Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Sentinel comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024
 

Categories and Ranking

Elastic Security
Ranking in Security Information and Event Management (SIEM)
5th
Average Rating
7.6
Number of Reviews
61
Ranking in other categories
Log Management (5th), Endpoint Detection and Response (EDR) (16th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
Sentinel
Ranking in Security Information and Event Management (SIEM)
15th
Average Rating
7.6
Number of Reviews
16
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 7.3%, down from 9.1% compared to the previous year. The mindshare of Sentinel is 2.8%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Gajewski Marek - PeerSpot reviewer
Aug 13, 2024
Provides good anomaly detection and connectivity reporting
I use Elastic Security to aggregate all logs from different devices in one place. It works pretty well and provides one overview of everything The solution's most valuable features are anomaly detection and connectivity reporting. Elastic Security also has many automation capabilities, which can…
JaideepSingh - PeerSpot reviewer
Jul 26, 2023
An automated solution that helped me detect threats in less than half the time it used to take
Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network. We also got multiple kinds of logs. By running some queries from the logs, we could find and fix the anomalies in the environment. Sentinel's threat visibility was great at telling us if we had something going on in our environment. We had to set up alerts in our environment based on the logs. If we had the right alerts set up, we got notified about threats and where security was lacking, so we could also take care of that. Sentinel's threat intelligence helped us prepare and take proactive steps for potential threats before they hit. Having preparation before a threat has helped our security operations. When I was using it, I used to keep going into my dashboards and looking for any threats on a weekly basis, or maybe two or three times a week. Based on that, we would recommend certain changes to the server and infrastructure teams to block or allow some ports. Sentinel's threat intelligence helped plan security against risks.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"ELK documentation is very good, so never needed to contact technical support."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"The most valuable features of Elastic Security are it is open-source and provides a high level of security."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"The product has huge integration varieties available."
"We've found the initial setup to be quite straightforward."
"We can do advanced hunting queries and modify SQL queries to get desired results based on the rules triggering over the console."
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"The tool is simple to use."
"It makes everything easier by automating some tasks and growing with our needs."
"One of the most valuable features is the business intelligence engine. It's very important because it keeps track of everything that's happening and alerts us if something is different than expected. The first time I used it, I was shocked at how well it performed. Another valuable feature that I think makes this product worth the price you pay for it is that it connects to basically every system that provides some form of logging, and it's very easy to set up what triggers this."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
 

Cons

"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"It could use maybe a little more on the Linux side."
"The solution could offer better reporting features."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"I rate Sentinel a six out of ten for scalability."
"There are still a few vendor-specific devices for which Sentinel needs to work on integration, such as Netskope devices."
"It is an ancient product."
"The solution does not allow outsourced authorizations."
"The dashboard and customer view should be improved"
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"There is no integration in the web-side of the tool."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
 

Pricing and Cost Advice

"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"I can say that the product is cheaply priced."
"This is an open-source product, so there are no costs."
"The solution is free."
"We use the open-source version, so there is no charge for this solution."
"There is no charge for using the open-source version."
"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"We inquired about getting support from the vendor, Micro Focus, but the cost was very high."
"Sentinel's slightly on the expensive side."
"We receive a pricing discount because of our ongoing partnership with Micro Focus."
"Sentinel is moderately priced."
"The solution’s pricing is aligned with its competitors."
"Sentinel is a subscription-based solution."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
10%
University
7%
Computer Software Company
17%
Financial Services Firm
10%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Compared to other tools, Elastic Security is a cheaper solution.
What do you like most about NetIQ Sentinel?
The solution lets us get all the logs properly and regularly monitor customer infrastructure.
What needs improvement with NetIQ Sentinel?
There are still a few vendor-specific devices for which Sentinel needs to work on integration, such as Netskope devices. Also, we often face region-wise outages during operation due to product team...
 

Also Known As

Elastic SIEM, ELK Logstash
NetIQ Sentinel, Novell SIEM
 

Learn More

 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Faysal Bank, GaVI, Handelsbanken, ISC Mªnster, Lambeth Council, Swisscard, The Municipality of Siena, Tukes, University of Dayton, University of the Sunshine Coast
Find out what your peers are saying about Elastic Security vs. Sentinel and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.