Try our new research platform with insights from 80,000+ expert users
Elastic Security Logo

Elastic Security pros and cons

Vendor: Elastic
3.9 out of 5
Leave a review

Pros & Cons summary

Elastic Security impresses tech buyers with its intelligence, scalability, and cost-effectiveness, seamlessly integrating with cloud environments. It excels in machine learning and log indexing, although Kibana lacks default authentication, requiring extra tools. Challenges include Logstash scalability and delayed aggregation, leading some to switch to EFK. Elastic Security’s steep learning curve and additional costs for increased log volume are concerns. Despite lacking automation, detailed ELK documentation minimizes technical support needs.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

ELK documentation is very comprehensive, reducing the need for technical support.
ELK is recognized as the best open-source option for managing and analyzing logs in SO environments.
Elastic Security is known for its scalability and can be easily adapted to varying demands.
The platform offers advanced features like machine learning and integration capabilities, enhancing its utility in security management.
Elastic Security is highly cost-effective, offering a good cost-benefit ratio compared to other vendors.

CONS

Elastic Security lacks user authentication and authorization features in its open-source version, requiring external tools.
Elastic Security's scalability and resource consumption are challenging, with difficulties in scaling, upgrading, and setup.
Elastic Security provides inadequate documentation and support, leading to a steep learning curve and implementation challenges.
The integration with third-party services and automation capabilities needs improvement, including better reporting and alerting features.
Elastic Security's pricing is high, with additional costs and training not included in the purchase price.
 

Elastic Security Pros review quotes

Prasanth Prasad - PeerSpot reviewer
Feb 15, 2024
It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.
Read full review
CN
Dec 7, 2020
The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash.
Read full review
reviewer1411278 - PeerSpot reviewer
Apr 6, 2023
The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology.
Read full review
Buyer's Guide
Elastic Security
November 2025
Free Report: Elastic Security Reviews and More
Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: November 2025.
DOWNLOAD NOW
872,869 professionals have used our research since 2012.
reviewer2389770 - PeerSpot reviewer
Apr 12, 2024
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine.
Read full review
reviewer1174176 - PeerSpot reviewer
Mar 4, 2020
ELK Logstash is easy and fast, at least for the initial setup with the out of box uses.
Read full review
reviewer1363986 - PeerSpot reviewer
Aug 3, 2020
The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes.
Read full review
reviewer1596219 - PeerSpot reviewer
Jul 1, 2022
We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive.
Read full review
reviewer1341687 - PeerSpot reviewer
May 18, 2020
The most valuable features are the speed, detail, and visualization. It has the latest standards.
Read full review
reviewer1393731 - PeerSpot reviewer
May 21, 2021
It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast.
Read full review
Mustafa Duran - PeerSpot reviewer
Jul 3, 2025
Elastic Security is applied within my cyber defense strategy by utilizing many modules such as EDR, GenAI, SOAR module and combines with the SIEM module.
Read full review
Show 10 more reviews (out of 62)
 

Elastic Security Cons review quotes

Prasanth Prasad - PeerSpot reviewer
Feb 15, 2024
Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language.
Read full review
CN
Dec 7, 2020
We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised.
Read full review
reviewer1411278 - PeerSpot reviewer
Apr 6, 2023
In terms of improvement, there could be more automation in responding to and evaluating detections.
Read full review
Buyer's Guide
Elastic Security
November 2025
Free Report: Elastic Security Reviews and More
Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: November 2025.
DOWNLOAD NOW
872,869 professionals have used our research since 2012.
reviewer1174176 - PeerSpot reviewer
Mar 4, 2020
In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts.
Read full review
reviewer1363986 - PeerSpot reviewer
Aug 3, 2020
The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that.
Read full review
reviewer1596219 - PeerSpot reviewer
Jul 1, 2022
It could use maybe a little more on the Linux side.
Read full review
reviewer1341687 - PeerSpot reviewer
May 18, 2020
If you compare this with CrowdStrike or Carbon Black, they can improve.
Read full review
reviewer1393731 - PeerSpot reviewer
May 21, 2021
There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM.
Read full review
Mustafa Duran - PeerSpot reviewer
Jul 3, 2025
Installation is a little bit overwhelming, so improvements on the installation site could make it easier.
Read full review
reviewer1187142 - PeerSpot reviewer
Feb 24, 2021
This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage.
Read full review
Show 10 more reviews (out of 64)

Product Categories

Product Categories
Log Management
Security Information and Event Management (SIEM)
Endpoint Detection and Response (EDR)
Security Orchestration Automation and Response (SOAR)
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Microsoft Defender for Endpoint vs Elastic Security Logo
Microsoft Defender for Endpoint vs Elastic Security
Fortinet FortiEDR vs Elastic Security Logo
Fortinet FortiEDR vs Elastic Security
Datadog vs Elastic Security Logo
Datadog vs Elastic Security
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
Microsoft Sentinel vs Elastic Security Logo
Microsoft Sentinel vs Elastic Security
SentinelOne Singularity Complete vs Elastic Security Logo
SentinelOne Singularity Complete vs Elastic Security
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Microsoft Defender XDR vs Elastic Security Logo
Microsoft Defender XDR vs Elastic Security
Cortex XDR by Palo Alto Networks vs Elastic Security Logo
Cortex XDR by Palo Alto Networks vs Elastic Security
Tanium vs Elastic Security Logo
Tanium vs Elastic Security
Trellix Endpoint Security Platform vs Elastic Security Logo
Trellix Endpoint Security Platform vs Elastic Security
Elastic Observability vs Elastic Security Logo
Elastic Observability vs Elastic Security
Huntress Managed EDR vs Elastic Security Logo
Huntress Managed EDR vs Elastic Security
See all alternatives

Product Categories

Product Categories
Log Management
Security Information and Event Management (SIEM)
Endpoint Detection and Response (EDR)
Security Orchestration Automation and Response (SOAR)
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Microsoft Defender for Endpoint vs Elastic Security Logo
Microsoft Defender for Endpoint vs Elastic Security
Fortinet FortiEDR vs Elastic Security Logo
Fortinet FortiEDR vs Elastic Security
Datadog vs Elastic Security Logo
Datadog vs Elastic Security
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
Microsoft Sentinel vs Elastic Security Logo
Microsoft Sentinel vs Elastic Security
SentinelOne Singularity Complete vs Elastic Security Logo
SentinelOne Singularity Complete vs Elastic Security
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Microsoft Defender XDR vs Elastic Security Logo
Microsoft Defender XDR vs Elastic Security
Cortex XDR by Palo Alto Networks vs Elastic Security Logo
Cortex XDR by Palo Alto Networks vs Elastic Security
Tanium vs Elastic Security Logo
Tanium vs Elastic Security
Trellix Endpoint Security Platform vs Elastic Security Logo
Trellix Endpoint Security Platform vs Elastic Security
Elastic Observability vs Elastic Security Logo
Elastic Observability vs Elastic Security
Huntress Managed EDR vs Elastic Security Logo
Huntress Managed EDR vs Elastic Security
See all alternatives
Related questions
  • 859
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
  • 24
What are the advantages of ELK over Splunk?
  • 60
What would you choose for observability: Grafana observability platform or ELK stack?
  • 30
When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
  • 859
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
  • 37
Which Windows event log monitoring tool do you recommend?
  • 41
What is the difference between log management and SIEM?
  • 35
Splunk vs. Elastic Stack
  • 11
How can Cloudtrail logs be used effectively to improve log monitoring?
  • 151
Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?