My use case for the product revolved around conducting demonstrations and testing. It also helped me with tracing ransomware and managing threat scenarios.
The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
My use case for the product revolved around conducting demonstrations and testing. It also helped me with tracing ransomware and managing threat scenarios.
The integration with Siemens Endpoint Security in Elastic Security has been beneficial for security. The provided rules are good, making it easy to create and understand rules. Patterns and detections are made through index patterns, requiring some follow-up steps.
In real-time, the impact of Elastic Security on ransomware is significant. For known and repeated ransomware, it can detect and prevent effectively using established signatures and behavioral patterns. However, for new types of ransomware with less complex behaviors or those that modify files minimally, conventional detection methods may struggle. Elastic Security proves to be effective even in challenging cases.
On the cloud, it allows testing of SaaS-based applications, performance evaluations using CDMs and APIs, incident detection within company network infrastructures, and comprehensive management of security services.
Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues.
I have utilized Elastic Security for approximately three to four months.
I rate the product’s stability an eight out of ten.
Scaling Elastic Security is relatively easy, with a rating of seven out of ten.
The tool's deployment is straightforward.
I rate the overall product an eight out of ten.
The product is for use cases involving observability, visualization, dashboards, analytics, and security.
There is a constant evolution in the product. I think that the solution has a strong roadmap in place. I believe that the tool is going to be a leader in a lot of spaces, considering that it is evolving at a fast rate.
From an improvement perspective, the product should be easier to use for those who don't know query language and have experience with only some basic products in the market.
I have been using Elastic Security for more than three years. My company has a partnership with Elastic Security. My company operates as the solution's reseller, and we also manage the tool's implementation.
It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.
It is an extremely scalable solution. Scalability-wise, I rate the solution a ten out of ten.
Whether the product suits small, medium, or enterprise-sized businesses is something that would depend on how you quantify your risks. Elastic Security is an ideal solution for anybody and everybody because it offers a free version of the solution. Small or medium businesses can use the free version of the tool. The solution has very comprehensive capabilities in the free version itself. Enterprises, large corporations, and government organizations can use the tool's paid version because it supports a lot of features from an analytical perspective. The free version doesn't have many analytical features in it. People who want to have a cybersecurity solution in their environment, which may not be specifically Elastic Security, should know the roadmap and the vision, along with a plan on what they want and how they want to go about with the product they want in their company to see where they want to end up in their cybersecurity journey. Your investments will make a lot of sense if you have a clear vision in mind.
Elastic Security is not an ideal product if you are trying to do something very simple or basic with some check mark activities or an audit to show someone that there is some technology used in the company.
I haven't had any single customer of my company telling me that the support of the product is not good. I believe that the product offers great support. I rate the technical support a nine out of ten.
Positive
I have experience with Elastic Security, Rapid7, and IBM.
I rate the initial setup phase a six or seven on a scale of one to ten, where one is difficult and ten is easy.
The product's initial setup phase is neither easy nor difficult. It is easy to manage the setup phase if you know how to do it correctly. Complexity comes along as a part of the tool, especially if it is powerful and has a lot of capabilities. If it is very easy to manage the setup phase of a tool, then it is bound to have some limitations.
The solution is deployed on the cloud, on-premises model, or a hybrid cloud.
It can take a few days to get the product up and running. The time required to deploy the tool depends on the use cases of the user.
The product offers an amazing pricing structure. Price-wise, the product is very competitive.
The product has made amazing developments and has gone miles ahead in a short span of time when it comes to its enhanced threat detection and threat response capabilities.
The product has helped manage endpoint security since it serves as a single tool that provides all the functionalities together. After you deploy Elastic Security, you can do everything with it, and there is no need to buy separate products or licenses. Through the setup of Elastic ELK Stack, you can get all the functionalities like SIEM, SOC, threat detection, endpoint detection, user behavior analytics, data analytics, data lake analytics, virtualization, dashboarding, cross-referencing, and threat response.
Elastic Security's most beneficial for security needs steps from the tool's openness. The tool is a highly customizable product, allowing you to play with it as much as you want.
Speaking about real-time data analytics features in Elastic Security improve security posture, the real-time is not real-time natively. You need real-time streaming capabilities, for which you need something like Apache Kafka to stream data. The analytical power of Elastic Security is extremely high. If you can get me data in real-time, I can analyze data in real time with Elastic Security.
The product has introduced generative AI in the tool.
The product has covered all technological advancements a person can think of, and it also has a lot of roadmap for the future development of the solution. The tool is strong and capable.
Elastic Security offers one of the highest integration capabilities I have seen in any kit in the market. The tool offers a lot of out-of-the-box connectors and a lot of certification from a lot of providers across different areas. From a workflow perspective, if you are a customer using a proprietary tool with proprietary mechanisms to manage how work is done, then the integration offered by Elastic Security wouldn't be great. If you have an enterprise-grade product involving firewall solutions, SOC tools, endpoint tools, privilege access management solutions, or any other cybersecurity tools, Elastic Security's integration capabilities would work and help manage your workflows seamlessly.
One of my company's customers told me that the incident response time after the implementation of the product was reduced by half within the first few weeks of the rolling out of the solution in the company.
The product is very user-friendly since it offers generative AI in the dashboard. If you don't know how to do something on the dashboard, you can ask a question, and the solution will guide you. From a user perspective, I would say that the person using the product should be knowledgeable and should know what he wants. The product is not for someone who is a novice. The cybersecurity analyst working on the tool should have a fair understanding of what he wants to achieve with the product. It is okay if a cybersecurity analyst does not know how to write a query in the tool since the product offers help through generative AI. You can ask generative AI how to write a query, and it helps you. Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language. It would be easy to move to Elastic Security for those who use Splunk, IBM QRadar, or other enterprise-grade tools.
I rate the overall tool a ten out of ten.
