Senior Cyber Security Manager at a tech services company with 11-50 employees
Real User
Top 10
2024-11-25T04:19:00Z
Nov 25, 2024
Elastic Security has developed its security capabilities and is currently in the early stages. It provides observability, security, and SIEM (Security Information and Event Management). It's an integrated security solution for enterprise-level organizations, offering visibility through Kibana. Additionally, it offers insights regarding alerts, reports, and cases, and the ability to create whitelisting and rules.
Chief ARCHITECT at a manufacturing company with 11-50 employees
Real User
Top 20
2024-04-12T13:08:00Z
Apr 12, 2024
I've been using the Elastic solution primarily as an IAM solution. It helps in threat-hunting investigations and provides case management and security incident management.
Executive Cybersecurity at a computer software company with 11-50 employees
Real User
Top 5
2023-10-03T08:58:22Z
Oct 3, 2023
We are looking for the same tool on-premises that we can provide to our client as an MSSP. We're evaluating different types of tools in the market. Although, we have a premium version, and I was checking the functions and features here. We have some questions about the query language. So that also from this console and so that we can actually want to have a demonstration session where we can clarify this thing query to manage.
We use Elastic Security for monitoring. Our client is a financial client, so we detect their infrastructure from that perspective. For example, if there is any unauthorized access to their financial systems, we need to know about that. We monitor all the instances they are using all the storage buckets they use, and then if they have exposed any APIs, we need to monitor those as well. They are using AWS Cloud, and we need to monitor their cloud services.
We have different use cases. We implement it for the banking and healthcare sectors. It's the most useful for the e-commerce platforms that we deploy it for. The most important feature is Elasticsearch. They also use it for security. Elastic Security has been deployed in the National Bank of Dubai. They are currently using Elastic Stack and they're also using the security version. It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader.
Big Data Team Leader at a tech services company with 51-200 employees
Real User
Top 20
2023-04-06T12:14:00Z
Apr 6, 2023
Elastic Security is usually used to deliver and analyze logs for security teams. Some common use cases include search and analytics of log data from the system and sending it to other components. We are using features like point security and detection of gathering data.
I worked for a telco client for the security model of Elastic, but my role was unit manager. I don't have a lot of technical expertise, but I decided on the solution for a client, and I was responsible for the delivery. I worked with the security of the mobile app. I see all the logs in Elastic for SIEM. I monitored the logging and some logs from the machine for a UNIX system with some use cases like the machine's file system. This solution is deployed on-premise. We provide this solution to our customers, which are telcos, in the finance industry, and in retail.
It is for our own infrastructure. We are trying to do ELK Stack for everything. We are trying to build our own monitoring solution. For now, we are using it as an alerting solution, and SIEM is going to be our destination.
Consultant at a computer software company with 5,001-10,000 employees
Real User
2021-05-21T09:52:37Z
May 21, 2021
There are around 150 pre-built use cases. One of the major use cases is when somebody tries to fiddle with logs, Elastic SIEM creates an alert because logs are the most critical things from the security aspect. For example, I have more than 1,000 terminals, which can be desktops, laptops, or any sort of servers. If somebody tries to delete Windows logs, Elastic SIEM immediately generates an alert indicating that somebody is trying to fiddle with the logs. Elastic SIEM sends me a pop-up message as well as an email.
I.T. Manager at a healthcare company with 51-200 employees
Real User
2020-10-01T09:58:00Z
Oct 1, 2020
We plan to use it to analyze the data that we're pumping into it from Active Directory and from firewalls, then we'll pass that information onto our own external SOC.
Consultant at a computer software company with 5,001-10,000 employees
Real User
2020-07-29T07:45:59Z
Jul 29, 2020
This is a log aggregation tool and we are using it for security purposes. There are 145 pre-built use cases, but we are still making some ourselves. One we built is an alarm for log deletion. For example, if a hacker tries to delete the log from a bank machine then it will raise an alarm immediately. A second use case is an alert for too many false login attempts, perhaps indicating a brute-force attack.
Director of Engineering at a tech services company with 201-500 employees
Real User
2020-05-18T07:50:00Z
May 18, 2020
We want to track and to respond to our security incidents. That's the main reason we use it, to analyze and see like what all the incidents that are happening. We also deploy it for some of our clients.
Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from...
