Try our new research platform with insights from 80,000+ expert users

Elastic Security pros and cons

Vendor: Elastic

3.8 out of 5

62 reviews
85% willing to recommend

804 followers

Pros & Cons summary

Elastic Security is highly scalable, handling millions of loads with valuable search capabilities for efficient log retrieval. It integrates extensively with cloud-native environments and supports proactive security through machine learning. Though customization is possible, it requires third-party tools for authentication and manual scalability interventions. Documentation clarity and a pricing model addressing additional costs are needed, as is better integration with third-party APMs and enhancements in reporting features.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Elastic Security offers robust scalability and can easily expand in a production environment.

The search capability with efficient query and alert generation is highly valued by users.

Elastic Security's machine learning and anomaly detection features are considered highly beneficial for security and incident response.

The community surrounding Elastic Security provides extensive support and documentation.

Elastic Security's REST API-based architecture enhances integration and adaptability in various environments.

CONS

Authentication is not a default feature in Kibana, requiring additional tools for security measures.

Scalability issues have been noted, particularly with Logstash, leading to delays in data processing.

Documentation could be improved to better guide both beginners and professionals.

There is a need for enhancing training offered with Elastic, which currently requires an additional cost.

Elastic Security lacks effective user permissions management and a scalable architecture, complicating maintenance and upgrades.

Elastic Security Pros review quotes

Prasanth Prasad

Director of Technology at a tech vendor with 11-50 employees

Feb 15, 2024

It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.

Read full review

CN

CharlesNetshivhera

Senior DevOps Engineer at a financial services firm with 10,001+ employees

Dec 7, 2020

The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash.

Read full review

reviewer1411278

Big Data Team Leader at a tech services company with 51-200 employees

Apr 6, 2023

The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology.

Read full review

Elastic Security

Free Report: Elastic Security Reviews and More

Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.

824,053 professionals have used our research since 2012.

reviewer2389770

Chief ARCHITECT at a manufacturing company with 11-50 employees

Apr 12, 2024

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine.

Read full review

reviewer1174176

Associate Delivery Lead at a tech services company with 1,001-5,000 employees

Mar 4, 2020

ELK Logstash is easy and fast, at least for the initial setup with the out of box uses.

Read full review

reviewer1363986

IT at a tech vendor with 10,001+ employees

Aug 3, 2020

The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes.

Read full review

reviewer1596219

Engineer at a tech services company with 501-1,000 employees

Jul 1, 2022

We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive.

Read full review

reviewer1341687

Director of Engineering at a tech services company with 201-500 employees

May 18, 2020

The most valuable features are the speed, detail, and visualization. It has the latest standards.

Read full review

reviewer1393731

Consultant at a computer software company with 5,001-10,000 employees

May 21, 2021

It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast.

Read full review

reviewer1187142

Senior Tech Engineer at a tech services company with 1,001-5,000 employees

Feb 24, 2021

The cost is reasonable. It's not overly pricey.

Read full review

Show 10 more reviews (out of 58)

Elastic Security Cons review quotes

Prasanth Prasad

Director of Technology at a tech vendor with 11-50 employees

Feb 15, 2024

Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language.

Read full review

CN

CharlesNetshivhera

Senior DevOps Engineer at a financial services firm with 10,001+ employees

Dec 7, 2020

We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised.

Read full review

reviewer1411278

Big Data Team Leader at a tech services company with 51-200 employees

Apr 6, 2023

In terms of improvement, there could be more automation in responding to and evaluating detections.

Read full review

Elastic Security

Free Report: Elastic Security Reviews and More

Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.

824,053 professionals have used our research since 2012.

reviewer1174176

Associate Delivery Lead at a tech services company with 1,001-5,000 employees

Mar 4, 2020

In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts.

Read full review

reviewer1363986

IT at a tech vendor with 10,001+ employees

Aug 3, 2020

The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that.

Read full review

reviewer1596219

Engineer at a tech services company with 501-1,000 employees

Jul 1, 2022

It could use maybe a little more on the Linux side.

Read full review

reviewer1341687

Director of Engineering at a tech services company with 201-500 employees

May 18, 2020

If you compare this with CrowdStrike or Carbon Black, they can improve.

Read full review

reviewer1393731

Consultant at a computer software company with 5,001-10,000 employees

May 21, 2021

There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM.

Read full review

reviewer1187142

Senior Tech Engineer at a tech services company with 1,001-5,000 employees

Feb 24, 2021

This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage.

Read full review

Haitham AL-Sarmi

Information Security Analyst at a financial services firm with 1,001-5,000 employees

Feb 6, 2022

There isn't really a very good user experience. You need a lot of training.

Read full review

Show 10 more reviews (out of 60)

Related questions

4,270

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

42

What are the advantages of ELK over Splunk?

455

What would you choose for observability: Grafana observability platform or ELK stack?

37

When evaluating Log Management tools and software, what aspect do you think is the most important to look for?

4,270

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

127

Which Windows event log monitoring tool do you recommend?

370

What is the difference between log management and SIEM?

43

Splunk vs. Elastic Stack

77

How can Cloudtrail logs be used effectively to improve log monitoring?

435

Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?