Elastic Security Reviews

Name: Elastic Security
Brand: Elastic
Rating: 3.8 (62 reviews)

3.8 out of 5

62 reviews
85% willing to recommend

803 followers

What is Elastic Security?

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Get the Elastic Security Buyer's Guide and find out what your peers are saying about Elastic Security, Wazuh, Splunk Enterprise Security and more!

Elastic Security is the #5 ranked solution in Log Management Software, #5 ranked solution in top Security Information and Event Management (SIEM) solutions, #6 ranked solution in SOAR tools, #8 ranked solution in XDR Security products, and #16 ranked solution in EDR tools. PeerSpot users give Elastic Security an average rating of 7.6 out of 10. Based on the analysis of the 62 most recent Elastic Security reviews, the overall sentiment is positive, with a sentiment score of 8.2. (The highest in the category). Elastic Security is most commonly compared to Wazuh: Elastic Security vs Wazuh. Elastic Security is popular among the large enterprise segment, accounting for 53% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.

Helped 816,816 peers since 2012

Featured reviews

Gajewski Marek

Chief Technology Officer & Co-founder at CS2

We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.

Read full review

Nikhil-Kumar

Assistant Manager - IT Security at Photon inc

The initial setup can be complex if you don't have technical knowledge. However, once it is deployed, it works well. I'm not sure how long it took to deploy. I wasn't there when it was set up and configured. We have an internal team that handles deployment and maintenance. It doesn't require too many people to deploy. Five or six people would be enough. However, for 24/7 monitoring, you need to have someone always on it.

Read full review

Matthew DeGrandis

System Administrator at a financial services firm with 11-50 employees

Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them.

Read full review

Elastic Security mindshare

Product category:

As of November 2024, the mindshare of Elastic Security in the Log Management category stands at 5.0%, down from 8.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Log Management

Key learnings from peers

Last updated Nov 26, 2024

Valuable Features

Elastic Security offers valuable features like advanced search capabilities, scalability, and rapid data indexing. Users appreciate its customizable dashboards, machine learning capabilities, and seamless integration with cloud environments. The system is highly adaptable, supports extensive filter options, and utilizes efficient search engines for quick access to data. It is open-source and offers robust threat detection, anomaly detection, and proactive alerts, supported by comprehensive documentation and a strong community.

"Elastic Security is cost-effective compared to Defender and CrowdStrike."
"The solution's most valuable features are anomaly detection and connectivity reporting."
"The tool's functionality is good for overall security and incident response times."

Room for Improvement

Elastic Security needs improvements in authentication, integration, and automation. Users find it challenging to configure and deploy, with complex setups requiring technical skills. They desire better documentation, improved dashboard aesthetics, and more user-friendly interfaces. The lack of AI, real-time monitoring, and automated anomaly detection is a concern. High costs, scalability issues, and limited prebuilt tools are notable drawbacks. Users express frustration over ineffective threat detection and insufficient training resources.

"Elastic sometimes does not correctly identify threats or anomalies. It might not classify an issue as malicious or critical accurately."
"The solution's basic setup takes time, and a lot of effort is required from the beginning to make it actually work."
"I want to find an automatic security system in the tool, like a SOAR solution. I am looking forward to seeing a SOAR system in the tool."

ROI

Many users experienced a good return on investment from Elastic Security within one and a half to two years. Some confirmed seeing a positive return while others noticed cost savings compared to firewall alternatives. Although some users have not seen any return yet or criticized the premium support, many still found that Elastic Security effectively identifies issues quickly.

Pricing

Elastic Security offers a predominantly free, open-source model that appeals to many organizations seeking cost-effective solutions. While some features require subscription-based licenses, these costs are generally competitive compared to other security platforms like Splunk or QRadar. Costs can vary based on daily ingestion rates and environment size, with yearly and monthly plans available. Users find the pricing flexible and affordable for small to medium enterprises, but some express dissatisfaction with certain licensing constraints and additional costs for support or advanced features.

"Compared to other tools, Elastic Security is a cheaper solution."
"I can say that the product is cheaply priced."
"The solution is not expensive and costs around ten dollars a month."

Popular Use Cases

Elastic Security is primarily used for log management, SIEM, and security monitoring. Organizations leverage it for IT monitoring, threat detection, endpoint protection, and infrastructure security. It aggregates logs from various sources for analytics and observability. Enterprises in finance, healthcare, and retail deploy Elastic Security for continuous delivery, security analytics, and incident response. Key functionalities include log analysis, alerting, and anomaly detection, providing insights for security teams using Elasticsearch, Kibana, and Logstash or Fluentd components.

Service and Support

Elastic Security's support receives mixed opinions. Many rely on community forums, appreciating their vast resources and quick responses. Users find technical support helpful and knowledgeable, though some encounter delays and communication issues. Paid tiers provide more responsive assistance but can still be inconsistent. Community support is significant for users of the open-source version, and comprehensive documentation aids troubleshooting. Although there's room for improvement, the customer service remains generally favorable with solid community and regional resources.

Deployment

Elastic Security's initial setup often requires technical expertise and can be complex, particularly with enterprise or custom configurations. Many users report needing several days for deployment, especially when multiple components like Elasticsearch, Logstash, and Kibana are involved. Some find the setup straightforward if they have prior experience or a technical background. The setup complexity can vary based on the deployment environment. Adequate documentation and technical support are essential for smoother implementation.

Scalability

Elastic Security shows high scalability, easily accommodating user growth, though infrastructure and skills are crucial factors. It's implemented in various environments, from small businesses to large enterprises, with positive feedback on its capacity to scale. Cloud deployments benefit from auto-scaling, while on-premises depend on existing infrastructure. While some experienced challenges with specific components, others found it adaptable for different industries and sizes, indicating Elastic Security's versatility in handling scalability demands.

Stability

Elastic Security exhibits stability for many, running consistently without issues. Users note reliable performance with minimal bugs or crashes. However, challenges arise with large datasets and configuration. Correct setup influences stability; poor initial deployment causes complications. Regular upgrades introduce transitional adjustments. Despite these, Elastic Security is rated highly for stability, handling complex environments effectively. Proper configuration and resource management enhance its dependable performance, achieving high satisfaction among many, though some experience issues under certain conditions.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Elastic Security Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

10%

Government

10%

University

Manufacturing Company

Comms Service Provider

Educational Organization

Retailer

Healthcare Company

Energy/Utilities Company

Insurance Company

Media Company

Construction Company

Non Profit

Real Estate/Law Firm

Hospitality Company

Wholesaler/Distributor

Recreational Facilities/Services Company

Legal Firm

Outsourcing Company

Aerospace/Defense Firm

Transportation Company

Pharma/Biotech Company

Performing Arts

Security Firm

Leisure / Travel Company

Logistics Company

Recruiting/Hr Firm

Compare Elastic Security with alternative products

Learn more about Elastic Security

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic Security was previously known as Elastic SIEM, ELK Logstash.