We performed a comparison between Elastic Security and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The comprehensiveness of Microsoft's threat detection is good."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"The product integrates security into one tool instead of having third-party security tools."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"The visualization is very good."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"It's very stable and reliable."
"The product has huge integration varieties available."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"I like the indexing of the logs."
"ELK documentation is very good, so never needed to contact technical support."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"The search features help us try to correlate information and identify any suspicious activity."
"The integration is also nice because there are many external tools that we can connect to the platform, such as configuration management tools. Because the platform is integrated, I can manage almost the whole company across our global organization."
"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."
"I'm satisfied with the level of coverage. The policies have been very useful and detailed."
"Its detection rate is valuable. It is really an easy product to install and manage. It is quite effective at what it does, and if needed, it can also be co-managed, which means 24 hours and seven days a week monitoring through a SOC."
"Scaling is not a problem at all."
"The telemetric report is the most valuable feature."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The solution does not offer a unified response and standard data."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"Just like in any solution, the price can always be cheaper."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"We'd like to see some more artificial intelligence capabilities."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
"Vision One's search could be improved. While the platform is very user-friendly, the search feature uses terms that aren't as intuitive."
"Reporting could be a little bit better. They are working on it, and it is getting better."
"The centralized dashboard has room for improvement."
"Trend Micro doesn't have the next-generation firewall."
"They should increase their potential for third-party integrations."
"It would be ideal if they could improve the control of connectivity between sensors."
"The support should be improved."
"The price could be lower."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews. Elastic Security is rated 7.6, while Trend Vision One is rated 8.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Trellix Endpoint Security. See our Elastic Security vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.