Try our new research platform with insights from 80,000+ expert users
Elastic Security Logo

Elastic Security Reviews

Vendor: Elastic
3.9 out of 5
Leave a review

What is Elastic Security?

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Get the Elastic Security Buyer's Guide and find out what your peers are saying about Elastic Security, CrowdStrike Falcon, Wazuh and more!
Elastic Security is the #5 ranked solution in top Security Information and Event Management (SIEM) solutions, #7 ranked solution in SOAR tools, #9 ranked solution in XDR Security products, #10 ranked solution in Log Management Software, and #16 ranked solution in EDR tools. PeerSpot users give Elastic Security an average rating of 7.8 out of 10. Elastic Security is most commonly compared to CrowdStrike Falcon: Elastic Security vs CrowdStrike Falcon. Elastic Security is popular among the large enterprise segment, accounting for 51% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 15% of all views.
Buyer's Guide
Elastic Security
August 2025
Get the report
Helped 866,218 peers since 2012

Featured Elastic Security reviews

Read more reviews

Elastic Security mindshare

Product category:
Log Management
As of August 2025, the mindshare of Elastic Security in the Log Management category stands at 2.9%, down from 5.7% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Log Management Market Share Distribution
ProductMarket Share (%)
Elastic Security2.9%
Wazuh13.2%
Grafana Loki8.4%
Other75.5%
Log Management

PeerResearch reports based on Elastic Security reviews

TypeTitleDate
CategoryLog ManagementAug 29, 2025Download
ProductReviews, tips, and advice from real usersAug 29, 2025Download
ComparisonElastic Security vs WazuhAug 29, 2025Download
ComparisonElastic Security vs Splunk Enterprise SecurityAug 29, 2025Download
ComparisonElastic Security vs DatadogAug 29, 2025Download
Suggested products
TitleRatingMindshareRecommending
CrowdStrike Falcon4.3N/A96%132 interviewsAdd to research
Wazuh3.713.2%80%48 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Elastic Security offers valuable features like Elasticsearch Indexing and Kibana visualization tools. Users appreciate the intelligence and speed, threat hunting with AI-related queries, and flexible customization options. The platform's machine learning, scalability, and open-source nature are praised, along with fast search capabilities. Integration, efficient data processing, comprehensive security insights, and proactive alerting are also highly regarded, aiding centralized visibility and rapid response to threats.
  • "Elastic Security is applied within my cyber defense strategy by utilizing many modules such as EDR, GenAI, SOAR module and combines with the SIEM module."
  • "Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing."
  • "Elastic Security offers advanced features such as machine learning and integration with ChatGPT."

Room for Improvement

Elastic Security requires enhancements in authentication, AI and machine learning integration, and dashboard usability. Users find documentation insufficient and the setup process complex. There's a need for better automation and scalability, along with improved support for legacy systems. Pricing and support are areas of concern. Log management and indexing could be made easier, and more prebuilt security rules would help streamline operations. Enhanced integrations and a more intuitive interface are additional requests.
  • "Installation is a little bit overwhelming, so improvements on the installation site could make it easier."
  • "Continuous upgrades can be quite inconvenient. My security testing team continuously reports vulnerabilities, and we have to fix and update the versions frequently."
  • "Elastic Security consumes a lot of resources, requiring a substantial deployment setup."

ROI

Users generally observe a positive return on investment within one to two years after deploying Elastic Security. Elastic Security offers financial benefits by reducing costs compared to firewall vendor solutions. Feedback highlights its effectiveness in identifying bugs and impacting security costs. The community-based nature suits security scholars and small to medium enterprises without requiring large budgets. Although premium support receives criticism, the technical and financial benefits are frequently praised by organizations.

