We performed a comparison between Elastic Security and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Stability-wise, I rate the solution a ten out of ten."
"The most valuable feature is the speed, as it responds in a very short time."
"It's simple and easy to use."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"The solution is quite stable. The performance has been good."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"I like the ease of deployment."
"It has performed well and delivered the results that I have been looking for."
"It can be easily deployed with the other solutions."
"The most valuable feature is that if the scanning does find something, it quarantines it. Then you can decide what you are going to do with it."
"The most valuable feature is the capability to correlate different events from different platforms that we feed into it."
"This solution integrates easily and very well with other technologies."
"Trellix ESM is very user-friendly."
"The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"We'd like better premium support."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"This solution is very hard to implement."
"There isn't really a very good user experience. You need a lot of training."
"Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface."
"McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."
"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore."
"The user interface could be more user-friendly."
"We would welcome integrations with some of the new McAfee acquisitions, e.g., behavioural analytics."
"Product currently requires Flash."
"I would like to see fingerprint recognition included in the next release of this solution."
"The solution needs to improve case management. The UI is confusing."
Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 59 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. Elastic Security is rated 7.6, while Trellix ESM is rated 7.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Trellix Helix. See our Elastic Security vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.