Elastic Security and Microsoft Defender XDR are robust security solutions with distinct strengths. Elastic Security is renowned for its analytics and open-source model, while Microsoft Defender XDR excels in integration with Microsoft products and advanced threat detection.
Features: Elastic Security stands out in data analysis, flexibility, and integration with various data sources. Microsoft Defender XDR is noted for its seamless integration with Microsoft products, advanced threat detection, and automated response features.
Room for Improvement: Elastic Security users suggest improvements in documentation, a more intuitive learning curve, and better user accessibility. Microsoft Defender XDR users indicate a need for enhanced cross-platform visibility, a more streamlined investigation process, and improved multi-platform integration.
Ease of Deployment and Customer Service: Elastic Security's deployment can be complex and requires significant expertise, but it offers responsive customer support. Microsoft Defender XDR is generally easier to deploy, especially within environments already using Microsoft services, and has robust customer service support.
Pricing and ROI: Elastic Security is seen as cost-effective due to its open-source model but can entail higher operational costs. Microsoft Defender XDR, while potentially more expensive, is valued for providing strong ROI through its advanced features and integration capabilities.
Ever since we turned on the M5 feature set back in June, we have seen a reduced number of potentially malicious clicks and faster alerting when incidents occur.
Providing necessary assistance efficiently.
It's critical to escalate SEV B issues immediately to a domestic engineer.
You get stuck in low-level support for way longer than you should, instead of them escalating the issue up the chain.
The technical support from Microsoft Defender XDR has been disappointingly slow.
Microsoft Defender XDR shows tremendous scalability, much more so than on-premises solutions.
It is suitable for enterprise-level deployment but has room for improvement.
In terms of stability, I would rate Elastic a solid eight out of ten.
The service has remained consistently online, with any issues isolated to specific components, suggesting a well-designed and modular architecture.
The services within our ecosystem have been reliable, meeting their SLAs.
CrowdStrike and Defender have more established threat intelligence integration due to having a larger client base.
Elastic Security consumes a lot of resources, requiring a substantial deployment setup.
The licensing process needs improvement and clarification.
Improvements are needed in automated response capabilities.
It would be better if much of that information were immediately visible, especially when looking at endpoints or users.
The pricing is reasonable, especially for Small Medium Enterprises (SMEs), making it a viable option for businesses building their security infrastructure.
Elastic Security is considered cost-effective, especially at lower EPS levels.
I would rate the pricing as eight out of ten, indicating it is a reasonable cost for the product.
Microsoft purposefully obfuscates this through marketing ploys to hide costs.
Licensing is somewhat confusing, particularly when presenting our pitch decks to stakeholders and leveraging key features in premium SKUs, but we managed with some assistance from Microsoft.
Elastic Security is as flexible and configurable as Microsoft Sentinel.
Elastic Security offers advanced features such as machine learning and integration with ChatGPT.
With Microsoft threat intelligence information, it detects various types of threats, including insider attacks, malicious content, and data exfiltration.
The Email Explorer feature has proven invaluable, offering a broader perspective than automated alerts and incidents alone.
The email protection feature is the most valuable because our risks primarily lie there, and it seems to be the most popular target.
Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.
Additional offerings and benefits:
Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.
Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.
It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.
Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.
Watch the Microsoft demo video here: Microsoft Defender XDR demo video.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
