No more typing reviews! Try our Samantha, our new voice AI agent.

CompassOne by Blackpoint Cyber vs Elastic Security comparison

Blackpoint Cyber and Elastic are both solutions in the Security Information and Event Management (SIEM) category. Blackpoint Cyber is ranked #35 with an average rating of 9.5, while Elastic is ranked #7 with an average rating of 8.6. Additionally, 100% of Blackpoint Cyber users are willing to recommend the solution, compared to 86% of Elastic users who would recommend it.
Sponsored
Cortex XDR by Palo Alto Net...
Read 112 Cortex XDR by Palo Alto Networks reviews
  • 20,599 Views
  • 8,240 Comparison Views
96% willing to recommend
CompassOne by Blackpoint Cyber
Read 5 CompassOne by Blackpoint Cyber reviews
  • 4,610 Views
  • 968 Comparison Views
100% willing to recommend
Elastic Security
Read 66 Elastic Security reviews
  • 17,109 Views
  • 9,581 Comparison Views
86% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 15, 2026

Elastic Security and CompassOne by Blackpoint Cyber are competitors in the cybersecurity sector, offering unique strengths. While Elastic Security is favored for its cost-effectiveness and customer service, CompassOne excels with its robust features, positioning it as a valuable investment.

Features: Elastic Security provides customizable dashboards, advanced threat detection, and strong analytics. CompassOne, on the other hand, offers automated response, continuous monitoring, and proactive defense features, enhancing its overall security capabilities.

Room for Improvement: Elastic Security could improve on integrating more automated responses, enhancing its continuous monitoring, and developing further proactive defense mechanisms. CompassOne may benefit from simplifying its user interface, reducing deployment complexity, and expanding its analytics capabilities.

Ease of Deployment and Customer Service: Elastic Security is known for its easy installation and prompt support, ensuring smooth integration. CompassOne, while having a more complex setup initially, compensates with comprehensive support that alleviates deployment challenges.

Pricing and ROI: Elastic Security offers competitive initial costs with a substantial ROI, thanks to its scalable infrastructure. CompassOne, despite higher pricing, justifies its cost through significant ROI driven by its advanced security features and effective threat mitigation.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed CompassOne by Blackpoint Cyber vs. Elastic Security Report (Updated: June 2026).
Buyer's Guide
CompassOne by Blackpoint Cyber vs. Elastic Security
June 2026
Download the complete report
Helped 900,747 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
112
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
CompassOne by Blackpoint Cyber
Ranking in Endpoint Detection and Response (EDR)
39th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
Security Information and Event Management (SIEM) (35th), Vulnerability Management (45th), Application Control (10th), Managed Detection and Response (MDR) (11th)
Elastic Security
Ranking in Endpoint Detection and Response (EDR)
19th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
66
Ranking in other categories
Log Management (13th), Security Information and Event Management (SIEM) (7th), Security Orchestration Automation and Response (SOAR) (11th), Extended Detection and Response (XDR) (12th)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
ABHISHEK_SINGH
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Read full review
Gary Herbstman - PeerSpot reviewer
Gary Herbstman
Owner at Byte Solutions Inc.
Experienced reduced alert fatigue with streamlined notifications
We use Blackpoint Cyber MDR for our higher-end clients who need a higher level of control over security I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real. This feature ensures that I am notified only…
Read full review
Laurentiu Popescu - PeerSpot reviewer
Laurentiu Popescu
Chief Product Officer at ClusterPower
Has improved threat detection with deep log analysis and streamlined investigation workflows
The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable for us is the correlation feature."
"The most valuable features are incident creation, policy-based protection, IP whitelisting, and device encryption. These are beneficial for endpoint and server security."
"The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine."
"Cortex XDR alerts us on the dashboard when there's a threat, which allows us to restrict that user and helps secure our infrastructure."
"Cortex is the best solution for avoiding security breaches, malware attacks, and other kinds of security issues."
"They did what they said, and this solution could apply to any scenario."
"Cortex XDR features advanced threat detection capabilities."
"The solution doesn't need a high level of technical training."
More Cortex XDR by Palo Alto Networks pros
"Their SOC is phenomenal in not monitoring and responding and taking action."
"On my end, the most valuable feature of this solution is that I can install it and forget about it. After that, their SOC team takes over and they only call me when there's a problem."
"The solution also watches over Microsoft 365 and keeps a copy of logs."
"On a scale from one to ten, I would rate the overall solution as a ten."
"The solution is all encompassing and can incorporate email monitoring."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
"Overall, the solution is good."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"The most valuable feature for me is Discover."
"The performance is good and it is faster than IBM QRadar."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"Documentation is very good, so implementation is fine."
More Elastic Security pros
 

