• Home
  • Elastic Security vs. Trellix Endpoint Security

Elastic Security vs Trellix Endpoint Security comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Defender XDR

Read 76 Microsoft Defender XDR reviews
5,744 views|4,276 comparisons
98% willing to recommend
Elastic Logo

Elastic Security

Read 58 Elastic Security reviews
9,501 views|7,824 comparisons
86% willing to recommend
Trellix Logo

Trellix Endpoint Security

Read 94 Trellix Endpoint Security reviews
4,149 views|2,443 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Elastic Security vs. Trellix Endpoint Security
March 2021
Executive Summary

We performed a comparison between Elastic Security and Trellix Endpoint Security based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Elastic Security vs. Trellix Endpoint Security Report (Updated: March 2021).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Eyad Abounada.
The solution's timeline feature helps you track and investigate incidents
Defender XDR has helped a lot in terms of capturing all kinds of activities happening on the endpoints where it is. If you want to know what... Read more →
Don Jarmon
A stable and scalable tool that provides visibility along with the consolidation of logs to its users
Elastic Security has allowed my organization to have visibility with the consolidation of the logs while also providing it the ability to be able... Read more →
Anonymous User
Scalable and quickly deployable, but they should try moving away from the signature-based model
It's mainly for compliance. In terms of products in the market, it's probably not the best, but it's the one that is already paid for under the... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features.""Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations.""The incident threat response and its ability to facilitate effective remediation against threats are the standout features.""I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications.""Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing.""Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end.""The most valuable aspect is undoubtedly the exploration capability""The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."

More Microsoft Defender XDR Pros →

"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash.""The performance is good and it is faster than IBM QRadar.""The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed.""ELK documentation is very good, so never needed to contact technical support.""The solution is compatible with the cloud-native environment and they can adapt to it faster.""Stability-wise, I rate the solution a ten out of ten.""It's not very complicated to install Elastic.""I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."

More Elastic Security Pros →

"The installation is pretty straightforward.""What I like best is the integrated end-to-end security that works with the security information and events manager.""Automatic user recovery prior to Windows booting up.""I like trap prevention DNS and threat prevention.""It has been protecting us for many years, and we hope it will continue to do so for many years to come.""It's easy to use and it's very powerful. It offers nice endpoint protection.""Would benefit with the addition of DLP features.""The most valuable feature is the centralized console where everything can be controlled by the administration."

More Trellix Endpoint Security Pros →

Cons
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded.""The solution does not offer a unified response and standard data.""There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial.""The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist.""It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team.""I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera.""From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it.""The logs could be better."

More Microsoft Defender XDR Cons →

"There is room for improvement in the Kibana dashboard and in the asset management for the program.""Better integration with third-party APMs would be really good.""With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM.""We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised.""The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes.""Technical support could respond faster.""We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there).""There isn't really a very good user experience. You need a lot of training."

More Elastic Security Cons →

"The solution takes up a high amount of memory and can cause the system to hang.""It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement.""Trying to move away from the signature model for antivirus and malware blocking is something that would be nice. Instead of having to update every day, which is signature-based, moving to more of a kernel or architecture-based model would probably be beneficial.""Recently, Trellix has introduced a CDR, which involves more manual response than automatic. I believe they should enhance the system by adding features like automated response and the ability to create custom playbooks. This is crucial for an EDR solution, and currently, Trellix lacks this feature while other products offer it.""With McAfee, if there is a zero-day vulnerability, you have to download the patch for it from the McAfee website, then apply it to your endpoint.""It can be quite complicated to learn McAfee Endpoint Security and to feel comfortable with the environment.""The local technical support could be better.""Tech support is not as helpful as they were in the past."

More Trellix Endpoint Security Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "We use the open-source version, so there is no charge for this solution."
  • "We are using the free, open-source version of this solution."
  • "Elastic Stack is an open-source tool. You don't have to pay anything for the components."
  • "There is no charge for using the open-source version."
  • "This is an open-source product, so there are no costs."
  • "It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
  • "It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
  • "Compared to other products such as Dynatrace, this is one of the cheaper options."

    • More Elastic Security Pricing and Cost Advice →

  • "The initial price is very good as they give good initial discounts, but it seems a little expensive once you renew the license."
  • "Pricing is fair."
  • "No comment."
  • "The pricing is comparable to other solutions on the market."
  • "This product is costly."
  • "It's fairly priced compared to other products on the market."
  • "Pricing is reasonable and runs at a cost per user per year."
  • "It is not that expensive. There is no additional cost. We got the entire bundle together."

