Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Trellix Helix comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024
 

Categories and Ranking

Elastic Security
Ranking in Security Information and Event Management (SIEM)
5th
Average Rating
7.6
Number of Reviews
61
Ranking in other categories
Log Management (5th), Endpoint Detection and Response (EDR) (16th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
Trellix Helix
Ranking in Security Information and Event Management (SIEM)
32nd
Average Rating
8.8
Number of Reviews
10
Ranking in other categories
Security Incident Response (7th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 7.3%, down from 9.1% compared to the previous year. The mindshare of Trellix Helix is 0.5%, down from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Gajewski Marek - PeerSpot reviewer
Aug 13, 2024
Provides good anomaly detection and connectivity reporting
I use Elastic Security to aggregate all logs from different devices in one place. It works pretty well and provides one overview of everything The solution's most valuable features are anomaly detection and connectivity reporting. Elastic Security also has many automation capabilities, which can…
Abanoub Alfy - PeerSpot reviewer
May 15, 2023
Helps prevent email attacks, like phishing and email spoofing attacks
We use Trellix Helix for protection against network attacks, TLS, and SSL attacks. We also use the solution for user behaviour accesses Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks. Trellix Helix's configuration and learning could be improved to identify…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the machine learning capability."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"The most valuable feature is the speed, as it responds in a very short time."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"Elastic Security is very easy to adapt."
"FireEye Helix's best features are its speed and use of an easy-to-understand language to send queries to the raw logs."
"As far as its core functionality goes, it’s spot-on."
"We have started working with various customers, one of whom is particularly concerned about adjacency. We have identified several use cases where automation is possible."
"Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks."
"I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good."
"We are able to block some advanced malware and other things."
"The most valuable features include predefined use cases and threatening states."
"The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform."
 

Cons

"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"It's a little bit of a learning curve to understand the logic of searching for things and trying to find what you're looking for in Elastic Security."
"FireEye Helix would be improved with the option of an on-prem version, which they don't currently offer."
"The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution."
"We have certain challenges with integrating the SOAR platform with multiple vendors."
"We often rely on Martins to create logs and provide professional threat services rather than basic support."
"Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing."
"Integrations could be improved, and the dashboard could be a little better."
"Trellix needs to address the price for the product to be more appealing to customers."
"It should have more cloud connectors. It could also be cheaper."
 

Pricing and Cost Advice

"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."
"Compared to other products such as Dynatrace, this is one of the cheaper options."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"The solution is free."
"The solution is not expensive and costs around ten dollars a month."
"Elastic Security is free to use."
"FireEye Helix is a little expensive."
"It could be cheaper, but that applies to every product."
"The price could be better. But I think it's rightly placed when we buy everything in one shot, and we get some discount for that. That's how we basically plan our deployment, and it's holistic. We pay for the license yearly."
"I rate Trellix Helix a five out of ten for pricing."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
10%
University
7%
Computer Software Company
16%
Comms Service Provider
13%
Manufacturing Company
11%
Financial Services Firm
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Compared to other tools, Elastic Security is a cheaper solution.
What do you like most about FireEye Helix?
Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks.
What needs improvement with FireEye Helix?
There is room for improvement in the integration capabilities of third-party tools. It has no problem connecting all solutions to Helix. Right now, we only connect one of Trellix's appliances to th...
 

Also Known As

Elastic SIEM, ELK Logstash
FireEye Helix, FireEye Threat Analytics
 

Learn More

Video not available
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Police Bank, Verisk Analytics, Teck Resources
Find out what your peers are saying about Elastic Security vs. Trellix Helix and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.