We performed a comparison between Elastic Security and Exabeam Fusion SIEM based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The initial setup is very simple and straightforward."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The analytic rule is the most valuable feature."
"The product can integrate with any device."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"It's a very user-friendly product and it's a very comprehensive technology."
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"The setup is not difficult. It was easy."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"Timeline based analysis; good platform support"
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"One key area that can be improved is by building a strong integration with our XDR platform."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"The AI capabilities must be improved."
"We'd like to see more connectors."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"Email notification should be done the same way as Logentries does it."
"There isn't really a very good user experience. You need a lot of training."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"I believe if it were more flexible it would be a better product."
"They should provide detailed information about detecting phishing emails."
"The organzation is rigid and not flexible in the way they operate"
"We still have questions surrounding hardware deployment."
"The only problem is that the UI is not very impressive."
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
Elastic Security is ranked 5th in Log Management with 58 reviews while Exabeam Fusion SIEM is ranked 31st in Log Management with 10 reviews. Elastic Security is rated 7.6, while Exabeam Fusion SIEM is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender for Endpoint and CrowdStrike Falcon, whereas Exabeam Fusion SIEM is most compared with IBM Security QRadar, Palo Alto Networks Cortex XSOAR, Splunk Enterprise Security, Splunk User Behavior Analytics and Securonix Next-Gen SIEM. See our Elastic Security vs. Exabeam Fusion SIEM report.
See our list of best Log Management vendors, best Security Information and Event Management (SIEM) vendors, and best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.