Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Symantec Endpoint Detection and Response comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Endpoint Detection and Response (EDR)
16th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
64
Ranking in other categories
Log Management (7th), Security Information and Event Management (SIEM) (5th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
Symantec Endpoint Detection...
Ranking in Endpoint Detection and Response (EDR)
30th
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
30
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Elastic Security is 2.4%, up from 2.2% compared to the previous year. The mindshare of Symantec Endpoint Detection and Response is 0.5%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

SyedAli17 - PeerSpot reviewer
Centralized monitoring improves security posture through rapid data processing
The processing part of Elastic Security ( /products/elastic-security-reviews ) is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.
YusufAhmed - PeerSpot reviewer
Easy to use and competitively priced
Honestly, the product needs to continue the way it is, and I feel that everything will be fine. I haven't had any reasons to complain about the product. The product doesn’t offer MDM functionality under its current licensing model. In the future, I want the product to offer MDM. It can allow me to manage my mobile device more efficiently and effectively. Currently, there is a need for a separate license to be added to Symantec Endpoint Detection and Response to be able to use the MDM part. If both are bundled up under the same license, the administration part can be made easier.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of the solution are the prevention methods and the incident alerts."
"It's open-source and free to use."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"The scalability is good. It can be scaled easily in the production environment."
"It's very customizable, which is quite helpful."
"Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"I've mainly found the antivirus and antispyware features valuable. The documentation is okay as well."
"It is mostly used for malware detection and antivirus purposes."
"The security is good."
"A great feature of this solution is that it is very well-integrated with antivirus software. Other ADR solutions are implemented as single technologies and are not integrated with the provider, but Symantec offers AV plus ADR."
"Symantec Endpoint Detection and Response is stable."
"The solution is stable."
"I like Symantec EDR's device control and USB security features."
"The most valuable features of this product include network isolation for machines and the ability to work with a consistent and defined set of virtual machines."
 

Cons

"This solution is very hard to implement."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"Their visuals and graphs need to be better."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"The tool should improve its scalability."
"It would be nice to see more granular timeline analysis."
"The network forensics feature could be improved."
"I think we have experienced some technical issues because the company focuses mainly on bigger clients. Also, sometimes the solution fails to detect zero-day attacks, so that feature needs some enhancement because it is lacking compared to other solutions."
"The interface is very complicated."
"The solution’s scalability and stability could be improved."
"In the future, it would be nice to have playbooks in the tool, to allow for some of the common activities to be automated. For example, some of the scannings of the malware can be too manual for a specific device. Additionally, a vulnerability manager would be beneficial."
"The GUI could be better."
"The product doesn’t offer MDM functionality under its current licensing model."
 

Pricing and Cost Advice

"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"There is no charge for using the open-source version."
"The solution is free."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"When compared to other products, the price is average or on the low side."
"The solution is not expensive and costs around ten dollars a month."
"We use the open-source version, so there is no charge for this solution."
"It's a yearly subscription."
"We pay around $100,000 for 5000 licenses every year."
"We have a yearly subscription, and the pricing is fair."
"We are satisfied with the pricing."
"The price is reasonable."
"It is an expensive solution."
"The price is okay, but it really depends on the customer's requirements."
"Of late, because of the Broadcom purchase, its price has been increasing."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Government
10%
Financial Services Firm
9%
Comms Service Provider
7%
Computer Software Company
16%
Financial Services Firm
14%
Manufacturing Company
8%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Since Elastic Security is community-based, it does not require significant costs. This is beneficial for SMEs as they do not need extensive budgets for security solutions.
What is your experience regarding pricing and costs for Symantec Endpoint Detection and Response?
I am not aware of the pricing details, as that falls under the management's responsibility.
What needs improvement with Symantec Endpoint Detection and Response?
There are several areas where Symantec Endpoint Detection and Response can improve, including shell features, web control, asset management, and device control. Specifically, the application contro...
 

Also Known As

Elastic SIEM, ELK Logstash
No data available
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Information Not Available
Find out what your peers are saying about Elastic Security vs. Symantec Endpoint Detection and Response and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.