Elastic Security Reviews

Name: Elastic Security
Brand: Elastic
Rating: 3.9 (66 reviews)

Vendor: Elastic

3.9 out of 5

66 reviews
86% willing to recommend

Leave a review

What is Elastic Security?

Elastic Security stands out for its speed, scalability, and intuitive interface. It integrates seamlessly with Elasticsearch and Kibana, providing efficient data indexing, centralized log management, and intelligent threat identification, all while being open-source.

Get the Elastic Security Buyer's Guide and find out what your peers are saying about Elastic Security, CrowdStrike Falcon, Microsoft Defender for Endpoint and more!

Elastic Security is the #7 ranked solution in top Security Information and Event Management (SIEM) solutions, #11 ranked solution in Log Management Software, #11 ranked solution in SOAR tools, #13 ranked solution in XDR Security products, and #19 ranked solution in EDR tools. PeerSpot users give Elastic Security an average rating of 7.8 out of 10. Elastic Security is most commonly compared to CrowdStrike Falcon: Elastic Security vs CrowdStrike Falcon. Elastic Security is popular among the large enterprise segment, accounting for 46% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 9% of all views.

Helped 891,869 peers since 2012

Featured Elastic Security reviews

Laurentiu Popescu

Chief Product Officer at ClusterPower

The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.

Read full review

Mustafa Duran

I Specialist Security Engineer I at Platin Bilisim

For functionalities or features I would want to see in the next release, it would be related to the configuration part or more customization features. It has an AI, but it does not have an NDR module, specifically a network detection and response module. We are utilizing AI; we implemented the AI assistant in Elastic Security, and our analysts are using the AI assistant to investigate the alarms and some data. It is very useful.

Read full review

SyedAli17

Assistant Director at PTA

The processing part of Elastic Security is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.

Read full review

Elastic Security mindshare

Product category:

As of April 2026, the mindshare of Elastic Security in the Log Management category stands at 3.0%, down from 3.5% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Log Management Mindshare Distribution
Product	Mindshare (%)
Elastic Security	3.0%
Splunk Enterprise Security	6.6%
Wazuh	6.1%
Other	84.3%

Log Management

PeerResearch reports based on Elastic Security reviews

Type	Title	Date
Category	Log Management	Apr 28, 2026	Download
Product	Reviews, tips, and advice from real users	Apr 28, 2026	Download
Comparison	Elastic Security vs Wazuh	Apr 28, 2026	Download
Comparison	Elastic Security vs Splunk Enterprise Security	Apr 28, 2026	Download
Comparison	Elastic Security vs Cribl	Apr 28, 2026	Download

Valuable Features

Valuable features of Elastic Security include efficient Elasticsearch indexing, Kibana visualizations, strong threat detection, machine learning capabilities, and chat-based threat hunting. Its speed and scalability are significant strengths that users highlight. Open-source nature, easy initial setup, customizable dashboards, forensic features, and seamless integration with other tools add value. Its community support, comprehensive documentation, and flexibility in configuration and API use contribute to effective log management and threat analysis.

"We chose Elastic Security because we felt it was the most flexible, cost-effective solution to provide the results needed."
"I think that it's a good solution for a SIEM."
"Overall, the solution is good."

Room for Improvement

Elastic Security needs improvements in authentication features and integration capabilities. It requires enhanced automation and user-friendly dashboards. Users find it complex to configure and challenging for beginners. Documentation needs enhancement for clarity. Machine learning and AI features should be more advanced and mature. Pricing and scalability present challenges, while its user interface could be simplified. Training and technical support are areas that need attention. Integration with legacy systems and prebuilt tools needs enhancement.

"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"Elastic doesn't have the features like other competitors in SIEM. For example, Dynatrace as a solution for SIEM has features that Elastic actually doesn't have."
"There isn't really a very good user experience. You need a lot of training."

ROI

Elastic Security often provides ROI within one and a half to two years. Many mentioned a return often linked to bug detection efficiency. Some highlighted cost savings compared to pricier firewall alternatives. Community-based nature suits security scholars and SMEs without needing hefty budgets. Its integration with SIEM and EDR enhances effectiveness on both technical and financial fronts. However, some have not calculated ROI, with payback periods estimated around three to four years.

