Elastic Security vs Microsoft Defender XDR comparison

Elastic and Microsoft are both solutions in the Extended Detection and Response (XDR) category. Elastic is ranked #8 with an average rating of 7.7, while Microsoft is ranked #5 with an average rating of 8.4. Additionally, 85% of Elastic users are willing to recommend the solution, compared to 97% of Microsoft users who would recommend it.

Elastic Security

Read 61 Elastic Security reviews

8,046 Views
6,664 Comparison Views

85% willing to recommend

Microsoft Defender XDR

Read 89 Microsoft Defender XDR reviews

7,029 Views
5,340 Comparison Views

97% willing to recommend

Elastic Security

Microsoft Defender XDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Elastic Security and Microsoft Defender XDR are robust security solutions with distinct strengths. Elastic Security is renowned for its analytics and open-source model, while Microsoft Defender XDR excels in integration with Microsoft products and advanced threat detection.

Features: Elastic Security stands out in data analysis, flexibility, and integration with various data sources. Microsoft Defender XDR is noted for its seamless integration with Microsoft products, advanced threat detection, and automated response features.

Room for Improvement: Elastic Security users suggest improvements in documentation, a more intuitive learning curve, and better user accessibility. Microsoft Defender XDR users indicate a need for enhanced cross-platform visibility, a more streamlined investigation process, and improved multi-platform integration.

Ease of Deployment and Customer Service: Elastic Security's deployment can be complex and requires significant expertise, but it offers responsive customer support. Microsoft Defender XDR is generally easier to deploy, especially within environments already using Microsoft services, and has robust customer service support.

Pricing and ROI: Elastic Security is seen as cost-effective due to its open-source model but can entail higher operational costs. Microsoft Defender XDR, while potentially more expensive, is valued for providing strong ROI through its advanced features and integration capabilities.

To learn more, read our detailed Elastic Security vs. Microsoft Defender XDR Report (Updated: October 2024).

Buyer's Guide

Elastic Security vs. Microsoft Defender XDR

October 2024

Download the complete report

Helped 815,854 peers since 2012

Categories and Ranking

Elastic Security

Ranking in Endpoint Detection and Response (EDR)

16th

Ranking in Extended Detection and Response (XDR)

8th

Average Rating

7.6

Number of Reviews

Ranking in other categories

Log Management (5th), Security Information and Event Management (SIEM) (5th), Security Orchestration Automation and Response (SOAR) (6th)

Microsoft Defender XDR

Ranking in Endpoint Detection and Response (EDR)

5th

Ranking in Extended Detection and Response (XDR)

5th

Average Rating

8.4

Number of Reviews

Ranking in other categories

Microsoft Security Suite (2nd)

Featured Reviews

Gajewski Marek

Chief Technology Officer & Co-founder at CS2

Aug 13, 2024

Provides good anomaly detection and connectivity reporting

I use Elastic Security to aggregate all logs from different devices in one place. It works pretty well and provides one overview of everything The solution's most valuable features are anomaly detection and connectivity reporting. Elastic Security also has many automation capabilities, which can…

Read full review

Desray Liu

Project Manager at Freedom Systems Inc.

Nov 28, 2023

A time-saving and easy-to-integrate product that needs to offer a control center to users

As a part of Microsoft's attempt to reduce costs, there has been a direct cut down of the local technical support team. Sometimes, you have to use the technical support offered by Microsoft from other countries, but at times, we speak different languages, just like how people speak in Chinese or Mandarin, but there are still some differences between them. The front-line support from Microsoft has only limited technical abilities or access to their internal system. Sometimes, my company cannot even escalate an issue to Microsoft's senior team members. The support team of Microsoft is nice as they attempt to solve the problems together with you, but I believe that due to some cost-related issues, they don't have enough permissions. Sometimes, users might feel blocked when trying to connect with the support team. I rate the technical support a seven out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The performance is good and it is faster than IBM QRadar."

"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."

"The visualization is very good."

"The feature that we have found the most valuable is scalability."

"It's open-source and free to use."

"Elastic is straightforward, easy to integrate, and highly customizable."

"It's simple and easy to use."

"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."

More Elastic Security pros

"The product integrates security into one tool instead of having third-party security tools."

"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."

"It has great stability."

"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."

"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."

"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."

