We compared Elastic Security and Microsoft Defender for Endpoint based on our user's reviews in several parameters.
Overall, users appreciate both Elastic Security and Microsoft Defender for Endpoint for their comprehensive threat protection, user-friendly interfaces, and effective incident response capabilities. Elastic Security stands out for its strong threat hunting functionalities and log management, while Microsoft Defender for Endpoint is praised for its efficient system management and reporting. Elastic Security users value its affordability and flexible licensing, while Microsoft Defender for Endpoint users highlight its reasonable pricing and seamless integration with other Microsoft products. However, Elastic Security users feel it could improve its threat monitoring capabilities and incident response system, while Microsoft Defender for Endpoint users suggest areas for enhancement such as easier navigation and improved integration with other security tools.
Features: Elastic Security is valued for its strong threat hunting functionalities, efficient log management, and seamless integration with other Elastic solutions. Microsoft Defender for Endpoint is praised for its real-time monitoring and detection, efficient system management and reporting, and seamless integration with other Microsoft products.
Pricing and ROI: The setup cost for Elastic Security is regarded positively by users, who appreciate its minimal associated costs and hassle-free experience. On the other hand, Microsoft Defender for Endpoint is also praised for its reasonable pricing, straightforward setup process, and flexible licensing options., Elastic Security's positive ROI is attributed to its tangible benefits and delivered results, while Microsoft Defender for Endpoint's success lies in its performance, effectiveness, ease of use, and real-time insights.
Room for Improvement: Elastic Security product has room for improvement in its threat monitoring capabilities, incident response system, integration with other security tools, navigation, user interface, and customizable features. Microsoft Defender for Endpoint also has areas that could be enhanced.
Deployment and customer support: The feedback on the duration to establish a new tech solution for Elastic Security varies, with users having different timeframes for deployment, setup, and implementation phases. In contrast, Microsoft Defender for Endpoint also has mixed feedback, with some users spending longer on deployment compared to others who completed both deployment and setup within a week. Looking at the context of the terms used is crucial., Customers have found Elastic Security's customer service to be helpful and supportive, while Microsoft Defender for Endpoint is praised for its efficiency, promptness, and ability to address concerns.
The summary above is based on 114 interviews we conducted recently with Elastic Security and Microsoft Defender for Endpoint users. To access the review's full transcripts, download our report.
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Ability to get forensics details and also memory exfiltration."
"It is stable and scalable."
"Fortinet is very user-friendly for customers."
"This is stable and scalable."
"The most valuable feature is the analysis, because of the beta structure."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"ELK documentation is very good, so never needed to contact technical support."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"The most valuable feature is the speed, as it responds in a very short time."
"The performance is good and it is faster than IBM QRadar."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"Enables monitoring of application performance and the ability to predict behaviors."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"It's an enterprise solution that provides a centralized console and it supports all the platforms that we use, including Windows, Linux, Mac, iOS, and Android."
"Auto-remediation: When the product sees malware, it resolves the issue immediately. This protects the machine."
"In terms of the installation, ease of use, and user interface, Defender has been great so far."
"File protection is the most valuable feature. Antivirus security on the Level OS, Microsoft Defender, and Microsoft Guard for 2019."
"I like the real-time protection features. Windows Defender will detect if there's a threat like a Trojan or something like that but Kaspersky lets it run normally."
"I like that Defender is integrated and doesn't have a third-party payload trying to advertise subscription renewal."
"Its real-time security is the most valuable."
"The solution provides protections and reports about strange behavior and automatically blocks some of it. I love the way that statuses are represented."
"Making the portal mobile friendly would be helpful when I am out of office."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The SIEM could be improved."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"FortiEDR can be improved by providing more detailed reporting."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The support needs improvement."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"Sometimes, the solution isn't the easiest to use."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"The interface could be more user friendly because it is sometimes hard to deal with."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"There isn't really a very good user experience. You need a lot of training."
"I miss having an executive dashboard or a simple view for viewing things. Everything is extensive in this solution. Everything is configurable and manageable, but the environment of Microsoft 365 has about 13 administrative dashboards, and in each of the dashboards, there are a gazillion things to set up. It is good for a large enterprise, but for a 200-seat client, you need to see 5% of that."
"If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us."
"I personally haven't experienced any pain points, but some of my coworkers feel that it isn't secure enough."
"A single dashboard would be a significant improvement."
"I want Microsoft Defender to have the ability to deal with some issues automatically, so I don't need to address that issue manually."
"There is no behavior analytics for devices and endpoints. There is no behavior-based protection."
"Microsoft Defender in the basic form is not very useful for managing the security environment. The free version is not capable of covering the needs of centralized management, EDR, and behavioral analysis. If you don't have the commercial version, you can't have centralized management and set up the policies and other things. Each client is a standalone installation, which is not useful for security in an enterprise model."
"The pricing could be a bit better."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Elastic Security is ranked 15th in EDR (Endpoint Detection and Response) with 58 reviews while Microsoft Defender for Endpoint is ranked 1st in EDR (Endpoint Detection and Response) with 182 reviews. Elastic Security is rated 7.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and CrowdStrike Falcon, whereas Microsoft Defender for Endpoint is most compared with Intercept X Endpoint, Symantec Endpoint Security, CrowdStrike Falcon, SentinelOne Singularity Complete and Fortinet FortiClient. See our Elastic Security vs. Microsoft Defender for Endpoint report.
See our list of best EDR (Endpoint Detection and Response) vendors.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.