Elastic Security Primary Use Case
SyedAli17
Assistant Director at PTA
In Pakistan, the telecom sector requires centralized monitoring for all telecom operators and ISPs. All cellular mobile operators or internet service providers have their own SOCs or SIEM solutions, and we have integrated their security solutions with Elastic Security.
View full review »
reviewer2405523
Performance Practice Specialist at a local government with 10,001+ employees
Currently, I am using QRadar, which I consider legacy and outdated compared to Elastic Security and Splunk. I also explored Elastic Security yet haven't implemented it in production.
View full review »reviewer2181228
Senior Cyber Security Manager at a tech services company with 11-50 employees
Elastic Security has developed its security capabilities and is currently in the early stages. It provides observability, security, and SIEM (Security Information and Event Management). It's an integrated security solution for enterprise-level organizations, offering visibility through Kibana. Additionally, it offers insights regarding alerts, reports, and cases, and the ability to create whitelisting and rules.
View full review »Buyer's Guide
Elastic Security
June 2025
Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,957 professionals have used our research since 2012.
Gajewski Marek
Chief Technology Officer & Co-founder at CS2
I use Elastic Security to aggregate all logs from different devices in one place. It works pretty well and provides one overview of everything.
View full review »
Janis Cimins
Information Technology Security Specialist at IPro SIA
We use Elastic Security for basic SIEM reporting.
View full review »
Nikhil-Kumar
Assistant Manager - IT Security at Photon inc
We primarily use the solution for log management. We use its basic functionality.
View full review »SY
ShinichiYamamisaka
Consultant at SMRJ
I use the tool for security operations.
reviewer2389770
Chief ARCHITECT at a manufacturing company with 11-50 employees
I've been using the Elastic solution primarily as an IAM solution. It helps in threat-hunting investigations and provides case management and security incident management.
View full review »
Matthew DeGrandis
System Administrator at a financial services firm with 11-50 employees
We primarily use Elastic Security as a log aggregator, so we use it like a SIEM. It ingests all our logs and reports on them in aggregate.
.
Governance and Compliance Manager at NBS Bank
We primarily use the solution for security purposes.
View full review »
Prasanth Prasad
Director of Technology at a tech vendor with 11-50 employees
The product is for use cases involving observability, visualization, dashboards, analytics, and security.
reviewer2285439
Executive Cybersecurity at a computer software company with 11-50 employees
We are looking for the same tool on-premises that we can provide to our client as an MSSP. We're evaluating different types of tools in the market.
Although, we have a premium version, and I was checking the functions and features here.
We have some questions about the query language. So that also from this console and so that we can actually want to have a demonstration session where we can clarify this thing query to manage.
KS
KarthikeyanSrinivasan
Sr Cloud Data Architect at Sun Cloud LLC
It is for our own infrastructure. We are trying to do ELK Stack for everything. We are trying to build our own monitoring solution. For now, we are using it as an alerting solution, and SIEM is going to be our destination.
View full review »reviewer1602072
AVP, Site Reliability Engineer at a financial services firm with 10,001+ employees
Our primary use case of this solution is for application performance monitoring. We are customers of ELK.
View full review »reviewer1393731
Consultant at a computer software company with 5,001-10,000 employees
There are around 150 pre-built use cases. One of the major use cases is when somebody tries to fiddle with logs, Elastic SIEM creates an alert because logs are the most critical things from the security aspect. For example, I have more than 1,000 terminals, which can be desktops, laptops, or any sort of servers. If somebody tries to delete Windows logs, Elastic SIEM immediately generates an alert indicating that somebody is trying to fiddle with the logs. Elastic SIEM sends me a pop-up message as well as an email.
View full review »
Vikas Dusa
Cyber Security Trainer and Programmer at Freelancer
My use case for the product revolved around conducting demonstrations and testing. It also helped me with tracing ransomware and managing threat scenarios.
View full review »reviewer2198715
DevOps Engineer at a tech services company with 51-200 employees
We are using Elastic Security for logging the application logs, as we use a microservice architecture. So all application logs are saved to this LogSpot.
View full review »reviewer2125281
Intern Cybersecurity at a computer software company with 10,001+ employees
I use Elastic Search to collect logs from an Active Directory server and forward the incidents to the SOAR solution.
HamadaElewa
Technical Sales Manager at Spire Solutions
I sell Elastic Security to my customers. Almost all my customers use the free version, but some use the enterprise version.