"In our company,we have faced multiple attacks over the last few months, but none of them have been successful, and I think Microsoft Defender XDR has played a major role in it."

"The most valuable features are spam filtering, attachment filtering, and antivirus protection."

More Microsoft Defender XDR pros

Cons

"It could use maybe a little more on the Linux side."

"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."

"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."

"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."

"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."

"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."

"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."

"The solution does not have a UI and this is one of the reasons we are looking for another solution."

More Elastic Security cons

"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."

"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."

"From a performance standpoint, improvements could be made."

"We should be able to use the product on devices like Apple, Linux, etc."

"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."

"The mobile app support for Android and iOS is difficult and needs improvement."

"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."

"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."

More Microsoft Defender XDR cons

Pricing and Cost Advice

"Elastic Security is free to use."

"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."

"The solution is free."

"Affordable but with additional costs"

"Compared to other products such as Dynatrace, this is one of the cheaper options."

"Compared to other tools, Elastic Security is a cheaper solution."

"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."

"The solution is not expensive and costs around ten dollars a month."

More Elastic Security pricing and cost advice

"Sometimes 365 Defender is expensive, but it can be moderate, depending on the organization's size and the license type. We're satisfied with the cost because it gives us a product that protects our entire environment with DLP. To compromise some cost, of course, we are to complete the most secure environment."

"While the standalone price of Defender XDR might seem high, its value becomes clear when considering the ease of implementation and smooth integration with our existing Microsoft infrastructure, especially when bundled with other Microsoft products."

"I believe the pricing is fair and acceptable. I consider it to be reasonable and satisfactory."

"The solutions price is fair for what they offer."

"365 Defender is billed per account. I don't know the exact price, but my supervisor told me that Microsoft Defender is cheaper than the alternatives. It's bundled, so you get all the features in one place."

"Microsoft Defender XDR is priced high."

"The functionality is fantastic, but for medium and small-sized companies it's overpriced. It would be better if it were a little bit cheaper."

"All I can say again is the E5 gives you all the capabilities that it offers. It also gives Office 365 and one terabyte of storage. All in all, the E5 license model makes sense. There are some people who say it's quite costly, but rather than paying different vendors, it makes sense to go all in with Microsoft if you've got that licensing. From that perspective, it's cost-effective, but I can't comment much on that."

More Microsoft Defender XDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

815,854 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

10%

Government

10%

University

Computer Software Company

17%

Financial Services Firm

10%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...

See all answers

What do you like most about Elastic Security?

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...

See all answers

What is your experience regarding pricing and costs for Elastic Security?

Compared to other tools, Elastic Security is a cheaper solution.

See all answers

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

The pricing is reasonable. It's cheaper than other options.

See all answers

What needs improvement with Microsoft 365 Defender?

The solution could enhance the threat Intelligence feature by making it more relevant to specific industries. Much of the threat intelligence information isn't directly applicable to our environmen...

See all answers

Comparisons

Wazuh vs Elastic Security

Compared 33% of the time

CrowdStrike Falcon vs Elastic Security

Compared 8% of the time

IBM Security QRadar vs Elastic Security

Compared 7% of the time

Microsoft Sentinel vs Elastic Security

Compared 7% of the time

Splunk Enterprise Security vs Elastic Security

Compared 6% of the time

More Elastic Security Competitors

CrowdStrike Falcon vs Microsoft Defender XDR

Compared 37% of the time

Wazuh vs Microsoft Defender XDR

Compared 8% of the time

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 8% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 5% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 4% of the time

More Microsoft Defender XDR Competitors

Product Reports

Buyer's Guide

Elastic Security

November 2024

Download Elastic Security product report

Buyer's Guide

Microsoft Defender XDR

November 2024

Download Microsoft Defender XDR product report

Also Known As

Elastic SIEM, ELK Logstash

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

Learn More

Elastic

Microsoft

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Buyer's Guide

Elastic Security vs. Microsoft Defender XDR

October 2024

Free Report: Elastic Security vs. Microsoft Defender XDR

Find out what your peers are saying about Elastic Security vs. Microsoft Defender XDR and other solutions. Updated: October 2024.

DOWNLOAD NOW

815,854 professionals have used our research since 2012.

See our Elastic Security vs. Microsoft Defender XDR report.

See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.