We performed a comparison between Elastic Security and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"The integration with other Microsoft solutions is the most valuable feature."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The most valuable aspect is undoubtedly the exploration capability"
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The summarization of emails is a valuable feature."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."
"Enables monitoring of application performance and the ability to predict behaviors."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"The most valuable feature is the machine learning capability."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"It's open-source and free to use."
"The automatic EDR system that notifies us when something is wrong is valuable."
"The centralized visibility is good."
"We had a quick deployment. The solution is easy to set up."
"It has good vulnerability protection."
"For scalability, I would give a rating of ten out of ten."
"We haven't had any issues with configurations or customizations."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"The mobile app support for Android and iOS is difficult and needs improvement."
"The tool should improve its scalability."
"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"The interface could be more user friendly because it is sometimes hard to deal with."
"Their visuals and graphs need to be better."
"I would like more ways to manage permissions and restrict access to certain users."
"This solution is very hard to implement."
"When you deploy these tools from Trend Micro, the integration and getting them to work together, are among the more difficult pieces of the puzzle. But when you get that set up and working, you're glad you did."
"The integration with third-party tools and with on-premises Active Directory needs improvement."
"While the continuous addition of features is commendable, the sheer volume of changes makes it difficult to stay abreast of the latest developments."
"They have a DLP module in Tredn Moicros and they need to enhance its capabilities."
"They are planning on adding the Security Playbooks as a complete feature. In the preview mode, it is available; however, it is not released."
"It would be ideal if they could improve the control of connectivity between sensors."
"The centralized dashboard has room for improvement."
"It should integrate with more tools. There are a lot of tools that can do the PTP dump."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 42 reviews. Elastic Security is rated 7.6, while Trend Vision One is rated 8.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trend Vision One is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Trend Micro Apex One and ESET Inspect. See our Elastic Security vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
