Elastic Security Reviews

Name: Elastic Security
Brand: Elastic
Rating: 3.8 (63 reviews)

3.8 out of 5

63 reviews
86% willing to recommend

806 followers

What is Elastic Security?

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Get the Elastic Security Buyer's Guide and find out what your peers are saying about Elastic Security, Wazuh, Splunk Enterprise Security and more!

Elastic Security is the #5 ranked solution in Log Management Software, #5 ranked solution in top Security Information and Event Management (SIEM) solutions, #6 ranked solution in SOAR tools, #8 ranked solution in XDR Security products, and #16 ranked solution in EDR tools. PeerSpot users give Elastic Security an average rating of 7.6 out of 10. Based on the analysis of the 63 most recent Elastic Security reviews, the overall sentiment is positive, with a sentiment score of 6.7. Elastic Security is most commonly compared to Wazuh: Elastic Security vs Wazuh. Elastic Security is popular among the large enterprise segment, accounting for 53% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.

Helped 825,399 peers since 2012

Featured reviews

Gajewski Marek

Chief Technology Officer & Co-founder at CS2

We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.

Read full review

Nikhil-Kumar

Assistant Manager - IT Security at Photon inc

The initial setup can be complex if you don't have technical knowledge. However, once it is deployed, it works well. I'm not sure how long it took to deploy. I wasn't there when it was set up and configured. We have an internal team that handles deployment and maintenance. It doesn't require too many people to deploy. Five or six people would be enough. However, for 24/7 monitoring, you need to have someone always on it.

Read full review

Matthew DeGrandis

System Administrator at a financial services firm with 11-50 employees

Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them.

Read full review

Elastic Security mindshare

Product category:

As of January 2025, the mindshare of Elastic Security in the Log Management category stands at 4.5%, down from 7.5% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Log Management

PeerAnalyst reports

Type	Title	Date
Category	Log Management	Jan 2, 2025	Download
Product	Reviews, tips, and advice from real users	Jan 2, 2025	Download
Comparison	Elastic Security vs Splunk Enterprise Security	Jan 2, 2025	Download
Comparison	Elastic Security vs Wazuh	Jan 2, 2025	Download
Comparison	Elastic Security vs Datadog	Jan 2, 2025	Download

Title	Rating	Mindshare	Recommending
Wazuh	3.7	16.8%	79%	45 interviews Add to research
Splunk Enterprise Security	4.2	8.7%	93%	303 interviews Add to research

Valuable Features

Elastic Security excels with Elasticsearch indexing, Kibana visualization, and intelligent data correlation. It offers robust threat hunting, infrastructure monitoring, fast log analysis, and machine learning capabilities. Open-source nature enhances flexibility, scalability, and customizability, enabling integration with cloud environments and other tools. Its rapid query and alert functions boost efficiency, and the platform provides comprehensive security insights and automation. The community and documentation are highly supportive, ensuring easier deployment and management.

"Elastic Security offers advanced features such as machine learning and integration with ChatGPT."
"Elastic Security offers advanced features such as machine learning and integration with ChatGPT."
"Elastic Security is cost-effective compared to Defender and CrowdStrike."

Room for Improvement

Elastic Security needs improvements in several areas, including documentation clarity, user interface simplification, and better dashboard aesthetics. Users find deployment and integration complex, with a high learning curve. Authentication features are essential, and automation for log handling is desired. There is a need for enhanced machine learning and AI capabilities. Pricing and support issues are noted, and existing features require more real-time functionality. The marketing of Elastic Security should increase brand visibility.

"Elastic Security consumes a lot of resources, requiring a substantial deployment setup."
"The initial configuration and setup are complicated and not straightforward."
"Elastic sometimes does not correctly identify threats or anomalies. It might not classify an issue as malicious or critical accurately."

ROI

Organizations generally experience a good ROI within 18 to 24 months following Elastic Security deployment. Some report a clear return as it efficiently detects bugs, noting that choosing Elastic Security is more cost-effective than vendor-provided firewall alternatives. However, others have not observed any return, and some highlight dissatisfaction with premium support.

Pricing

Elastic Security offers a flexible pricing model mainly due to its open-source nature. Many organizations find it cost-effective as the base product is free, requiring payment only for additional features or enterprise-level support. Licensing costs, often based on factors like daily log volume or RAM usage, can vary. Annual and monthly plans are available. Despite some users considering the costs high, others see it competitively priced compared to alternatives like Splunk and Defender, especially for SMEs.

"Compared to other tools, Elastic Security is a cheaper solution."
"I can say that the product is cheaply priced."
"The solution is not expensive and costs around ten dollars a month."

Popular Use Cases

Elastic Security is used for log aggregation, security monitoring, threat hunting, and incident response. Users employ it for firewall log collection, application log analysis, endpoint protection, IT monitoring, predictive maintenance, and anomaly detection. It provides security analytics, alerts for suspicious activities, and observability. Users benefit from its integration with Elasticsearch, Kibana, and SIEM functionalities, making it suitable for diverse sectors like finance, healthcare, and e-commerce.

Service and Support

Elastic Security's customer support is mixed. Many rely on strong community and documentation resources, finding them sufficient. Those using technical support report varying experiences. Some find it responsive and knowledgeable, while others face delays and communication issues. Premium tiers offer more detailed service but may still have challenges. Overall, the community serves as a reliable source for troubleshooting, while technical support can be helpful but may lack immediacy and personalized attention.

Deployment

Many describe Elastic Security's initial setup as complex, particularly when dealing with distributed components and specific configurations. Factors such as the need for technical expertise, infrastructure design decisions, and integration capabilities influence this complexity. While some find the process straightforward, others encounter challenges with deployment, requiring dedicated teams for successful implementation. The setup duration varies, from a few hours to several months, depending on environmental factors and use case requirements.

Scalability

Elastic Security demonstrates strong scalability across various use cases. Users report easy expansion, supporting both small and enterprise-level deployments. Challenges with scalability are infrequent and often relate to specific infrastructure or operational factors. Most agree it adapts well to growth demands, particularly when deployed in cloud environments. While some negativity is noted with certain components, many praise its scalability, highlighting minimal limitations and ease of expanding to accommodate more users or data.

Stability

Elastic Security is largely stable, with most users experiencing reliable performance and no frequent crashes or freezes. It handles large data transactions well, especially when configured properly. Some report minor issues during upgrades or when resources are insufficient. Users rate stability between seven to ten out of ten, highlighting its consistency. Challenges arise with big data and inadequate initial setup. Proper deployment is crucial for maintaining stability.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Elastic Security Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

10%

Government

10%

University

Comms Service Provider

Manufacturing Company

Educational Organization

Retailer

Healthcare Company

Energy/Utilities Company

Insurance Company

Media Company

Construction Company

Non Profit

Hospitality Company

Real Estate/Law Firm

Legal Firm

Wholesaler/Distributor

Recreational Facilities/Services Company

Outsourcing Company

Aerospace/Defense Firm

Transportation Company

Pharma/Biotech Company

Performing Arts

Security Firm

Recruiting/Hr Firm

Logistics Company

Compare Elastic Security with alternative products

Learn more about Elastic Security

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic Security was previously known as Elastic SIEM, ELK Logstash.