Try our new research platform with insights from 80,000+ expert users

Elastic Security pros and cons

Vendor: Elastic

3.9 out of 5

64 reviews
86% willing to recommend

784 followers

Pros & Cons summary

Elastic Security is customizable and integrates well with cloud-native environments, offering advanced features like anomaly detection and ChatGPT integration. It excels in scalability and targeted log retrieval. However, challenges include integration with legacy systems, lacking built-in workflows, and limited authentication in Kibana's open-source edition. Documentation requires improvement to enhance user experience, and the transition from a free version to a basic license raises cost concerns among tech buyers.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

ELK documentation is comprehensive, minimizing the need for technical support.

Elastic Security is highly customizable and supports wide integration capabilities.

It offers impressive machine learning capabilities and efficient search functions.

Elastic Security provides scalability and can be easily implemented in various environments.

Elastic agents are lightweight and do not overload terminals, unlike other SIEM solutions.

CONS

Authentication and authorization features are not included in the open-source version, posing security challenges for large organizations.

Scalability issues arise with Logstash, necessitating a switch to Fluentd for real-time log aggregation.

Documentation requires improvement to aid both beginners and professionals in quickly finding solutions.

Training is not included in the purchase price, leading to additional costs for users seeking proper setup and optimization guidance.

Pricing can increase significantly with the volume of logs collected, creating an economic strain for users.

Elastic Security Pros review quotes

Prasanth Prasad

Director of Technology at a tech vendor with 11-50 employees

Feb 15, 2024

It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.

Read full review

CN

CharlesNetshivhera

Senior DevOps Engineer at a financial services firm with 10,001+ employees

Dec 7, 2020

The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash.

Read full review

reviewer1411278

Big Data Team Leader at a tech services company with 51-200 employees

Apr 6, 2023

The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology.

Read full review

Elastic Security

Free Report: Elastic Security Reviews and More

Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.

848,716 professionals have used our research since 2012.

reviewer2389770

Chief ARCHITECT at a manufacturing company with 11-50 employees

Apr 12, 2024

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine.

Read full review

reviewer1174176

Associate Delivery Lead at a tech services company with 1,001-5,000 employees

Mar 4, 2020

ELK Logstash is easy and fast, at least for the initial setup with the out of box uses.

Read full review

reviewer1363986

IT at a tech vendor with 10,001+ employees

Aug 3, 2020

The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes.

Read full review

reviewer1596219

Engineer at a tech services company with 501-1,000 employees

Jul 1, 2022

We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive.

Read full review

reviewer1341687

Director of Engineering at a tech services company with 201-500 employees

May 18, 2020

The most valuable features are the speed, detail, and visualization. It has the latest standards.

Read full review

reviewer1393731

Consultant at a computer software company with 5,001-10,000 employees

May 21, 2021

It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast.

Read full review

reviewer1187142

Senior Tech Engineer at a tech services company with 1,001-5,000 employees

Feb 24, 2021

The cost is reasonable. It's not overly pricey.

Read full review

Show 10 more reviews (out of 60)

Elastic Security Cons review quotes

Prasanth Prasad

Director of Technology at a tech vendor with 11-50 employees

Feb 15, 2024

Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language.

Read full review

CN

CharlesNetshivhera

Senior DevOps Engineer at a financial services firm with 10,001+ employees

Dec 7, 2020

We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised.

Read full review

reviewer1411278

Big Data Team Leader at a tech services company with 51-200 employees

Apr 6, 2023

In terms of improvement, there could be more automation in responding to and evaluating detections.

Read full review

Elastic Security

Free Report: Elastic Security Reviews and More

Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.

848,716 professionals have used our research since 2012.

reviewer1174176

Associate Delivery Lead at a tech services company with 1,001-5,000 employees

Mar 4, 2020

In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts.

Read full review

reviewer1363986

IT at a tech vendor with 10,001+ employees

Aug 3, 2020

The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that.

Read full review

reviewer1596219

Engineer at a tech services company with 501-1,000 employees

Jul 1, 2022

It could use maybe a little more on the Linux side.

Read full review

reviewer1341687

Director of Engineering at a tech services company with 201-500 employees

May 18, 2020

If you compare this with CrowdStrike or Carbon Black, they can improve.

Read full review

reviewer1393731

Consultant at a computer software company with 5,001-10,000 employees

May 21, 2021

There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM.

Read full review

reviewer1187142

Senior Tech Engineer at a tech services company with 1,001-5,000 employees

Feb 24, 2021

This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage.

Read full review

Haitham AL-Sarmi

Information Security Analyst at a financial services firm with 1,001-5,000 employees

Feb 6, 2022

There isn't really a very good user experience. You need a lot of training.

Read full review

Show 10 more reviews (out of 62)

Product Categories

Product Categories

Security Information and Event Management (SIEM)

Endpoint Detection and Response (EDR)

Security Orchestration Automation and Response (SOAR)

Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons

Wazuh vs Elastic Security

Datadog vs Elastic Security

Splunk Enterprise Security vs Elastic Security

IBM Security QRadar vs Elastic Security

Elastic Observability vs Elastic Security

Graylog vs Elastic Security

Security Onion vs Elastic Security

LogRhythm SIEM vs Elastic Security

Elastic Stack vs Elastic Security

syslog-ng vs Elastic Security

Fortinet FortiAnalyzer vs Elastic Security

Sumo Logic Security vs Elastic Security

Google Cloud's operations suite (formerly Stackdriver) vs Elastic Security

SolarWinds Kiwi Syslog Server vs Elastic Security

ManageEngine Log360 vs Elastic Security

See all alternatives

Product Categories

Product Categories

Security Information and Event Management (SIEM)

Endpoint Detection and Response (EDR)

Security Orchestration Automation and Response (SOAR)

Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons

Wazuh vs Elastic Security

Datadog vs Elastic Security

Splunk Enterprise Security vs Elastic Security

IBM Security QRadar vs Elastic Security

Elastic Observability vs Elastic Security

Graylog vs Elastic Security

Security Onion vs Elastic Security

LogRhythm SIEM vs Elastic Security

Elastic Stack vs Elastic Security

syslog-ng vs Elastic Security

Fortinet FortiAnalyzer vs Elastic Security

Sumo Logic Security vs Elastic Security

Google Cloud's operations suite (formerly Stackdriver) vs Elastic Security

SolarWinds Kiwi Syslog Server vs Elastic Security

ManageEngine Log360 vs Elastic Security

See all alternatives

Related questions

2,758

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

35

What are the advantages of ELK over Splunk?

289

What would you choose for observability: Grafana observability platform or ELK stack?

31

When evaluating Log Management tools and software, what aspect do you think is the most important to look for?

2,758

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

66

Which Windows event log monitoring tool do you recommend?

201

What is the difference between log management and SIEM?

42

Splunk vs. Elastic Stack

31

How can Cloudtrail logs be used effectively to improve log monitoring?

325

Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?