ConnectWise SIEM vs Elastic Security comparison

ConnectWise and Elastic are both solutions in the Security Information and Event Management (SIEM) category. ConnectWise is ranked #51 with an average rating of 6.0, while Elastic is ranked #5 with an average rating of 8.5. Additionally, 66% of ConnectWise users are willing to recommend the solution, compared to 86% of Elastic users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Elastic Security and ConnectWise SIEM offer robust security solutions. Elastic Security seems to have the upper hand in search functionality, while ConnectWise SIEM leads in threat detection features based on user reviews.

Features: Elastic Security offers advanced search capabilities, integration with Elastic Stack, and flexible data analytics. ConnectWise SIEM provides comprehensive threat analysis, high customizability, and a detailed incident response system.

Room for Improvement: Elastic Security could enhance its visualization tools, user guidance, and overall user interface. ConnectWise SIEM could improve its performance speed, offer a more intuitive configuration process, and optimize resource usage.

Ease of Deployment and Customer Service: Elastic Security has a straightforward setup process, but users seek more personalized support. ConnectWise SIEM is more complex to deploy but receives positive feedback for its responsive customer service.

Pricing and ROI: Elastic Security is known for its flexible pricing model and reasonable setup cost, providing satisfactory ROI. ConnectWise SIEM has higher costs, justified by its robust feature set, and reports a high ROI in long-term use.

To learn more, read our detailed ConnectWise SIEM vs. Elastic Security Report (Updated: March 2026).

Buyer's Guide

ConnectWise SIEM vs. Elastic Security

March 2026

Download the complete report

Helped 884,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Featured Reviews

ABHISHEK_SINGH

Senior Process Expert at A.P. Moller - Maersk

Gained full visibility and streamlined threat detection through behavior-based insights and AI integration

Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.

Read full review

reviewer2711757

Cyber Security Software Engineer at a tech services company with 11-50 employees

Automated alerting and reporting excel while cost and feature limitations remain

I find automation to be one of the best and most valuable features of the product. Machine learning is incorporated into the solution, though AI is a broader term that I wouldn't apply here. I haven't personally explored AI yet, but I will investigate it. Machine learning functions more as automation in my experience, as there's no training involved yet. I want to conduct R&D on another project with Wazuh to determine how to capture usage, for example, tracking user logins and time spent. This is where I need to implement machine learning. Additionally, the extraction of GeoIP adds complexity. The solution is effectively reducing incident response times in operations.

Read full review

Laurentiu Popescu

Chief Product Officer at ClusterPower

Has improved threat detection with deep log analysis and streamlined investigation workflows

The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The normal protection was really effective, and we detected situations that if we didn't have Cortex XDR by Palo Alto Networks, it's highly likely that we would have been affected, but it protected the infrastructure."

"Cortex is the best tool for endpoint detection, with playbooks that automate and gather endpoint logs, block malicious processes, and update incident tickets, showcasing end-to-end processes with automation in investigation and reducing the analysis workflow."

"The most valuable for us is the correlation feature."

"It integrates well into the environment."

"Cortex XDR is stable, offering high quality and reliable performance."

"Cortex XDR's most valuable feature is its intelligence-based dashboards."

"It's a nice product that's stable and scalable."

"Palo Alto is constantly adding new features."

More Cortex XDR by Palo Alto Networks pros

"One valuable feature of ConnectWise Fortify is the ability to add other teams and receive notifications when customers make changes or remove multi-factor authentication in Microsoft or SAP environments."

"The integration capabilities of ConnectWise SIEM are off the shelf, making it easy to buy and use; you just unpack it and use it."

"We have found the solution has great functionality and it is easy to use."

"The cost is reasonable. It's not overly pricey."

"ELK documentation is very good, so never needed to contact technical support."

"Elastic Security is applied within my cyber defense strategy by utilizing many modules such as EDR, GenAI, SOAR module and combines with the SIEM module."

"The solution is compatible with the cloud-native environment and they can adapt to it faster."

"The most valuable feature is the speed, as it responds in a very short time."

"The solution is quite stable. The performance has been good."

"The stability of the solution is good."

"Elastic Security is cost-effective compared to Defender and CrowdStrike."

More Elastic Security pros

Cons

"For Cortex XDR by Palo Alto Networks, if I had to point out improvements, I would say the UI is still somewhat difficult for beginners."

"The solution should force customers to integrate with network traffic to see the full benefits of XDR."

"The encryption is not up to the mark."

"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."

"Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats."

"Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."

"The tool needs to be improved in terms of integration and interface."

"There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."

More Cortex XDR by Palo Alto Networks cons

"ConnectWise Fortify could work on covering more areas, like phishing messages, which have become more complicated to detect."

"The manage portion of the solution is complicated and should be simplified by having different versions to meet the needs of different size companies."

"ConnectWise SIEM is primarily focused on notifications and is limited in that aspect, while Wazuh can automate the elimination process."

"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."

"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."

"Elastic sometimes does not correctly identify threats or anomalies. It might not classify an issue as malicious or critical accurately."

"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."

"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."

"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."

"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."

"There isn't really a very good user experience. You need a lot of training."

