2020-04-28T08:50:45Z

What needs improvement with Elastic SIEM?


Please share with the community what you think needs improvement with Elastic SIEM.

What are its weaknesses? What would you like to see changed in a future version?

Guest
33 Answers

author avatar
Top 10Real User

The signature security needs improvement. If you compare this with CrowdStrike or Carbon Black, they can improve.

2020-05-18T07:50:00Z
author avatar
Top 5LeaderboardReal User

The interface could be more user friendly because it is sometimes hard to deal with. The initial setup can be made easier.

2020-04-28T08:50:48Z
author avatar
Top 10Real User

This solution is very hard to implement. It is not a simple product but rather, it has many features and we need to understand all of them. For example, there is the analytics, the parser, and the visualizer, and setting them all up is a little bit complex. In the next release of this product, I would like to see SOAR automation features, similar to what Splunk Phantom has.

2020-04-28T08:50:45Z
Find out what your peers are saying about Elastic, Splunk, Fortinet and others in Security Information and Event Management (SIEM). Updated: October 2020.
442,845 professionals have used our research since 2012.