We performed a comparison between Elastic Security and Trellix Endpoint Detection and Response (EDR) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution was relatively easy to deploy."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The product's initial setup phase is very easy."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It's very stable and reliable."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"Elastic is straightforward, easy to integrate, and highly customizable."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"The most valuable feature is the ability to collect authentication information from service providers."
"ELK documentation is very good, so never needed to contact technical support."
"The performance is good and it is faster than IBM QRadar."
"Trellix has a user-friendly interface."
"Blocking browser navigation is a feature of the solution with which we have experienced success."
"The product provides a one-click recovery of encrypted files."
"When Trellix detects some threats, the device is isolated in a quarantine zone for examination."
"The product's initial setup phase was very straightforward since you just need to install it, and it works."
"What we're using the most and what we found valuable in McAfee MVISION Endpoint Detection and Response are Web Control, Advanced Threat Protection, and Threat Prevention features."
"It is a scalable solution and very easy to use."
"The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices."
"We find the solution to be a bit expensive."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"FortiEDR can be improved by providing more detailed reporting."
"The solution is not user-friendly."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"The tool should improve its scalability."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"The alert feature of McAfee MVISION Endpoint Detection and Response needs improvement because for you to get the alerts, you have to log on to the portal. What my company needs is a tool that sends you alerts. For example, if it detects a threat on your machine, it should send you an alert. My company gets the alerts instead from the antivirus software rather than the EDR. If you want to see the alerts on McAfee MVISION Endpoint Detection and Response, you have to connect to the system manually. Another area for improvement in the tool is the reporting. My company needs weekly and monthly reports about the alerts, but you can't extract reports from McAfee MVISION Endpoint Detection and Response, so a decision was made to move to another EDR solution, particularly Microsoft Defender for Endpoint, next month. My company tested Microsoft Defender for Endpoint via a POC for one to three months. The resource usage of McAfee MVISION Endpoint Detection and Response is also an area for improvement because it consumes a lot of memory. For example, during the on-demand scan, you can't work because of the high CPU usage. You need to schedule the scans. McAfee MVISION Endpoint Detection and Response has a lot of modules, but my company doesn't use all modules."
"Trellix does not support Linux and Mac."
"The graphical view for nodes must be increased."
"An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool."
"Some modules that are doing machine learning and artificial intelligence are blocking our processes."
"For Spanish users, it is necessary to have a knowledge base specifically designed for them, which is currently not available."
"The CPU utilization of the product is quite high compared to its competitors."
"The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms."
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Trellix Endpoint Detection and Response (EDR) is ranked 22nd in Endpoint Detection and Response (EDR) with 17 reviews. Elastic Security is rated 7.6, while Trellix Endpoint Detection and Response (EDR) is rated 7.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, CrowdStrike Falcon and Sangfor Endpoint Secure. See our Elastic Security vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.