We performed a comparison between Elastic Security and Exabeam Fusion SIEM based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The pricing of the product is excellent."
"The features that stand out are the detection engine and its integration with multiple data sources."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The main benefit is the ease of integration."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"ELK documentation is very good, so never needed to contact technical support."
"The performance is good and it is faster than IBM QRadar."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"It's not very complicated to install Elastic."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"The solution is quite stable. The performance has been good."
"It's simple and easy to use."
"It's a very user-friendly product and it's a very comprehensive technology."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"The solution's initial setup process is easy."
"The advanced analytics has a really great overview of user behavior."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
"Timeline based analysis; good platform support"
"The troubleshooting has room for improvement."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"The tool should improve its scalability."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
"The biggest challenge has been related to the implementation."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"They should provide detailed information about detecting phishing emails."
"We still have questions surrounding hardware deployment."
"I believe if it were more flexible it would be a better product."
"The organzation is rigid and not flexible in the way they operate"
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
Elastic Security is ranked 5th in Log Management with 59 reviews while Exabeam Fusion SIEM is ranked 32nd in Log Management with 10 reviews. Elastic Security is rated 7.6, while Exabeam Fusion SIEM is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender for Endpoint and CrowdStrike Falcon, whereas Exabeam Fusion SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Splunk User Behavior Analytics, Palo Alto Networks Cortex XSOAR and Securonix Next-Gen SIEM. See our Elastic Security vs. Exabeam Fusion SIEM report.
See our list of best Log Management vendors, best Security Information and Event Management (SIEM) vendors, and best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
