Elastic Security Reviews

Name: Elastic Security
Brand: Elastic
Rating: 3.9 (65 reviews)

3.9 out of 5

65 reviews
86% willing to recommend

What is Elastic Security?

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Get the Elastic Security Buyer's Guide and find out what your peers are saying about Elastic Security, CrowdStrike Falcon, Microsoft Defender for Endpoint and more!

Elastic Security is the #5 ranked solution in top Security Information and Event Management (SIEM) solutions, #8 ranked solution in SOAR tools, #10 ranked solution in XDR Security products, #11 ranked solution in Log Management Software, and #17 ranked solution in EDR tools. PeerSpot users give Elastic Security an average rating of 7.8 out of 10. Elastic Security is most commonly compared to CrowdStrike Falcon: Elastic Security vs CrowdStrike Falcon. Elastic Security is popular among the large enterprise segment, accounting for 52% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 16% of all views.

Helped 862,514 peers since 2012

Featured Elastic Security reviews

SyedAli17

Assistant Director at PTA

The processing part of Elastic Security ( /products/elastic-security-reviews ) is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.

Read full review

Mustafa Duran

I Specialist Security Engineer I at Platin Bilisim

For functionalities or features I would want to see in the next release, it would be related to the configuration part or more customization features. It has an AI, but it does not have an NDR module, specifically a network detection and response module. We are utilizing AI; we implemented the AI assistant in Elastic Security, and our analysts are using the AI assistant to investigate the alarms and some data. It is very useful.

Read full review

Gajewski Marek

Chief Technology Officer & Co-founder at CS2

We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.

Read full review

Elastic Security mindshare

Product category:

As of July 2025, the mindshare of Elastic Security in the Log Management category stands at 3.0%, down from 6.0% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Log Management

PeerResearch reports based on Elastic Security reviews

Type	Title	Date
Category	Log Management	Jul 20, 2025	Download
Product	Reviews, tips, and advice from real users	Jul 20, 2025	Download
Comparison	Elastic Security vs Wazuh	Jul 20, 2025	Download
Comparison	Elastic Security vs Splunk Enterprise Security	Jul 20, 2025	Download
Comparison	Elastic Security vs Datadog	Jul 20, 2025	Download

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	N/A	96%	132 interviews Add to research
Microsoft Defender for Endpoint	4.1	N/A	94%	197 interviews Add to research

Valuable Features

Elastic Security offers valuable features like Elasticsearch Indexing and Kibana visualization tools. Users appreciate the intelligence and speed, threat hunting with AI-related queries, and flexible customization options. The platform's machine learning, scalability, and open-source nature are praised, along with fast search capabilities. Integration, efficient data processing, comprehensive security insights, and proactive alerting are also highly regarded, aiding centralized visibility and rapid response to threats.

"Elastic Security is applied within my cyber defense strategy by utilizing many modules such as EDR, GenAI, SOAR module and combines with the SIEM module."
"Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing."
"Elastic Security offers advanced features such as machine learning and integration with ChatGPT."

Room for Improvement

Elastic Security requires enhancements in authentication, AI and machine learning integration, and dashboard usability. Users find documentation insufficient and the setup process complex. There's a need for better automation and scalability, along with improved support for legacy systems. Pricing and support are areas of concern. Log management and indexing could be made easier, and more prebuilt security rules would help streamline operations. Enhanced integrations and a more intuitive interface are additional requests.

"Installation is a little bit overwhelming, so improvements on the installation site could make it easier."
"Continuous upgrades can be quite inconvenient. My security testing team continuously reports vulnerabilities, and we have to fix and update the versions frequently."
"Elastic Security consumes a lot of resources, requiring a substantial deployment setup."

ROI

Users generally observe a positive return on investment within one to two years after deploying Elastic Security. Elastic Security offers financial benefits by reducing costs compared to firewall vendor solutions. Feedback highlights its effectiveness in identifying bugs and impacting security costs. The community-based nature suits security scholars and small to medium enterprises without requiring large budgets. Although premium support receives criticism, the technical and financial benefits are frequently praised by organizations.

Pricing

Elastic Security is widely appreciated for its cost-effective pricing and flexibility, particularly as an open-source solution, making it a budget-friendly option for enterprises without significant setup costs. While basic usage is free, advanced features require a subscription based on data volume and licensing is typically aligned with annual or multi-year plans. Users often note the affordability compared to competitors like Splunk and Defender, highlighting Elastic Security's appeal for businesses seeking robust security infrastructure at reasonable costs.

"Compared to other tools, Elastic Security is a cheaper solution."
"I can say that the product is cheaply priced."
"The solution is not expensive and costs around ten dollars a month."

Popular Use Cases

Elastic Security is primarily used by organizations for log management, endpoint protection, and security monitoring. It supports IT monitoring, predictive maintenance, threat hunting, and anomaly detection. Users employ it for gathering logs from firewalls, apps, and servers, feeding this data into Elasticsearch. The platform's functionality extends to infrastructure monitoring, SIEM capabilities, and compliance needs. Security professionals appreciate its capabilities for aggregating logs, performing forensic analysis, and enhancing overall cybersecurity infrastructure.

Service and Support

Many users utilize community support and documentation for Elastic Security, with varying satisfaction levels. Those who access technical assistance encounter mixed experiences; some receive timely, knowledgeable responses, while others face delays. Premium support has mixed reviews, some finding it unresponsive despite high expectations. Elastic Security's community is valued highly for troubleshooting, offering comprehensive resources for users without direct support access. The service is generally considered good with room for faster problem resolution.

Deployment

Elastic Security's initial setup often presents challenges with its complexity, especially when deploying across multiple servers or integrating advanced features like security. While some find it straightforward due to technical backgrounds or small-scale deployment, others experience longer deployment times due to factors like infrastructure design. For many, using documentation and external support aids in smooth setup, though customization demands can add to the difficulty. Trained specialists frequently streamline the process for larger or intricate environments.

Scalability

Elastic Security is considered highly scalable, with users noting its ease of expansion and ability to handle various scales of business, from small to large enterprises. Some encountered initial challenges, like delayed aggregation with Logstash, leading to changes in technology stacks. Users stress the need for proper planning and infrastructure support, especially in cloud environments like AWS. Despite some needing more specialized knowledge, Elastic Security consistently receives high ratings for scalability across different implementations.

Stability

Elastic Security exhibits strong stability, with users noting rare issues and reliable performance. Initial deployment and configuration greatly impact its steadiness, especially with large-scale data. Proper design ensures minimal downtime, and most users rank its stability high, with evaluations between six to ten out of ten. Some configurations may introduce glitches, yet many highlight its consistency over time. Regular updates can cause temporary adjustments but don't significantly affect its long-term reliability.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Elastic Security Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

16%

Government

Financial Services Firm

Comms Service Provider

University

Manufacturing Company

Educational Organization

Retailer

Healthcare Company

Media Company

Insurance Company

Energy/Utilities Company

Real Estate/Law Firm

Non Profit

Construction Company

Hospitality Company

Legal Firm

Aerospace/Defense Firm

Performing Arts

Outsourcing Company

Recreational Facilities/Services Company

Wholesaler/Distributor

Transportation Company

Pharma/Biotech Company

Logistics Company

Consumer Goods Company

Security Firm

Compare Elastic Security with alternative products

Learn more about Elastic Security

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic Security was previously known as Elastic SIEM, ELK Logstash.