View full review »
Sinan ŞENGÖR
Solutions Consultant at a tech services company with 5,001-10,000 employees
We are using the solution for log management. We use it for monitoring and observing.
View full review »
Tiodor Jovovic
Chief Business Officer at Sky Express
Basically, we are using this product for monitoring and for developing the processes for our company.
View full review »MF
Maria Foss
Chief Operating Officer / SR. Project Manager at SCS
We use it as a SIEM for monitoring a client's environment.
View full review »
Giuseppe Ragazzini
Project Delivery Manager at Spindox
I worked for a telco client for the security model of Elastic, but my role was unit manager. I don't have a lot of technical expertise, but I decided on the solution for a client, and I was responsible for the delivery.
I worked with the security of the mobile app. I see all the logs in Elastic for SIEM. I monitored the logging and some logs from the machine for a UNIX system with some use cases like the machine's file system.
This solution is deployed on-premise.
We provide this solution to our customers, which are telcos, in the finance industry, and in retail.
View full review »reviewer1569672
Devops/SRE tech lead at a transportation company with 201-500 employees
We do not use monitoring due to the fact that we use Prometheus for monitoring. We don't use APM and so on. We use ELK only for logging.
View full review »reviewer1433385
Associate Director - Solutions at a comms service provider with 1,001-5,000 employees
We use this solution for the Microsoft deployment of auto-management.
View full review »CN
CharlesNetshivhera
Senior DevOps Engineer at a financial services firm with 10,001+ employees
It is currently deployed as a single instance, but we are currently looking at clusters. We are using it for a logging solution. I'm a developer and act as a server engineer for DevOps Engineers. It's used by developers and mobile developers. It could be used by quite a few different teams.
View full review »reviewer1269834
I.T. Manager at a healthcare company with 51-200 employees
We plan to use it to analyze the data that we're pumping into it from Active Directory and from firewalls, then we'll pass that information onto our own external SOC.
View full review »reviewer1363986
IT at a tech vendor with 10,001+ employees
We primarily use the solution to have a correlation on all the Windows event logs. We use it more for forensic purposes now. We are looking for something which will be a more proactive product for us and be able to detect any threats and take automatic action.
View full review »reviewer1393731
Consultant at a computer software company with 5,001-10,000 employees
This is a log aggregation tool and we are using it for security purposes.
There are 145 pre-built use cases, but we are still making some ourselves. One we built is an alarm for log deletion. For example, if a hacker tries to delete the log from a bank machine then it will raise an alarm immediately. A second use case is an alert for too many false login attempts, perhaps indicating a brute-force attack.
View full review »FB
Fazil BasheerSyed
Technical Team Lead at Quester
I was using this product up until recently when I changed companies, but I have been asked to implement logging in my new role and this is one of the options that I am considering.
It was used in conjunction with Kibana to examine our logs and perform debugging. When a user complained about misbehavior in an application, we would research the logs, test, and try to find out where the bug is.
Haroon Khand
Head of Business Development at Qavi Technologies
We have different use cases. We implement it for the banking and healthcare sectors. It's the most useful for the e-commerce platforms that we deploy it for. The most important feature is Elasticsearch.
They also use it for security. Elastic Security has been deployed in the National Bank of Dubai. They are currently using Elastic Stack and they're also using the security version.
It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader.
View full review »reviewer2263155
Lead Security Engineer at a tech services company with 201-500 employees
We use Elastic Security for monitoring. Our client is a financial client, so we detect their infrastructure from that perspective. For example, if there is any unauthorized access to their financial systems, we need to know about that. We monitor all the instances they are using all the storage buckets they use, and then if they have exposed any APIs, we need to monitor those as well. They are using AWS Cloud, and we need to monitor their cloud services.
View full review »
Sudeera Mudugamuwa
Co-Founder at a tech vendor with 51-200 employees
We use Elastic Security to manage logs and time series data. More recently, we have used it for NetFlow data.
View full review »
Mustafa Husny
Senior System Engineer at Techline-eg
We are using Elastic Security as part of the Elastic Search component. The solution provides us with security, such as threat protection.
View full review »PC
PH Chiu
Consultant at a tech services company with 51-200 employees
My customers use Elastic Security for security monitoring, threat hunting, and threat identification.
View full review »WI
Wan Ikbal Ismat W.
Principal Cyber Security Manager at Ask4key
My clients use this solution for security purposes and SIEM and log management.
View full review »RG
Rubén García
Desarrollador Java Senior Full Stack at Optimissa Capital Markets Consulting
My primary use case is to check market prices.