Cons

"Cortex XDR by Palo Alto Networks is a very good product, but financially, it is very expensive, so the company should look into that area."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
"I have run into some detection issues with Cortex XDR. It needs to be better at detection of internal attacks."
"I would like to see them include NDR (Network Detection Response). Then it would work well with SIEM Response."
"There is also no recovery feature; if some endpoint is under attack there must be the possibility of recovering it or restoring it to a normal state."
"In general, the price could be more competitive."
"If they had pulse rate detection, it would be better."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
More Cortex XDR by Palo Alto Networks cons
"The interface could be more intuitive."
"Some texts seem to report items as normal too quickly."
"The solution does not tie into other EDR products like CyberArk or CrowdStrike but that might be more useful."
"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"The feature we keep asking for is a vulnerability scan."
"The interface could be more intuitive. More transparency is needed in the interface as a lot of details are hidden behind the scenes, making them difficult or impossible to access."
"The biggest challenge has been related to the implementation."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"Elastic doesn't have the features like other competitors in SIEM. For example, Dynatrace as a solution for SIEM has features that Elastic actually doesn't have."
"The solution's basic setup takes time, and a lot of effort is required from the beginning to make it actually work."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"This solution is very hard to implement."
"The Integration module could be improved. It is a pain to build integration with any product."
More Elastic Security cons
 

Pricing and Cost Advice

"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"The price of the solution is high for the license and in general."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"I don't have any issues with the pricing. We are satisfied with the price."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"The pricing is okay, although direct support can be expensive."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"The pricing is reasonable."
"The pricing is in line with other products."
"I can say that the product is cheaply priced."
"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
"When compared to other products, the price is average or on the low side."
More Elastic Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
900,747 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Computer Software Company
10%
Financial Services Firm
9%
Healthcare Company
7%
Outsourcing Company
7%
Comms Service Provider
9%
Financial Services Firm
9%
Government
8%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise20
Large Enterprise52
No data available
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise12
Large Enterprise15
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
See all answers
What is your experience regarding pricing and costs for Blackpoint Cyber MDR?
The pricing is great considering what we are receiving.
See all answers
What needs improvement with Blackpoint Cyber MDR?
While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a b...
See all answers
What is your primary use case for Blackpoint Cyber MDR?
The solution serves as a baseline security offering. We have implemented it for every client that we do business with.
See all answers
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several time...
See all answers
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
See all answers
What needs improvement with Elastic Security?
I do not have any specific recommendations for improvements in Elastic Security, but I feel that the AI module should...
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 10% of the time
SentinelOne Singularity Endpoint vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Endpoint vs Cortex XDR by Palo Alto Networks
Compared 5% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 3% of the time
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Compared 3% of the time
More Cortex XDR by Palo Alto Networks Competitors
Huntress Managed EDR vs CompassOne by Blackpoint Cyber Logo
Huntress Managed EDR vs CompassOne by Blackpoint Cyber
Compared 10% of the time
Adlumin Security Operations vs CompassOne by Blackpoint Cyber Logo
Adlumin Security Operations vs CompassOne by Blackpoint Cyber
Compared 8% of the time
ConnectWise SIEM vs CompassOne by Blackpoint Cyber Logo
ConnectWise SIEM vs CompassOne by Blackpoint Cyber
Compared 6% of the time
SentinelOne Wayfinder Threat Detection and Response vs CompassOne by Blackpoint Cyber Logo
SentinelOne Wayfinder Threat Detection and Response vs CompassOne by Blackpoint Cyber
Compared 6% of the time
CrowdStrike Falcon Complete MDR vs CompassOne by Blackpoint Cyber Logo
CrowdStrike Falcon Complete MDR vs CompassOne by Blackpoint Cyber
Compared 5% of the time
More CompassOne by Blackpoint Cyber Competitors
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
Compared 5% of the time
Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Compared 5% of the time
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Compared 5% of the time
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Compared 4% of the time
Microsoft Sentinel vs Elastic Security Logo
Microsoft Sentinel vs Elastic Security
Compared 2% of the time
More Elastic Security Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
June 2026
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Managed Detection and Response (MDR)
June 2026
CompassOne by Blackpoint Cyber reportDownload CompassOne by Blackpoint Cyber product report
Buyer's Guide
Elastic Security
June 2026
Elastic Security reportDownload Elastic Security product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Blackpoint Cyber Managed Detection + Response, Blackpoint Cyber Managed Detection and Response
Elastic SIEM, ELK Logstash
 

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?
  • Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
  • Multi-layered Security: Combines various security measures for comprehensive protection.
  • Endpoint Protection: Safeguards against malware and exploits.
  • Behavioral Analysis: Monitors suspicious activity for early detection.
  • Automatic Threat Response: Automates responses to neutralize threats.
What benefits should users expect?
  • Ease of Use: Simplifies security management with intuitive design.
  • Resource Efficiency: Minimizes impact on system resources.
  • Integration Capabilities: Works well with existing security setups.
  • Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

CompassOne by Blackpoint Cyber delivers comprehensive MDR capabilities, offering SLA-driven alert notifications, in-depth network discovery, and Microsoft 365 log preservation. Its SOC team efficiently manages monitoring tasks, ensuring genuine threats are prioritized and distractions minimized.

