote their features."
"The profiling method currently in use is not very user-friendly and has ample scope for improvement."
"Phishing and Malware detection could be better."
"I wish they would extend the use of the Security Central portal, even for the free option of Defender. Because, as companies grow, it is labor intensive to manage the AV and detection part of it. For companies already subscribed to Office 365, I think this would be a good enhancement."
"Integrating this with third-party systems has some complexity involved."
"From an audit point of view, our auditors would like to have more reports on how things are used, if things go wrong, and how they went wrong. For example, if something got a warning, "Why?" So, we would like more versatility for tracing and reporting. That would improve the product, as long as the user interface doesn't get bogged down."
"The scalability could be improved - I would rate it between a seven and an eight."
"It is not very scalable from the eyes of an MSP because there is no dashboard that you can use to see all of your devices that have Windows Defender unless you have your own dashboard or an RMM tool to actually look at it. So, you might not get to know that a particular computer of a client is doing something, and it might have got a virus. That person might know that, but unless you set it up to actually send you the information, you won't get to know that. That's one of the things that is hard with Microsoft Defender. It is not made for the MSP world where you have one pane of glass to see all of your clients with Microsoft Defender on it unless your RMM tool already has that built-in and it can see the telemetry from Microsoft Defender."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews. Elastic Security is rated 7.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and CrowdStrike Falcon, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Fortinet FortiClient. See our Elastic Security vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.