More Elastic Security cons

Pricing and Cost Advice

"Compared to CrowdStrike, Cortex XDR is an expensive solution."

"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."

"I don't recall what the cost was, but it wasn't really that expensive."

"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."

"This is an expensive solution."

"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."

"I don't have any issues with the pricing. We are satisfied with the price."

"Cortex XDR's pricing is ok."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"The solution is expensive."

"When compared to other products, the price is average or on the low side."

"Elastic Security is free to use."

"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."

"Elastic Stack is an open-source tool. You don't have to pay anything for the components."

"There is no charge for using the open-source version."

"I can say that the product is cheaply priced."

"Compared to other products such as Dynatrace, this is one of the cheaper options."

"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."

More Elastic Security pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

884,873 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

Manufacturing Company

Financial Services Firm

Comms Service Provider

Computer Software Company

22%

Comms Service Provider

University

Financial Services Firm

Computer Software Company

10%

Government

Comms Service Provider

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	44
Midsize Enterprise	20
Large Enterprise	47

No data available

By reviewers
Company Size	Count
Small Business	40
Midsize Enterprise	11
Large Enterprise	15

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...

See all answers

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...

See all answers

What needs improvement with ConnectWise Fortify?

I haven't utilized the advanced threat intelligence capabilities with ConnectWise SIEM. Advanced threat intelligence ...

See all answers

What is your primary use case for ConnectWise Fortify?

I do not have experience with ConnectWise SIEM for RMM, as I mostly work on Wazuh, and I have a team that handles Con...

See all answers

What advice do you have for others considering ConnectWise Fortify?

The review can be made anonymous if just my name and not the company name is used. I would assess the real-time visib...

See all answers

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several time...

See all answers

What do you like most about Elastic Security?

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it con...

See all answers

What is your experience regarding pricing and costs for Elastic Security?

I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.

See all answers

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Compared 9% of the time

SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks

Compared 6% of the time

CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Cortex XSIAM vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

More Cortex XDR by Palo Alto Networks Competitors

Check Point Harmony SASE (formerly Perimeter 81) vs ConnectWise SIEM

Compared 5% of the time

Zscaler Zero Trust Exchange Platform vs ConnectWise SIEM

Compared 4% of the time

CrowdStrike Falcon Complete MDR vs ConnectWise SIEM

Compared 4% of the time

CompassOne by Blackpoint Cyber vs ConnectWise SIEM

Compared 3% of the time

Versa Unified Secure Access Service Edge (SASE) Platform vs ConnectWise SIEM

Compared 3% of the time

More ConnectWise SIEM Competitors

Wazuh vs Elastic Security

Compared 8% of the time

Splunk Enterprise Security vs Elastic Security

Compared 5% of the time

IBM Security QRadar vs Elastic Security

Compared 5% of the time

CrowdStrike Falcon vs Elastic Security

Compared 4% of the time

Microsoft Defender for Endpoint vs Elastic Security

Compared 3% of the time

More Elastic Security Competitors

Product Reports

Buyer's Guide

Cortex XDR by Palo Alto Networks

March 2026

Download Cortex XDR by Palo Alto Networks product report

Buyer's Guide

Security Information and Event Management (SIEM)

March 2026

Download ConnectWise SIEM product report

Buyer's Guide

Elastic Security

March 2026

Download Elastic Security product report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

ConnectWise Security Management, ConnectWise Fortify, Continuum Fortify, ConnectWise SIEM, ConnectWise SASE

Elastic SIEM, ELK Logstash

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?

Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
Multi-layered Security: Combines various security measures for comprehensive protection.
Endpoint Protection: Safeguards against malware and exploits.
Behavioral Analysis: Monitors suspicious activity for early detection.
Automatic Threat Response: Automates responses to neutralize threats.

What benefits should users expect?

Ease of Use: Simplifies security management with intuitive design.
Resource Efficiency: Minimizes impact on system resources.
Integration Capabilities: Works well with existing security setups.
Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

IT solution providers are the first—and often only—line of defense for every kind of business in every part of the world. Whether managing mom-and-pop businesses or high-profile clients, providing preventive security measures is a must-have in today’s cybersecurity landscape. Security information and event management (SIEM) solutions offer an additional layer of security for your clients; however, most SIEM solutions are routinely difficult to manage, expensive to deploy, and require a significant amount of in-house cybersecurity expertise.

ConnectWise SIEM offers a powerful alternative to expand your security perspective to both prevention and detection. The solution includes comprehensive, flexible SIEM software that streamlines safety and security across your network without additional full-time employee costs or complicated implementations.

ConnectWise

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic

Sample Customers

CBI Health Group, University Honda, VakifBank

Techvera, Syrex, Clark Integrated Technologies

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Buyer's Guide

ConnectWise SIEM vs. Elastic Security

March 2026

Free Report: ConnectWise SIEM vs. Elastic Security

Find out what your peers are saying about ConnectWise SIEM vs. Elastic Security and other solutions. Updated: March 2026.

DOWNLOAD NOW

884,873 professionals have used our research since 2012.

See our ConnectWise SIEM vs. Elastic Security report.

See our list of best Security Information and Event Management (SIEM) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.