Pricing

Elastic Security is largely open-source, offering a cost-effective solution with no charge for basic use. For advanced features, a subscription model is available, making it competitive compared to alternatives like Splunk or Defender. Pricing varies based on environment size or data ingestion rates, with yearly or monthly licensing options. While some users find licensing costs high due to additional charges for specific resources, many consider it affordable, particularly for small to medium enterprises.

"Compared to other tools, Elastic Security is a cheaper solution."
"I can say that the product is cheaply priced."
"The solution is not expensive and costs around ten dollars a month."

Popular Use Cases

Elastic Security is primarily utilized for security monitoring, threat detection, log management, and analytics. Service providers use it to collect and analyze logs and provide SIEM services. It aids in IT monitoring, predictive maintenance, and anomaly detection. Organizations employ it for endpoint protection, infrastructure monitoring, security analytics, application performance monitoring, and managing threat scenarios. Elastic Security's integrated features enhance security posture and allow for centralized log aggregation from diverse sources.

Service and Support

Users mention that Elastic Security customer service and support is responsive and helpful. Community and documentation resources are heavily utilized, especially in open-source environments. While technical support is generally prompt, some users experience delays, noting areas for enhancement, like online chat functionality. Paid versions report better responsiveness compared to open-source users. Overall, community forums and online resources are crucial for troubleshooting, yet vendor support becomes necessary in complex or commercial environments.

Deployment

Many users found Elastic Security's initial setup complex, often due to factors like configuring distributed environments and ensuring proper authentication. However, others mentioned it was straightforward, especially with technical knowledge. Deployments varied in duration, from hours to several months, influenced by infrastructure and customization needs. While some reported needing expert assistance or specialized teams, others highlighted the availability of supportive documentation and community resources to ease the process.

Scalability

Elastic Security is highly adaptable for various business sizes. Users report it can scale easily, especially in cloud environments. They highlight that increasing usage typically requires updating licenses. Several mention potential challenges related to managing infrastructure, but many find its scalability straightforward. Integration skills could be necessary. Some encountered initial scaling issues, which were resolved. Insights suggest it's suitable for small to large enterprises, with many confident in its ability to grow with demand.

Stability

Many users find Elastic Security stable and reliable, with minimal bugs or glitches. It performs consistently well in various environments, especially when configured properly. Some face stability challenges when handling large datasets or during upgrades. The stability may vary based on deployment design and scale. Regular updates can require adjustments. Most rate its stability highly, though a few have noted issues when not properly managed.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Elastic Security Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	34
Midsize Enterprise	11
Large Enterprise	14

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	472
Midsize Enterprise	275
Large Enterprise	641

By visitors reading reviews

Top industries

By visitors reading reviews

Comms Service Provider

Computer Software Company

Government

Financial Services Firm

Manufacturing Company

University

Educational Organization

Construction Company

Media Company

Retailer

Healthcare Company

Outsourcing Company

Insurance Company

Transportation Company

Energy/Utilities Company

Real Estate/Law Firm

Performing Arts

Non Profit

Hospitality Company

Wholesaler/Distributor

Recreational Facilities/Services Company

Marketing Services Firm

Aerospace/Defense Firm

Legal Firm

Religious Institution

Non Tech Company

Logistics Company

Consumer Goods Company

Security Firm

Compare Elastic Security with alternative products

Learn more about Elastic Security

Elastic Security offers robust capabilities in security monitoring, threat identification, and SIEM functionalities. Its open-source nature enhances scalability, facilitating log aggregation and infrastructure monitoring. Users appreciate the intuitive dashboards and machine learning integration, which aid in proactive security measures and anomaly detection. Despite its strengths, improvements are needed in documentation, scalability, and configuration complexity. High data volume pricing and limited machine learning support are concerns, while dashboard enhancement and seamless integration with existing systems are desirable. The platform is widely used for alerting suspicious activities, analyzing logs from firewalls and Active Directory, and providing endpoint protection. It serves as a key tool for security awareness and auditing, integrating effectively with technologies like Kibana and OpenShift.

What are the most notable features of Elastic Security?