Elastic Security has developed its security capabilities and is currently in the early stages. It provides observability, security, and SIEM (Security Information and Event Management). It's an integrated security solution for enterprise-level organizations, offering visibility through Kibana. Additionally, it offers insights regarding alerts, reports, and cases, and the ability to create whitelisting and rules.
I use Elastic Security to aggregate all logs from different devices in one place. It works pretty well and provides one overview of everything.
I use the tool for security operations.
I've been using the Elastic solution primarily as an IAM solution. It helps in threat-hunting investigations and provides case management and security incident management.
The product is for use cases involving observability, visualization, dashboards, analytics, and security.
We are looking for the same tool on-premises that we can provide to our client as an MSSP. We're evaluating different types of tools in the market. Although, we have a premium version, and I was checking the functions and features here. We have some questions about the query language. So that also from this console and so that we can actually want to have a demonstration session where we can clarify this thing query to manage.
We use Elastic Security for monitoring. Our client is a financial client, so we detect their infrastructure from that perspective. For example, if there is any unauthorized access to their financial systems, we need to know about that. We monitor all the instances they are using all the storage buckets they use, and then if they have exposed any APIs, we need to monitor those as well. They are using AWS Cloud, and we need to monitor their cloud services.
We have different use cases. We implement it for the banking and healthcare sectors. It's the most useful for the e-commerce platforms that we deploy it for. The most important feature is Elasticsearch. They also use it for security. Elastic Security has been deployed in the National Bank of Dubai. They are currently using Elastic Stack and they're also using the security version. It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader.
Our use case for Elastic Security is for log management and security information for the management team.
I use Elastic Search to collect logs from an Active Directory server and forward the incidents to the SOAR solution.
Elastic Security is usually used to deliver and analyze logs for security teams. Some common use cases include search and analytics of log data from the system and sending it to other components. We are using features like point security and detection of gathering data.
We primarily use Elastic Security as a log aggregator, so we use it like a SIEM. It ingests all our logs and reports on them in aggregate.
We primarily use the solution for security purposes.
We are using the solution for log management. We use it for monitoring and observing.
Basically, we are using this product for monitoring and for developing the processes for our company.
My customers use Elastic Security for security monitoring, threat hunting, and threat identification.
My clients use this solution for security purposes and SIEM and log management.
We use it as a SIEM for monitoring a client's environment.
I worked for a telco client for the security model of Elastic, but my role was unit manager. I don't have a lot of technical expertise, but I decided on the solution for a client, and I was responsible for the delivery. I worked with the security of the mobile app. I see all the logs in Elastic for SIEM. I monitored the logging and some logs from the machine for a UNIX system with some use cases like the machine's file system. This solution is deployed on-premise. We provide this solution to our customers, which are telcos, in the finance industry, and in retail.
Data retention, fastest search, data transformation and so on.
My primary use case is to check market prices.
It is for our own infrastructure. We are trying to do ELK Stack for everything. We are trying to build our own monitoring solution. For now, we are using it as an alerting solution, and SIEM is going to be our destination.
Our primary use case of this solution is for application performance monitoring. We are customers of ELK.
There are around 150 pre-built use cases. One of the major use cases is when somebody tries to fiddle with logs, Elastic SIEM creates an alert because logs are the most critical things from the security aspect. For example, I have more than 1,000 terminals, which can be desktops, laptops, or any sort of servers. If somebody tries to delete Windows logs, Elastic SIEM immediately generates an alert indicating that somebody is trying to fiddle with the logs. Elastic SIEM sends me a pop-up message as well as an email.
We plan to use it to analyze the data that we're pumping into it from Active Directory and from firewalls, then we'll pass that information onto our own external SOC.
This is a log aggregation tool and we are using it for security purposes. There are 145 pre-built use cases, but we are still making some ourselves. One we built is an alarm for log deletion. For example, if a hacker tries to delete the log from a bank machine then it will raise an alarm immediately. A second use case is an alert for too many false login attempts, perhaps indicating a brute-force attack.
We want to track and to respond to our security incidents. That's the main reason we use it, to analyze and see like what all the incidents that are happening. We also deploy it for some of our clients.
Elastic SIEM is used to monitor and deal with system log files.
We use Elastic SIEM for security and analytics.
We primarily use the solution for endpoint protection.