Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Trellix Endpoint Security (ENS) comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024
 

Categories and Ranking

Elastic Security
Ranking in Endpoint Detection and Response (EDR)
16th
Average Rating
7.6
Number of Reviews
61
Ranking in other categories
Log Management (5th), Security Information and Event Management (SIEM) (5th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
Trellix Endpoint Security (...
Ranking in Endpoint Detection and Response (EDR)
17th
Average Rating
7.6
Number of Reviews
53
Ranking in other categories
Endpoint Protection Platform (EPP) (22nd)
 

Mindshare comparison

As of November 2024, in the Endpoint Detection and Response (EDR) category, the mindshare of Elastic Security is 2.8%, up from 2.4% compared to the previous year. The mindshare of Trellix Endpoint Security (ENS) is 2.1%, down from 2.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Gajewski Marek - PeerSpot reviewer
Aug 13, 2024
Provides good anomaly detection and connectivity reporting
I use Elastic Security to aggregate all logs from different devices in one place. It works pretty well and provides one overview of everything The solution's most valuable features are anomaly detection and connectivity reporting. Elastic Security also has many automation capabilities, which can…
Venugopal Potumudi - PeerSpot reviewer
Nov 7, 2022
Reliable with good independent modules and a straightforward setup
I'd rate the solution seven out of ten. Having used Trend Micro as well, I would rate Trend Micro higher. However, I would still choose this product as a second option. When we recommend a product, we would recommend something based on the fit of the product and customer requirements. We worked with Defender, we worked with Trend Micro, and we worked with McAfee. All of them almost overlap in multiple use cases. That said, we do see the customer IT strategy and where they're going, and they are adopting Azure more. We know there are certain limitations in their landscape where there may be some old legacy systems, and in that case, then we would either switch back to McAfee or Trend Micro instead of Defender.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The feature that we have found the most valuable is scalability."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"The most valuable feature for me is Discover."
"It's open-source and free to use."
"Trellix Endpoint Security has a full suite of DLP."
"The most valuable features of McAfee MVISION Endpoint are advanced threat protection, web filtering, and removable storage devices in the DLP."
"I found the initial setup to be easy."
"It is easy to use, flexible, and stable. Because it is a cloud-based solution and it integrates all endpoints of the cloud, we can do an IOC-based search. It can search the entire enterprise and tell us the endpoints that are possibly compromised."
"McAfee MVISION Endpoint is stable."
"MVISION offers decent protection."
"The EPO, the ePolicy Orchestrator, is the best endpoint protection central management system."
"The most valuable feature of this solution is its simplicity."
 

Cons

"The training that is offered for Elastic is in need of improvement because there is no depth to it."
"The biggest challenge has been related to the implementation."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"We'd like to see some more artificial intelligence capabilities."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"Technical support could respond faster."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
"McAfee MVISION Endpoint could improve by an overall simplification of the solution."
"Looking at the current ePolicy orchestrator, and the transition of most vendors to the cloud, they need to do an improvement with the current dashboard or the overall aesthetic of their GUI."
"We'd like better UI on the management screen."
"Malware detection can be better. It doesn't have support and detection for the recent malware, but it has a compensatory control where it can do the behavior-based assessment and alert you when there is something malicious or unexpected. For example, when a certain user is executing the privilege command, which is not normal. These dynamic detections are good, and they compensate for malware detection."
"There is room for improvement in the pricing. The price should be improved, it's high."
"It is a very heavy tool, unfortunately."
"The way that signatures work when using this solution could be improved. They could be more user friendly. We would like the ability to select a client's signature from a menu or file share to save time."
"The solution can be expensive."
 

Pricing and Cost Advice

"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."
"The solution is free."
"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"It is a yearly subscription-based product, which includes the license and hardware. There is also a subscription for technical support up to five years."
"We had a discount when purchasing the solution because of the size of our company and we are happy with the price."
"It is based on an annual subscription."
"Microsoft Defender is not cheap and from a cost perspective, Trellix Endpoint Security (ENS) is a better option."
"There's a subscription on a yearly basis. It's not that expensive; it's quite affordable."
"The current pricing is much better than before because they now offer product-related promotions along with some changes in product licensing. The new pricing model is better than before."
"Pricing for McAfee MVISION Endpoint is not very good, and I would rate its cost three out of five, though I won't be able to mention how much its actual price is."
"I don't think there are any extra expenses besides its licensing costs."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
10%
University
7%
Computer Software Company
15%
Government
13%
Manufacturing Company
11%
Financial Services Firm
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Compared to other tools, Elastic Security is a cheaper solution.
How does McAfee Endpoint Security compare with MVISION?
The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deploy various components as desired with McAfee Endpoint Security, whereas many othe...
How does Crowdstrike Falcon compare with FireEye Endpoint Security?
The Crowdstrike Falcon program has a simple to use user interface, making it both an easy to use as well as an effective program. Its graphical design is such that it makes an extremely useful too...
What do you like most about McAfee MVISION Endpoint?
The product's initial setup phase was straightforward.
 

Also Known As

Elastic SIEM, ELK Logstash
McAfee MVISION Endpoint, Trellix Endpoint Security (HX)
 

Learn More

 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Tech Resources Limited, Globe Telecom, Rizal Commercial Banking Corporation
Find out what your peers are saying about Elastic Security vs. Trellix Endpoint Security (ENS) and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.