We performed a comparison between Elastic Security and Trellix Endpoint Security (ENS) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"NGAV and EDR features are outstanding."
"The setup is pretty simple."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Ability to get forensics details and also memory exfiltration."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"We've found the initial setup to be quite straightforward."
"The most valuable feature is the machine learning capability."
"It's very stable and reliable."
"The scalability is good. It can be scaled easily in the production environment."
"The features we have found most valuable have been containment as well as the ability to triage agent activities."
"If the network has seen something, we can use that to put a block to all the endpoints."
"The response part of EDR was most valuable. We used that to separate the endpoint from the network. We utilized the solution during the instant response. We were also utilizing advanced malware detection capabilities, but we benefited the most from its help with the response."
"The platform’s most valuable features are ease of use, integration, and deployment."
"It is a really strong solution for endpoint security."
"The technical support services are good."
"It's very stable and reliable."
"It is scalable and stable and the initial setup is the easiest part of using the product."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The solution should address emerging threats like SQL injection."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"It could use maybe a little more on the Linux side."
"We'd like to see some more artificial intelligence capabilities."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"They could also increase or improve the scalability because to my knowledge the biggest bandwidth can only support up to 10 gigs of input."
"The price of McAfee MVISION Endpoint could improve."
"They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us."
"The product needs to reduce the usage of RAM and CPU."
"Impacts performance of the servers quite negatively."
"It is a very heavy tool, unfortunately."
"From an improvement perspective, I want everything in the solution to be free."
"It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents."
More Trellix Endpoint Security (ENS) Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews while Trellix Endpoint Security (ENS) is ranked 18th in Endpoint Detection and Response (EDR) with 48 reviews. Elastic Security is rated 7.6, while Trellix Endpoint Security (ENS) is rated 7.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Endpoint Security (ENS) writes "It integrates well with other solutions, but the vendor needs more of a local presence and faster response". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Endpoint Security (ENS) is most compared with Trellix Endpoint Security, Microsoft Defender for Endpoint, CrowdStrike Falcon, Trellix Endpoint Detection and Response (EDR) and Open EDR. See our Elastic Security vs. Trellix Endpoint Security (ENS) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.