Try our new research platform with insights from 80,000+ expert users

Elastic Security pros and cons

Vendor: Elastic

3.9 out of 5

65 reviews
86% willing to recommend

Pros & Cons summary

Elastic Security provides flexibility and scalability, ideal for diverse environments with integration capabilities. Features like machine learning and ChatGPT enhance its intelligence, though a steep learning curve exists. Comprehensive documentation minimizes support needs, but maintenance can be challenging. ELK documentation aids usage, yet the licensing model impacts cost due to non-free features. Authentication requires extra tools, and predictive maintenance must be user-developed, reflecting its customizable nature.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Elastic Security is highly customizable, allowing for seamless integration and adaptability across different environments.

It offers advanced features such as anomaly detection, scalability, and real-time processing that enhance security posture.

The platform provides a comprehensive and flexible SIEM environment with modules like EDR and SOAR, enhancing incident response capabilities.

Elastic is open-source, which ensures cost-effectiveness and broad community support for troubleshooting and development.

Elastic Security excels in scalability, enabling it to adapt easily to both production environments and cloud-native settings.

CONS

Authentication is not a default feature in Kibana, requiring additional tools for authorization.

The documentation should be improved for clarity and easier understanding.

Scalability issues exist, requiring middleware changes from Logstash to Fluentd.

Training is not included with Elastic and incurs extra costs.

There is a need for better integration with third-party APMs.

Elastic Security Pros review quotes

Prasanth Prasad

Director of Technology at a tech vendor with 11-50 employees

Feb 15, 2024

It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.

Read full review

CN

CharlesNetshivhera

Senior DevOps Engineer at a financial services firm with 10,001+ employees

Dec 7, 2020

The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash.

Read full review

reviewer1411278

Big Data Team Leader at a tech services company with 51-200 employees

Apr 6, 2023

The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology.

Read full review

Elastic Security

Free Report: Elastic Security Reviews and More

Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.

865,164 professionals have used our research since 2012.

reviewer2389770

Chief ARCHITECT at a manufacturing company with 11-50 employees

Apr 12, 2024

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine.

Read full review

reviewer1174176

Associate Delivery Lead at a tech services company with 1,001-5,000 employees

Mar 4, 2020

ELK Logstash is easy and fast, at least for the initial setup with the out of box uses.

Read full review

reviewer1363986

IT at a tech vendor with 10,001+ employees

Aug 3, 2020

The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes.

Read full review

reviewer1596219

Engineer at a tech services company with 501-1,000 employees

Jul 1, 2022

We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive.

Read full review

reviewer1341687

Director of Engineering at a tech services company with 201-500 employees

May 18, 2020

The most valuable features are the speed, detail, and visualization. It has the latest standards.

Read full review

reviewer1393731

Consultant at a computer software company with 5,001-10,000 employees

May 21, 2021

It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast.

Read full review

I Specialist Security Engineer I at Platin Bilisim

Jul 3, 2025

Elastic Security is applied within my cyber defense strategy by utilizing many modules such as EDR, GenAI, SOAR module and combines with the SIEM module.

Read full review

Show 10 more reviews (out of 61)

Elastic Security Cons review quotes

Prasanth Prasad

Director of Technology at a tech vendor with 11-50 employees

Feb 15, 2024

Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language.

Read full review

CN

CharlesNetshivhera

Senior DevOps Engineer at a financial services firm with 10,001+ employees

Dec 7, 2020

We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised.

Read full review

reviewer1411278

Big Data Team Leader at a tech services company with 51-200 employees

Apr 6, 2023

In terms of improvement, there could be more automation in responding to and evaluating detections.

Read full review

Elastic Security

Free Report: Elastic Security Reviews and More

Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.

865,164 professionals have used our research since 2012.

reviewer1174176

Associate Delivery Lead at a tech services company with 1,001-5,000 employees

Mar 4, 2020

In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts.

Read full review

reviewer1363986

IT at a tech vendor with 10,001+ employees

Aug 3, 2020

The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that.

Read full review

reviewer1596219

Engineer at a tech services company with 501-1,000 employees

Jul 1, 2022

It could use maybe a little more on the Linux side.

Read full review

reviewer1341687

Director of Engineering at a tech services company with 201-500 employees

May 18, 2020

If you compare this with CrowdStrike or Carbon Black, they can improve.

Read full review

reviewer1393731

Consultant at a computer software company with 5,001-10,000 employees

May 21, 2021

There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM.

Read full review

I Specialist Security Engineer I at Platin Bilisim

Jul 3, 2025

Installation is a little bit overwhelming, so improvements on the installation site could make it easier.

Read full review

reviewer1187142

Senior Tech Engineer at a tech services company with 1,001-5,000 employees

Feb 24, 2021

This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage.

Read full review

Show 10 more reviews (out of 63)

Product Categories

Product Categories

Security Information and Event Management (SIEM)

Endpoint Detection and Response (EDR)

Security Orchestration Automation and Response (SOAR)

Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons

CrowdStrike Falcon vs Elastic Security

Wazuh vs Elastic Security

Microsoft Defender for Endpoint vs Elastic Security

Fortinet FortiEDR vs Elastic Security

Datadog vs Elastic Security

Microsoft Sentinel vs Elastic Security

Splunk Enterprise Security vs Elastic Security

SentinelOne Singularity Complete vs Elastic Security

Microsoft Defender XDR vs Elastic Security

IBM Security QRadar vs Elastic Security

Cortex XDR by Palo Alto Networks vs Elastic Security

Trellix Endpoint Security Platform vs Elastic Security

Elastic Observability vs Elastic Security

Tanium vs Elastic Security

Graylog vs Elastic Security

See all alternatives

Product Categories

Product Categories

Security Information and Event Management (SIEM)

Endpoint Detection and Response (EDR)

Security Orchestration Automation and Response (SOAR)

Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons

CrowdStrike Falcon vs Elastic Security

Wazuh vs Elastic Security

Microsoft Defender for Endpoint vs Elastic Security

Fortinet FortiEDR vs Elastic Security

Datadog vs Elastic Security

Microsoft Sentinel vs Elastic Security

Splunk Enterprise Security vs Elastic Security

SentinelOne Singularity Complete vs Elastic Security

Microsoft Defender XDR vs Elastic Security

IBM Security QRadar vs Elastic Security

Cortex XDR by Palo Alto Networks vs Elastic Security

Trellix Endpoint Security Platform vs Elastic Security

Elastic Observability vs Elastic Security

Tanium vs Elastic Security

Graylog vs Elastic Security

See all alternatives

Related questions

1,520

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

26

What are the advantages of ELK over Splunk?

129

What would you choose for observability: Grafana observability platform or ELK stack?

28

When evaluating Log Management tools and software, what aspect do you think is the most important to look for?

1,520

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

43

Which Windows event log monitoring tool do you recommend?

60

What is the difference between log management and SIEM?

41

Splunk vs. Elastic Stack

12

How can Cloudtrail logs be used effectively to improve log monitoring?

205

Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?