We performed a comparison between Elastic Security and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Defender is easy to use. It has a nice console, and everything is all in one place."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"The most valuable feature is the network security."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The integration, visibility, vulnerability management, and device identification are valuable."
"It's simple and easy to use."
"The most valuable feature for me is Discover."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"The solution is quite stable. The performance has been good."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"It has the feature to track an attack back. If there is an incident or an attack occurs, you can get a bird's eye view of that attack. You can see how the attackers came in and how they managed the attack. You can trace an attack. If you are giving a presentation to the management, you can easily show it to them in a live environment how the attackers came, which is amazing."
"The most valuable feature is the network protection shield on every server, which isolates attacks and prevents our clients from being affected."
"Drilling down further, we can analyze how our users are utilizing their workstations, including the websites they visit."
"The automatic EDR system that notifies us when something is wrong is valuable."
"For scalability, I would give a rating of ten out of ten."
"The search features help us try to correlate information and identify any suspicious activity."
"One of the features I like in Trend Micro XDR is that you can drill down on the root-cause analysis for anything you find on the solution. I also like that it works for detection purposes. Behavior analytics is also what I like most about Trend Micro XDR. I love that it has features such as behavior detection, program detection, and memory scanning. By default, the solution protects against spyware, apart from the normal virus scan. Smart Scan and DLP are also available in Trend Micro XDR which I like as well."
"The zero-day vulnerability is valuable."
"The logs could be better."
"The solution does not offer a unified response and standard data."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"Sometimes, configurations take much longer than expected."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"There could be a way to proactively monitor unusual activity ."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"There isn't really a very good user experience. You need a lot of training."
"The solution's query building is not that intuitive compared to other solutions."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"The training that is offered for Elastic is in need of improvement because there is no depth to it."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"The deployment process could be more streamlined over the existing infrastructure, as it was not as easy as we thought."
"Having more variables within the playbook would be useful. It would allow us to have more refined playbooks for the business. It would allow us to take stronger action through a playbook. It will give us confidence to target a particular area of business where our risk tolerance might be higher or lower. We would like to have more granular playbooks."
"We do use the automation capability a little. However, we noticed some limitations, especially on the playbook side."
"There isn't a lot I'd do to change it. The web interface could be improved to sort of make it a little easier to manage multiple clients out of one location. It could also be made a bit easier to sort of manage the licensing side of it."
"Trend Micro doesn't have the next-generation firewall."
"The product needs to have a lot more maturity, and they need to improve the overall technical support framework for getting the value out of XDR."
"The support documentation could be more comprehensive."
"I would like to have the capability to export the information we receive from the XDR into Microsoft Excel."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 42 reviews. Elastic Security is rated 7.6, while Trend Vision One is rated 8.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, Microsoft Defender for Endpoint and IBM Security QRadar, whereas Trend Vision One is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Fortinet FortiEDR and ESET Inspect. See our Elastic Security vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.