Try our new research platform with insights from 80,000+ expert users

Elastic Security pros and cons

Vendor: Elastic

3.8 out of 5

61 reviews
85% willing to recommend

802 followers

Pros & Cons summary

Elastic Security offers robust visualization, stability, and machine learning capabilities for proactive monitoring of system anomalies. It is highly scalable and customizable, with efficient indexing for rapid data retrieval. The platform is known for ease of integration and flexibility but requires extensive knowledge for setup. Automation and real-time monitoring need improvement, along with scalability, maintenance, and inclusion of prebuilt workflows and security rules.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Elastic Security offers strong stability and performance, which are faster than some competitors like IBM QRadar.

It provides valuable machine learning capabilities for anomaly detection and behavior prediction, enhancing proactive security measures.

Elastic Security is scalable, easily handling large-scale deployments and adapting swiftly to cloud-native environments.

The system is known for its extensive flexibility and customization options, allowing it to cater to various security needs and integration scenarios.

Community support and comprehensive documentation are readily available, aiding in troubleshooting and optimizing the implementation.

CONS

Elastic Security has limited predictive maintenance capabilities, necessitating custom module development.

Reporting features in Elastic Security could be enhanced for better clarity and comprehensiveness.

Implementation of Elastic Security can be challenging and requires significant expertise.

System maintenance and scalability present difficulties in Elastic Security, complicating upgrades and expansions.

Elastic Security lacks built-in workflows for all tasks, requiring users to create custom workflows for specific needs.

Elastic Security Pros review quotes

Prasanth Prasad

Director of Technology at a tech vendor with 11-50 employees

Feb 15, 2024

It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.

Read full review

CN

CharlesNetshivhera

Senior DevOps Engineer at a financial services firm with 10,001+ employees

Dec 7, 2020

The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash.

Read full review

reviewer1411278

Big Data Team Leader at a tech services company with 51-200 employees

Apr 6, 2023

The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology.

Read full review

Elastic Security

Free Report: Elastic Security Reviews and More

Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.

816,192 professionals have used our research since 2012.

reviewer2389770

Chief ARCHITECT at a manufacturing company with 11-50 employees

Apr 12, 2024

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine.

Read full review

reviewer1174176

Associate Delivery Lead at a tech services company with 1,001-5,000 employees

Mar 4, 2020

ELK Logstash is easy and fast, at least for the initial setup with the out of box uses.

Read full review

reviewer1363986

IT at a tech vendor with 10,001+ employees

Aug 3, 2020

The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes.

Read full review

reviewer1596219

Engineer at a tech services company with 501-1,000 employees

Jul 1, 2022

We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive.

Read full review

reviewer1341687

Director of Engineering at a tech services company with 201-500 employees

May 18, 2020

The most valuable features are the speed, detail, and visualization. It has the latest standards.

Read full review

reviewer1393731

Consultant at a computer software company with 5,001-10,000 employees

May 21, 2021

It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast.

Read full review

reviewer1187142

Senior Tech Engineer at a tech services company with 1,001-5,000 employees

Feb 24, 2021

The cost is reasonable. It's not overly pricey.

Read full review

Show 10 more reviews (out of 57)

Elastic Security Cons review quotes

Prasanth Prasad

Director of Technology at a tech vendor with 11-50 employees

Feb 15, 2024

Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language.

Read full review

CN

CharlesNetshivhera

Senior DevOps Engineer at a financial services firm with 10,001+ employees

Dec 7, 2020

We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised.

Read full review

reviewer1411278

Big Data Team Leader at a tech services company with 51-200 employees

Apr 6, 2023

In terms of improvement, there could be more automation in responding to and evaluating detections.

Read full review

Elastic Security

Free Report: Elastic Security Reviews and More

Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.

816,192 professionals have used our research since 2012.

reviewer1174176

Associate Delivery Lead at a tech services company with 1,001-5,000 employees

Mar 4, 2020

In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts.

Read full review

reviewer1363986

IT at a tech vendor with 10,001+ employees

Aug 3, 2020

The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that.

Read full review

reviewer1596219

Engineer at a tech services company with 501-1,000 employees

Jul 1, 2022

It could use maybe a little more on the Linux side.

Read full review

reviewer1341687

Director of Engineering at a tech services company with 201-500 employees

May 18, 2020

If you compare this with CrowdStrike or Carbon Black, they can improve.

Read full review

reviewer1393731

Consultant at a computer software company with 5,001-10,000 employees

May 21, 2021

There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM.

Read full review

reviewer1187142

Senior Tech Engineer at a tech services company with 1,001-5,000 employees

Feb 24, 2021

This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage.

Read full review

Haitham AL-Sarmi

Information Security Analyst at a financial services firm with 1,001-5,000 employees

Feb 6, 2022

There isn't really a very good user experience. You need a lot of training.

Read full review

Show 10 more reviews (out of 59)

Product Categories

Product Categories

Security Information and Event Management (SIEM)

Endpoint Detection and Response (EDR)

Security Orchestration Automation and Response (SOAR)

Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons

Wazuh vs Elastic Security

Splunk Enterprise Security vs Elastic Security

Datadog vs Elastic Security

IBM Security QRadar vs Elastic Security

Graylog vs Elastic Security

LogRhythm SIEM vs Elastic Security

Sumo Logic Security vs Elastic Security

Security Onion vs Elastic Security

Devo vs Elastic Security

Fortinet FortiAnalyzer vs Elastic Security

syslog-ng vs Elastic Security

Google Cloud's operations suite (formerly Stackdriver) vs Elastic Security

USM Anywhere vs Elastic Security

SolarWinds Kiwi Syslog Server vs Elastic Security

ManageEngine Log360 vs Elastic Security

See all alternatives

Product Categories

Product Categories

Security Information and Event Management (SIEM)

Endpoint Detection and Response (EDR)

Security Orchestration Automation and Response (SOAR)

Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons

Wazuh vs Elastic Security

Splunk Enterprise Security vs Elastic Security

Datadog vs Elastic Security

IBM Security QRadar vs Elastic Security

Graylog vs Elastic Security

LogRhythm SIEM vs Elastic Security

Sumo Logic Security vs Elastic Security

Security Onion vs Elastic Security

Devo vs Elastic Security

Fortinet FortiAnalyzer vs Elastic Security

syslog-ng vs Elastic Security

Google Cloud's operations suite (formerly Stackdriver) vs Elastic Security

USM Anywhere vs Elastic Security

SolarWinds Kiwi Syslog Server vs Elastic Security

ManageEngine Log360 vs Elastic Security

See all alternatives

Related questions

4,643

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

49

What are the advantages of ELK over Splunk?

522

What would you choose for observability: Grafana observability platform or ELK stack?

39

When evaluating Log Management tools and software, what aspect do you think is the most important to look for?

4,643

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

165

Which Windows event log monitoring tool do you recommend?

423

What is the difference between log management and SIEM?

47

Splunk vs. Elastic Stack

86

How can Cloudtrail logs be used effectively to improve log monitoring?

461

Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?