Speed and Scalability: Quickly processes large volumes of data with ease.
Intuitive Interface: Provides a user-friendly experience for efficient navigation and management.
Centralized Log Management: Consolidates logs for easier monitoring and analysis.
Threat Identification: Intelligent features help detect and alert potential threats.
Machine Learning Integration: Applies advanced analytics to identify anomalies.

What benefits or ROI should be considered in reviews?

Affordability: Offers cost-effective security solutions.
Flexibility: Adapts to diverse IT environments and security needs.
Forensic Capabilities: Enables detailed security analysis and incident response.
Community Support: Leverages a broad community for shared insights and assistance.

Organizations deploy Elastic Security across industries for log aggregation and security monitoring, detecting unauthorized access, and analyzing system logs. It is essential for infrastructure monitoring and integrates effectively with systems such as Fluentd and OpenShift, supporting comprehensive security views across enterprise environments.

Elastic Security was previously known as Elastic SIEM, ELK Logstash.

Elastic Security customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Related questions

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

What are the advantages of ELK over Splunk?

What would you choose for observability: Grafana observability platform or ELK stack?

When evaluating Log Management tools and software, what aspect do you think is the most important to look for?

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

Which Windows event log monitoring tool do you recommend?

What is the difference between log management and SIEM?

Splunk vs. Elastic Stack

How can Cloudtrail logs be used effectively to improve log monitoring?

Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?

Elastic Security Reviews Summary
Author info	Rating	Review Summary
Chief Product Officer at ClusterPower	5.0	I've used Elastic Security for five years, finding it reliable, scalable, and user-friendly for both internal and managed SIEM services. Its forensic tools and dashboards are valuable, though improved AI would further ease analysts' workloads.
I Specialist Security Engineer I at Platin Bilisim	4.5	I've used Elastic Security for two years and find it effective, scalable, and cost-efficient, though installation can be complex. It integrates key modules well, offers strong AI features, and I recommend it for unified security management.
Assistant Director at PTA	4.5	We use Elastic Security for centralized monitoring in Pakistan's telecom sector, handling 7,000-8,000 alerts per minute efficiently. While continuous upgrades for vulnerabilities are needed, its community-based model offers cost-effective enterprise security, ideal for security scholars and SMEs.
Performance Practice Specialist at a local government with 10,001+ employees	4.0	I evaluated Elastic Security and found its advanced features, like machine learning and ChatGPT integration, valuable. It's versatile and cost-effective but requires a substantial setup, consuming many resources. Despite a successful proof of concept, I haven't deployed it yet.
Senior Cyber Security Manager at a tech services company with 11-50 employees	4.0	Elastic Security provides integrated security solutions for enterprises, offering observability, SIEM capabilities, and user-friendly rule creation through Kibana. It’s flexible like Microsoft Sentinel but sometimes struggles with threat identification compared to more established solutions like CrowdStrike and Defender.
Chief Technology Officer & Co-founder at CS2	4.0	I use Elastic Security to consolidate logs from various devices effectively. Its valuable features include anomaly detection and automation. Despite a complex setup, it offers better cost predictability and AI assistance compared to Splunk, making it more affordable.
Chief ARCHITECT at a manufacturing company with 11-50 employees	3.5	I've been using Elastic Security mainly as an IAM solution for threat-hunting investigations and security incident management. It offers rapid data indexing, root cause analysis features, but lacks discovery capabilities. It's replacing previous solutions like Splunk and IBM QRadar.
Information Technology Security Specialist at IPro SIA	3.5	I use Elastic Security for basic SIEM reporting. Its valuable features include non-licensed agents and a good interface. However, the dashboards lack aesthetic appeal, and query building can be challenging without familiarity with Elastic syntaxes.

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	N/A	97%	141 interviews Add to research
Microsoft Defender for Endpoint	4.1	N/A	95%	214 interviews Add to research

Elastic Security Reviews

What is Elastic Security?

Featured Elastic Security reviews

Elastic Security mindshare

PeerResearch reports based on Elastic Security reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Elastic Security with alternative products

Learn more about Elastic Security

Elastic Security customers

Related questions

Product Categories

Popular Comparisons