View full review »reviewer1187142
Senior Tech Engineer at a tech services company with 1,001-5,000 employees
In general, the solution is working together with Open Shift's deployment for the continuous delivery of many projects. This product takes the metrics and checks the log for components that Open Shift deploys. We work with the observation team that monitors the entire company to understand what can be observed and analyzed.
SD
Steve Drill
VP Platform Engineering at Hydrogen
ELK Stack is made up of Elasticsearch, Logstash, and Kibana. What we have is considered modified ELK Stack where instead of the Logstash we use Fluentd, but it serves the same purpose as basically a pipe to get the data into the Elasticsearch.
We primarily use the solution for everything you could think of from error detection to general logging and auditing, to security awareness.
reviewer991806
Founder & Chief Executive Officer at a consultancy with 11-50 employees
We are using ELK Logstash for application log management and fault detection.
View full review »reviewer1341687
Director of Engineering at a tech services company with 201-500 employees
We want to track and to respond to our security incidents. That's the main reason we use it, to analyze and see like what all the incidents that are happening. We also deploy it for some of our clients.
View full review »it_user1247235
Cyber Security Consultant at a tech services company with 51-200 employees
Elastic SIEM is used to monitor and deal with system log files.
View full review »reviewer1331592
CEO at a tech services company with 51-200 employees
We use Elastic SIEM for security and analytics.
View full review »MA
Maxime AGARIM
Junior System Engineer at Efficom-lille
We use Logstash to retrieve data from our servers, from different sources, to our Elastic Stack. There, Elastic Search allows us to search it, and we can visualize the data with Kibana.
View full review »reviewer1269303
Senior Manager Analytics at a financial services firm with 501-1,000 employees
The primary use case of this solution is for IT monitoring, predictive maintenance, and anomaly detection.
View full review »reviewer1174176
Associate Delivery Lead at a tech services company with 1,001-5,000 employees
The primary use cases are for infrastructure monitoring networks, security analytics, and SIEM.
We are evaluating it for business analytics as well.
MR
MarioReale
Cloud Engineer at GARR
The primary use of this solution is to gather authentication information and use it to determine which identity provider is breaking on which service provider. We store it as anonymized session information for each user.
View full review »reviewer1222155
Manager- Information Security at a tech services company with 51-200 employees
We primarily use the solution for endpoint protection.
View full review »it_user771693
Works at a comms service provider with 51-200 employees
We are a service provider, and use this solution to work with our customers.
We use this solution for collecting firewall logs and then supplying them to the log analyzer.
We are running Fortinet FortiGate for our firewall, and these are the logs that we are analyzing. Normally, we have a problem with the visualization part.
View full review »it_user782697
Security Operation Center Analyst at Sadad
We used this solution for gathering our application logs and analyzing application behavior.
View full review »reviewer1411278
Big Data Team Leader at a tech services company with 51-200 employees
Elastic Security is usually used to deliver and analyze logs for security teams. Some common use cases include search and analytics of log data from the system and sending it to other components. We are using features like point security and detection of gathering data.
View full review »reviewer2227065
Presales Solutions Architect (Cyber Security) at a tech services company with 11-50 employees
Our use case for Elastic Security is for log management and security information for the management team.
View full review »Buyer's Guide
Elastic Security
June 2025
Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,957 professionals have used our research since 2012.
Buyer's Guide
Download our free Elastic Security Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2025
Product Categories
Log Management Security Information and Event Management (SIEM) Endpoint Detection and Response (EDR) Security Orchestration Automation and Response (SOAR) Extended Detection and Response (XDR)Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Fortinet FortiEDR
Datadog
Microsoft Sentinel
Splunk Enterprise Security
SentinelOne Singularity Complete
Microsoft Defender XDR
IBM Security QRadar
Cortex XDR by Palo Alto Networks
Trellix Endpoint Security Platform
Elastic Observability
Graylog
Buyer's Guide
Download our free Elastic Security Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More:
- Primary Use Case
- Benefits
- Valuable Features
- Room for Improvement
- Customer Service and Support
- Initial Setup
- ROI
- Pricing
- Other Advice
- Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
- What are the advantages of ELK over Splunk?
- What would you choose for observability: Grafana observability platform or ELK stack?
- When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
- Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
- Which Windows event log monitoring tool do you recommend?
- What is the difference between log management and SIEM?
- Splunk vs. Elastic Stack
- How can Cloudtrail logs be used effectively to improve log monitoring?
- Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
