Overview
Product Information on Elastic Security
What is Elastic Security?
Elastic Security Pricing
Overall experience with Elastic Security
“Unified SIEM and XDR Platform Streamlines Threat Detection Across Hybrid Environments”
“Frequent Elasticsearch Updates Sacrifice Stability and Maturity of Tool”
About Company
Company Description
Elastic enables organizations to securely harness search-powered AI so anyone can find the answers they need in real-time using all their data, at scale. By integrating AI with search technology, it facilitates the discovery of actionable insights from large volumes of both structured and unstructured data, addressing the need for real-time, scalable data processing. Our Elasticsearch Platform delivers search-powered AI for observability, security and search. Companies can now solve real-time business problems and achieve better business outcomes by taking advantage of massive amounts of structured and unstructured data, securing and protecting private information more effectively, and optimizing infrastructure and talent resources more efficiently. Elastic’s complete, easy-to-use cloud-based platform offers solutions in search, security, and observability, aimed at aiding businesses in leveraging AI technology securely and effectively.
Company Details
Do You Manage Peer Insights at Elastic?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
User Sentiment About Elastic Security
Reviewer Insights for: Elastic Security
Deciding Factors: Elastic Security Vs. Market Average
Performance of Elastic Security Across Market Features
Elastic Security Likes & Dislikes
It is the seamless unification of SIEM, XDR and endpoint protection into one powerhouse platform. It's like having a full-spectrum security orchestra that plays perfectly in tune. Real-time AI-driven threat detection and Kibanas drag-and-drop dashboard make investigating complex attacks intuitive and fast, turning hours of manual log-sifting into minutes of actionable insights. Plus, its scalability handles massive data volumes across hybrid environments without compromising performance, delivering unbeatable TCO compared to fragmented legacy tools. Its empowered our team to shift from constant alert overload to strategic hunting, which is a game-changer for any SOC under pressure.
I like the customizability, flexibility, and overall functionality of the Elasticsearch cluster. I am a big fan of the numerous integrations and prebuilt alerting rules.
A single data lake combining Elastic Security logs and other log sources well Elastic Common Schema (ECS) makes search queries across different endpoints easy Elastic Security provides detailed insights into activities on the endpoint, including process executions, file handling, network connections, etc.
The initial learning curve for fine-tuning custom ML jobs and UEBA models can be steep if your team lacks Elasticsearch expertise. It took us a couple weeks of trial and error to optimize the anomaly detection for our unique OT traffic patterns. Endpoint agent deployment occasionally hit compatibility hiccups on legacy Windows servers, requiring manual tweaks or staged rollouts, which slowed our full coverage by about 10% initially. Reporting customization for executive summaries feels clunky compared to Kibanas investigative prowess - you end up scripting exports or using third party connectors for polished CISO-ready PDFs, rather than one click native.
The AI capabilities, based on what is considered GA in the product right now, is really, really subpar. I also dislike that we can't easily downgrade if we perform an upgrade and it causes issues. Overall, the product is really good but the constant drive to introduce new features seems to negatively impact the stability and reliability of the tool Also, the documentation provided by Elastic is far too complex and vague to be of any real help when troubleshooting. And - it's REALLY, REALLY hard to find experienced engineers working with Elasticsearch.
Elastic Security UI is not intuitive to use and feels very different Elastic Security provides an extensive list of predefined rules, but it does not cover all services. Building, maintaining and configuring predefined rules is mandatory.
Top Elastic Security Alternatives
Peer Discussions
Elastic Security Reviews and Ratings
- Sales Systems Engineer50M-1B USDIT ServicesReview Source
Unified SIEM and XDR Platform Streamlines Threat Detection Across Hybrid Environments
It´s transformed our SOC from reactive firefighting to proactive threat domination. We deployed it across hybrid environments (on-prem servers, AWS, and OT networks), and the unified SIEM+XDR approach with AI-Driven detection rules cut our mean time to respond by over 70% in the first quarter alone. Kibana´s intuitive dashboards and real-time visualizations make threat hunting feel effortless, while features like Endpoint Security and Attack Discovery have stopped sophisticated attacks we´d have missed with legacy tools. - It Security & Risk Management Associate50M-1B USDBankingReview Source
Elastic Security provides enhanced endpoint visibility but requires an experienced security team to run it to its capabilities
The Elastic Stack is an exceptionally helpful and versatile platform offering great capabilities. One part of this platform is Elastic Security, providing endpoint visibility for clients and servers. Elastic Security has made huge steps in the last years as Elastic has put a lot of effort in developing this part. While Elastic Security integrates well into the Elastic platform and its UI is very powerful, it is not very intuitive to use. - Engineer10B+ USDTelecommunicationReview Source
Elastic Security - innovation and inflexibility
Elastic Security works really well. Logs are very easily searchable and the alerting rules are easy to write, test and implement as well as inspect and analyse using dashboards etc. - Manager, It Security And Risk Management50M-1B USDIT ServicesReview Source
Elastic Security Platform Enhances Threat Detection But Demands Skilled Management
Elastic Security provides a powerful and flexible security analytics platform with strong SIEM and endpoint visibility capabilities. The solution scales well for enterprise environments and offers deep visibility across logs, endpoints, and cloud workloads. While the platform is highly capable, it requires skilled resources for optimal tuning and ongoing management. Overall, it has significantly improved our threat detection, investigation, and response efficiency. - IT SECURITY & RISK MANAGEMENT ASSOCIATE50M-1B USDIT ServicesReview Source
Elastic Aggregates Diverse Security Data But Requires Tuning And Custom Detection
I have been using Elastic for about a year across SIEM and endpoint security, deployed via Elastic cloud and non prem. It's strong at aggregating diverse data and providing fast, flexible search and detection. The built-in rules and Mitre framework mappings are a good starting point, but meaningful value comes after you invest in tuning and custom detection.