Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Symantec Endpoint Detection and Response comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Endpoint Detection and Response (EDR)
16th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
64
Ranking in other categories
Log Management (7th), Security Information and Event Management (SIEM) (5th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
Symantec Endpoint Detection...
Ranking in Endpoint Detection and Response (EDR)
30th
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
30
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Elastic Security is 2.4%, up from 2.2% compared to the previous year. The mindshare of Symantec Endpoint Detection and Response is 0.5%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

SyedAli17 - PeerSpot reviewer
Centralized monitoring improves security posture through rapid data processing
The processing part of Elastic Security ( /products/elastic-security-reviews ) is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.
YusufAhmed - PeerSpot reviewer
Easy to use and competitively priced
Honestly, the product needs to continue the way it is, and I feel that everything will be fine. I haven't had any reasons to complain about the product. The product doesn’t offer MDM functionality under its current licensing model. In the future, I want the product to offer MDM. It can allow me to manage my mobile device more efficiently and effectively. Currently, there is a need for a separate license to be added to Symantec Endpoint Detection and Response to be able to use the MDM part. If both are bundled up under the same license, the administration part can be made easier.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the machine learning capability."
"The feature that we have found the most valuable is scalability."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"The solution has great blocking features."
"The solution does its job with no issues."
"The pricing is pretty reasonable."
"A great feature of this solution is that it is very well-integrated with antivirus software. Other ADR solutions are implemented as single technologies and are not integrated with the provider, but Symantec offers AV plus ADR."
"The most valuable features of this product include network isolation for machines and the ability to work with a consistent and defined set of virtual machines."
"The interface is quite easy to use."
"I like Symantec EDR's device control and USB security features."
"The solution is stable."
 

Cons

"The solution's query building is not that intuitive compared to other solutions."
"Email notification should be done the same way as Logentries does it."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"Better integration with third-party APMs would be really good."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"The solution could offer better reporting features."
"Their visuals and graphs need to be better."
"In the future, it would be nice to have playbooks in the tool, to allow for some of the common activities to be automated. For example, some of the scannings of the malware can be too manual for a specific device. Additionally, a vulnerability manager would be beneficial."
"The interface has many issues."
"I would like to see better scanning capabilities."
"A significant deterioration in customer support."
"Symantec Endpoint Detection and Response could improve the reporting. It is very difficult to create reports from the user interface."
"One potential area for improvement in Symantec EDR is the reporting engine."
"The network forensics feature could be improved."
"While they are quite dynamic, they need to ensure they are detecting threats faster in the future to keep people safer."
 

Pricing and Cost Advice

"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."
"Elastic Security is free to use."
"I can say that the product is cheaply priced."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"The product is cheap."
"It is an expensive solution."
"The price is okay, but it really depends on the customer's requirements."
"Symantec Endpoint Detection and Response is expensive."
"It's a yearly subscription."
"Compared to the tools of competitors, Symantec Endpoint Detection and Response is a cheaply priced product."
"The price is reasonable."
"We have a yearly subscription, and the pricing is fair."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Government
10%
Financial Services Firm
9%
Comms Service Provider
7%
Computer Software Company
16%
Financial Services Firm
14%
Manufacturing Company
8%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Since Elastic Security is community-based, it does not require significant costs. This is beneficial for SMEs as they do not need extensive budgets for security solutions.
What is your experience regarding pricing and costs for Symantec Endpoint Detection and Response?
I am not aware of the pricing details, as that falls under the management's responsibility.
What needs improvement with Symantec Endpoint Detection and Response?
There are several areas where Symantec Endpoint Detection and Response can improve, including shell features, web control, asset management, and device control. Specifically, the application contro...
 

Also Known As

Elastic SIEM, ELK Logstash
No data available
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Information Not Available
Find out what your peers are saying about Elastic Security vs. Symantec Endpoint Detection and Response and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.