CompassOne enhances cybersecurity by offering email monitoring, app control, and effective threat identification, preventing incidents like a compromised device affecting corporate networks. While prompt in threat reporting, a need exists for detailed analysis and vulnerability scanning. Users seek integration with platforms such as CyberArk and CrowdStrike and support for Linux systems. The platform strengthens security through alert monitoring, virus prevention, account takeover prevention, and establishing a security baseline for both organizational and lab environments, with up to half of an organization's staff utilizing it and expansion plans in progress.

What are the key features of CompassOne?

  • SLA Notifications: Provides timely alerts to ensure swift threat response.
  • Network Discovery: Offers detailed insight into local networks.
  • Microsoft 365 Log Preservation: Maintains extensive records for compliance.
  • Email Monitoring and App Control: Detects and blocks suspicious activities efficiently.
  • Threat Prioritization: Minimizes distractions by focusing on genuine threats.

What benefits should users expect from CompassOne?

  • Efficient Monitoring: Relieves teams by offloading monitoring tasks to expert SOC teams.
  • Threat Mitigation: Protects against device compromise and secures networks.
  • Comprehensive Security: Extends capabilities through email and application vigilance.
  • Strategic Deployment: Adaptable for both enterprise and lab environments.

In sectors where security monitoring is crucial, CompassOne is implemented to observe computers, servers, and Office 365 environments, mitigating risks thoughtfully and efficiently. Companies engage its robust MDR functionalities to fend off viruses and account breaches while leveraging its security implementation services for a foundational security setup.

Blackpoint Cyber

Elastic Security stands out for its speed, scalability, and intuitive interface. It integrates seamlessly with Elasticsearch and Kibana, providing efficient data indexing, centralized log management, and intelligent threat identification, all while being open-source.

Elastic Security offers robust capabilities in security monitoring, threat identification, and SIEM functionalities. Its open-source nature enhances scalability, facilitating log aggregation and infrastructure monitoring. Users appreciate the intuitive dashboards and machine learning integration, which aid in proactive security measures and anomaly detection. Despite its strengths, improvements are needed in documentation, scalability, and configuration complexity. High data volume pricing and limited machine learning support are concerns, while dashboard enhancement and seamless integration with existing systems are desirable. The platform is widely used for alerting suspicious activities, analyzing logs from firewalls and Active Directory, and providing endpoint protection. It serves as a key tool for security awareness and auditing, integrating effectively with technologies like Kibana and OpenShift.

What are the most notable features of Elastic Security?
  • Speed and Scalability: Quickly processes large volumes of data with ease.
  • Intuitive Interface: Provides a user-friendly experience for efficient navigation and management.
  • Centralized Log Management: Consolidates logs for easier monitoring and analysis.
  • Threat Identification: Intelligent features help detect and alert potential threats.
  • Machine Learning Integration: Applies advanced analytics to identify anomalies.
What benefits or ROI should be considered in reviews?
  • Affordability: Offers cost-effective security solutions.
  • Flexibility: Adapts to diverse IT environments and security needs.
  • Forensic Capabilities: Enables detailed security analysis and incident response.
  • Community Support: Leverages a broad community for shared insights and assistance.

Organizations deploy Elastic Security across industries for log aggregation and security monitoring, detecting unauthorized access, and analyzing system logs. It is essential for infrastructure monitoring and integrates effectively with systems such as Fluentd and OpenShift, supporting comprehensive security views across enterprise environments.

Elastic
 

Sample Customers

CBI Health Group, University Honda, VakifBank
CoreRecon, Peerless Tech Solutions, Lorien Health
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Buyer's Guide
CompassOne by Blackpoint Cyber vs. Elastic Security
June 2026
Free Report: CompassOne by Blackpoint Cyber vs. Elastic Security
Find out what your peers are saying about CompassOne by Blackpoint Cyber vs. Elastic Security and other solutions. Updated: June 2026.
DOWNLOAD NOW
900,747 professionals have used our research since 2012.
See our CompassOne by Blackpoint Cyber vs. Elastic Security report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.