    • More Trellix Endpoint Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an… more »
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment.
    Read all 29 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:Defender XDR has good threat visibility, but it could be better in some areas, like when we are hunting for a specific… more »
    Read all 37 answers   →
    Datadog vs ELK: which one is good in terms of performance, cost and effic...
    Top Answer:With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times… more »
    Read all 7 answers   →
    What do you like most about Elastic Security?
    Top Answer:It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.
    Read all 26 answers   →
    What is your experience regarding pricing and costs for Elastic Security?
    Top Answer:The product offers an amazing pricing structure. Price-wise, the product is very competitive.
    Read all 18 answers   →
    How does McAfee Endpoint Security compare with MVISION?
    Top Answer:The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deploy… more »
    Read all 2 answers   →
    What do you like most about McAfee Endpoint Security?
    Top Answer:It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and… more »
    Read all 53 answers   →
    What is your experience regarding pricing and costs for McAfee Endpoint S...
    Top Answer:I would emphasize its affordability rather than merely focusing on cheapness. It provides good value by striking a… more »
    Read all 32 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Elastic SIEM, ELK Logstash
    McAfee Endpoint Security, McAfee Complete Endpoint Protection, McAfee Endpoint Protection, Total Protection for Endpoint, Intel Security Total Protection for Endpoint, MCAFEE Complete Endpoint Protection
    Learn More
    Microsoft
    Elastic
    Trellix
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


    Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

    Additional offerings and benefits:

    • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
    • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
    • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

    Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

    Trellix Endpoint Security provides aggressive robust protection for every endpoint in an enterprise organization. Trellix uses dynamic threat intelligence and mounts a superb defense across the complete threat lifecycle. This solution will keep your organization more secure and resistant to any possible threat of risks. Trellix offers an amalgamated suite of next-generation endpoint security tools. These tools give users the benefit of machine learning, intuitive intelligence, and greater assistance to ensure their networks are being protected non-stop against threats - potential or realized - and can stop attacks before they happen. Trellix uses MDR (managed detection and response) and XDR (extended detection and response) to give users a comprehensive endpoint security solution.

    Trellix Endpoint Security Benefits

    • Intuitive Protection: Trellix Endpoint Security learns and matures to ensure organizations are continuously protected in today’s aggressive threat environment. Users have full visibility and greater control of all endpoints and are able to utilize Trellix Endpoint Security’s potent threat detection, prevention, investigation, and response to keep their enterprises safe and secure.

    • Streamlined Security Protection: Users have a single view of full transparency into how their networks are performing and the overall effectiveness of the security. Users can access the solution from anywhere and manage automated workflows. The solution allows for a streamlined security process to improve the overall reliability of the organization's security and can effortlessly scan through hundreds of thousands of endpoints in minutes.

    • Robust Risk Management: Stop attacks before they occur and keep abreast of potential threats with intuitive threat prioritization. Receive easy to understand risk assessment and repair guidance without delay to prevent any possible lapses in security. Test scenarios will allow users to see how the organization would respond to a threat scheme.

    Trellix Endpoint Security Top Features

    • Consolidated Management: Trellix offers numerous deployment options. The unique consolidated management process provides full transparency, cost-effective processes, improved IT functionality, and streamlined operations.

    • Intuitive Processes: Trellix can identify zero-day threats using machine learning and develop workable risk assessment to prevent attacks. Trellix intuitively creates protocols to recognize problematic processes that could lead to future attacks.
    • Reduced Impact on Resources: Trellix learns to focus on suspicious or anomalous activities by quickly identifying trusted activities to greatly reduce CPU consumption.

    Reviews from Real Users

    “It has a great console. We can manage everything from the central console and it is very easy. Every year we are getting the benefits of legacy also. It's easy to set up.” - S Fazlul H., IT Lead Engineer, Information Technology at Banglalink

    “There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.” - Sabari K. Senior Engineer at a comms service provider

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
    inHouseIT, Seagate Technology
    Top Industries
    REVIEWERS
    Manufacturing Company19%
    Computer Software Company14%
    Financial Services Firm11%
    Government11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    REVIEWERS
    Financial Services Firm29%
    Computer Software Company25%
    Healthcare Company13%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Comms Service Provider7%
    REVIEWERS
    Computer Software Company23%
    Financial Services Firm21%
    Comms Service Provider9%
    Government9%
    VISITORS READING REVIEWS
    Educational Organization37%
    Government9%
    Computer Software Company8%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise23%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business60%
    Midsize Enterprise18%
    Large Enterprise23%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business42%
    Midsize Enterprise23%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise45%
    Large Enterprise42%
    Buyer's Guide
    Elastic Security vs. Trellix Endpoint Security
    March 2021
    Free Report: Elastic Security vs. Trellix Endpoint Security
    Find out what your peers are saying about Elastic Security vs. Trellix Endpoint Security and other solutions. Updated: March 2021.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Elastic Security is ranked 7th in Extended Detection and Response (XDR) with 58 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 94 reviews. Elastic Security is rated 7.6, while Trellix Endpoint Security is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Elastic Security vs. Trellix Endpoint Security report.

    See our list of best Extended Detection and Response (XDR) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.