We compared Elastic Security and Microsoft Defender for Endpoint based on our user's reviews in several parameters.
Overall, users appreciate both Elastic Security and Microsoft Defender for Endpoint for their comprehensive threat protection, user-friendly interfaces, and effective incident response capabilities. Elastic Security stands out for its strong threat hunting functionalities and log management, while Microsoft Defender for Endpoint is praised for its efficient system management and reporting. Elastic Security users value its affordability and flexible licensing, while Microsoft Defender for Endpoint users highlight its reasonable pricing and seamless integration with other Microsoft products. However, Elastic Security users feel it could improve its threat monitoring capabilities and incident response system, while Microsoft Defender for Endpoint users suggest areas for enhancement such as easier navigation and improved integration with other security tools.
Features: Elastic Security is valued for its strong threat hunting functionalities, efficient log management, and seamless integration with other Elastic solutions. Microsoft Defender for Endpoint is praised for its real-time monitoring and detection, efficient system management and reporting, and seamless integration with other Microsoft products.
Pricing and ROI: The setup cost for Elastic Security is regarded positively by users, who appreciate its minimal associated costs and hassle-free experience. On the other hand, Microsoft Defender for Endpoint is also praised for its reasonable pricing, straightforward setup process, and flexible licensing options., Elastic Security's positive ROI is attributed to its tangible benefits and delivered results, while Microsoft Defender for Endpoint's success lies in its performance, effectiveness, ease of use, and real-time insights.
Room for Improvement: Elastic Security product has room for improvement in its threat monitoring capabilities, incident response system, integration with other security tools, navigation, user interface, and customizable features. Microsoft Defender for Endpoint also has areas that could be enhanced.
Deployment and customer support: The feedback on the duration to establish a new tech solution for Elastic Security varies, with users having different timeframes for deployment, setup, and implementation phases. In contrast, Microsoft Defender for Endpoint also has mixed feedback, with some users spending longer on deployment compared to others who completed both deployment and setup within a week. Looking at the context of the terms used is crucial., Customers have found Elastic Security's customer service to be helpful and supportive, while Microsoft Defender for Endpoint is praised for its efficiency, promptness, and ability to address concerns.
The summary above is based on 114 interviews we conducted recently with Elastic Security and Microsoft Defender for Endpoint users. To access the review's full transcripts, download our report.
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet is very user-friendly for customers."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The price is low and quite competitive with others."
"The stability is very good."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The setup is pretty simple."
"ELK documentation is very good, so never needed to contact technical support."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"The product has huge integration varieties available."
"Enables monitoring of application performance and the ability to predict behaviors."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"We've found the initial setup to be quite straightforward."
"You have endpoint security to keep your devices safe. That's the feature that we're interested in."
"There are some competitive products on the market, but the best is Microsoft Defender because it's very easy to integrate. That's one reason a lot of clients want Microsoft Defender. It's also very easy to implement compared to other solutions."
"It depends on the licensing. Most of the customers have got at least a 365 E3 license, and they can use most of the features of Windows 10 Defender. So, anyone who has got an enterprise license can start using those features. Some of the customers have got E5 licenses, and they can use all advanced features. Customers with E5 licenses use the advanced site protection (ATP) features and web content filtering without going via a proxy, which gives the benefit of replacing the proxy. They can get the benefit of MCAS and integration with Intune and the endpoint manager. It is a kind of single platform for all 365 technologies. It helps customers in managing everything through a unified portal."
"Offers good protection."
"File protection is the most valuable feature. Antivirus security on the Level OS, Microsoft Defender, and Microsoft Guard for 2019."
"The detection features are valuable, as is the fact that it is easier to port these logs into Sentinel. That is also useful for us. It is more comprehensive."
"The folders and files protection are its most valuable features. These have been valuable because of the increase in ransomware attacks. With these two features, I can ensure that no changes have been made to our system or endpoint folders and files without the user being aware."
"We had Norton Antivirus before, and with Norton, we didn't have a way to centrally manage a lot of features. Defender allowed us to deploy it from our Office 365 admin console. That is probably the biggest thing that made us go with Defender."
"ZTNA can improve latency."
"It takes about two business days for initial support, which is too slow in urgent situations."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The dashboard isn't easy to access and manage."
"Making the portal mobile friendly would be helpful when I am out of office."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"We'd like to see some more artificial intelligence capabilities."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"Better integration with third-party APMs would be really good."
"Sometimes the software doesn't work the way we expect it to, and in those cases, we can't communicate with a device because it may be infected."
"Microsoft Defender for Endpoint can use more advertising to promote their features."
"If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us."
"We'd like the stability to be better."
"We encountered some misbehavior between Microsoft Office Suite and Defender. We had issues of old macros being blocked and some stuff going around the usage of Win32 APIs. There is some improvement between the Office products and Defender, and there is a bunch of stuff that you can configure in your antivirus solutions, but you have several baselines, such as security baselines for Edge, security baselines for Defender, and security baselines for MDM. You have configuration profiles as well. So, there a lot of parts where we can configure our antivirus solution, and we're getting conflicting configurations. This is the major part with which we're struggling in this solution. We are having calls and calls with Microsoft for getting rid of all configuration conflicts that we have. That's really the part that needs to be improved."
"It can be more secure."
"The system can always be simplified and have a better integration check. More detailed reports would be good. When it does the integrated check, it just shows if the system is okay but I want to know what happened."
"I would just like them to have more consistency, and that's a comment that's across the board with Microsoft. They change things a lot."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews. Elastic Security is rated 7.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and CrowdStrike Falcon, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and ESET Endpoint Protection Platform. See our Elastic Security vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
