Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Symantec Endpoint Detection and Response comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024
 

Categories and Ranking

Elastic Security
Ranking in Endpoint Detection and Response (EDR)
16th
Average Rating
7.6
Number of Reviews
61
Ranking in other categories
Log Management (5th), Security Information and Event Management (SIEM) (5th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
Symantec Endpoint Detection...
Ranking in Endpoint Detection and Response (EDR)
25th
Average Rating
7.6
Number of Reviews
30
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Endpoint Detection and Response (EDR) category, the mindshare of Elastic Security is 2.8%, up from 2.4% compared to the previous year. The mindshare of Symantec Endpoint Detection and Response is 0.5%, down from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Gajewski Marek - PeerSpot reviewer
Aug 13, 2024
Provides good anomaly detection and connectivity reporting
I use Elastic Security to aggregate all logs from different devices in one place. It works pretty well and provides one overview of everything The solution's most valuable features are anomaly detection and connectivity reporting. Elastic Security also has many automation capabilities, which can…
YusufAhmed - PeerSpot reviewer
Mar 12, 2024
Easy to use and competitively priced
Honestly, the product needs to continue the way it is, and I feel that everything will be fine. I haven't had any reasons to complain about the product. The product doesn’t offer MDM functionality under its current licensing model. In the future, I want the product to offer MDM. It can allow me to manage my mobile device more efficiently and effectively. Currently, there is a need for a separate license to be added to Symantec Endpoint Detection and Response to be able to use the MDM part. If both are bundled up under the same license, the administration part can be made easier.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's very customizable, which is quite helpful."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"The solution's most valuable features are anomaly detection and connectivity reporting."
"It's very stable and reliable."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"It is scalable."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"The most valuable features are that it is easy to connect and global settings are good."
"There are times when Symantec Endpoint Detection and Response tags an executable as malicious when it is trying to get executed on the machine. In this case, it prevents the execution and it gives you a process view of things where you can look into what has happened and whether it is a genuine process trying to access some system activities, or it's a malicious one. Depending upon the process, it gives you a clear identification, and we can do the containment from the interface itself and isolate the machine from the network. The process review on network isolation is good."
"The setup is quite easy."
"The solution has great blocking features."
"The most valuable features of Symantec Endpoint Detection and Response are its immediate response and investigation."
"The most valuable feature is that the same agent can act as the endpoint detection and response agent."
"The solution does all that we expect it to do."
"The solution does its job with no issues."
 

Cons

"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"The solution should generate an automatic product that integrates with ELK Stack to use artificial intelligence."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"I want to find an automatic security system in the tool, like a SOAR solution. I am looking forward to seeing a SOAR system in the tool."
"The solution's basic setup takes time, and a lot of effort is required from the beginning to make it actually work."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"The interface is very complicated."
"Its UI could be more user-friendly."
"While they are quite dynamic, they need to ensure they are detecting threats faster in the future to keep people safer."
"The GUI could be better."
"The solution can always be more stable and more secure."
"I would like to see better scanning capabilities."
"It would be good if it can anticipate zero-day attacks. I don't know how it can be done and if it is even a feature of this product."
"Symantec Endpoint Detection and Response could improve the reporting. It is very difficult to create reports from the user interface."
 

Pricing and Cost Advice

"Compared to other products such as Dynatrace, this is one of the cheaper options."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"Elastic Security is free to use."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."
"The solution is free."
"Compared to the tools of competitors, Symantec Endpoint Detection and Response is a cheaply priced product."
"Of late, because of the Broadcom purchase, its price has been increasing."
"We are satisfied with the pricing."
"The price is really high and it should be lower."
"The more devices we have the more expensive it becomes, which is where the challenge is."
"It is an expensive solution."
"We pay around $100,000 for 5000 licenses every year."
"The price is reasonable."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
10%
University
7%
Computer Software Company
15%
Financial Services Firm
13%
Retailer
11%
Manufacturing Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Compared to other tools, Elastic Security is a cheaper solution.
What is your experience regarding pricing and costs for Symantec Endpoint Detection and Response?
I am not aware of the pricing details, as that falls under the management's responsibility.
What needs improvement with Symantec Endpoint Detection and Response?
There are several areas where Symantec Endpoint Detection and Response can improve, including shell features, web control, asset management, and device control. Specifically, the application contro...
 

Also Known As

Elastic SIEM, ELK Logstash
No data available
 

Learn More

 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Information Not Available
Find out what your peers are saying about Elastic Security vs. Symantec Endpoint Detection and Response and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.