Pricing

Elastic Security is widely appreciated for its cost-effective pricing and flexibility, particularly as an open-source solution, making it a budget-friendly option for enterprises without significant setup costs. While basic usage is free, advanced features require a subscription based on data volume and licensing is typically aligned with annual or multi-year plans. Users often note the affordability compared to competitors like Splunk and Defender, highlighting Elastic Security's appeal for businesses seeking robust security infrastructure at reasonable costs.
  • "Compared to other tools, Elastic Security is a cheaper solution."
  • "I can say that the product is cheaply priced."
  • "The solution is not expensive and costs around ten dollars a month."

Popular Use Cases

Elastic Security is primarily used by organizations for log management, endpoint protection, and security monitoring. It supports IT monitoring, predictive maintenance, threat hunting, and anomaly detection. Users employ it for gathering logs from firewalls, apps, and servers, feeding this data into Elasticsearch. The platform's functionality extends to infrastructure monitoring, SIEM capabilities, and compliance needs. Security professionals appreciate its capabilities for aggregating logs, performing forensic analysis, and enhancing overall cybersecurity infrastructure.

Service and Support

Many users utilize community support and documentation for Elastic Security, with varying satisfaction levels. Those who access technical assistance encounter mixed experiences; some receive timely, knowledgeable responses, while others face delays. Premium support has mixed reviews, some finding it unresponsive despite high expectations. Elastic Security's community is valued highly for troubleshooting, offering comprehensive resources for users without direct support access. The service is generally considered good with room for faster problem resolution.

Deployment

Elastic Security's initial setup often presents challenges with its complexity, especially when deploying across multiple servers or integrating advanced features like security. While some find it straightforward due to technical backgrounds or small-scale deployment, others experience longer deployment times due to factors like infrastructure design. For many, using documentation and external support aids in smooth setup, though customization demands can add to the difficulty. Trained specialists frequently streamline the process for larger or intricate environments.

Scalability

Elastic Security is considered highly scalable, with users noting its ease of expansion and ability to handle various scales of business, from small to large enterprises. Some encountered initial challenges, like delayed aggregation with Logstash, leading to changes in technology stacks. Users stress the need for proper planning and infrastructure support, especially in cloud environments like AWS. Despite some needing more specialized knowledge, Elastic Security consistently receives high ratings for scalability across different implementations.

Stability

Elastic Security exhibits strong stability, with users noting rare issues and reliable performance. Initial deployment and configuration greatly impact its steadiness, especially with large-scale data. Proper design ensures minimal downtime, and most users rank its stability high, with evaluations between six to ten out of ten. Some configurations may introduce glitches, yet many highlight its consistency over time. Regular updates can cause temporary adjustments but don't significantly affect its long-term reliability.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Elastic Security Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company SizeCount
Small Business34
Midsize Enterprise11
Large Enterprise13
By reviewers
By visitors reading reviews
Company SizeCount
Small Business533
Midsize Enterprise341
Large Enterprise907
By visitors reading reviews

Top industries

By visitors reading reviews
Computer Software Company
15%
Government
10%
Comms Service Provider
8%
Financial Services Firm
8%
University
7%
Manufacturing Company
5%
Retailer
4%
Educational Organization
4%
Healthcare Company
4%
Media Company
4%
Insurance Company
3%
Energy/Utilities Company
3%
Non Profit
2%
Construction Company
2%
Hospitality Company
2%
Real Estate/Law Firm
2%
Legal Firm
2%
Performing Arts
2%
Outsourcing Company
1%
Recreational Facilities/Services Company
1%
Aerospace/Defense Firm
1%
Wholesaler/Distributor
1%
Transportation Company
1%
Pharma/Biotech Company
1%

Compare Elastic Security with alternative products

Go!

Learn more about Elastic Security

Additional offerings and benefits:

  • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
  • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
  • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic Security was previously known as Elastic SIEM, ELK Logstash.

Elastic Security customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Related questions

  • 1,436
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
  • 28
What are the advantages of ELK over Splunk?
  • 120
What would you choose for observability: Grafana observability platform or ELK stack?
  • 27
When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
  • 1,436
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
  • 40
Which Windows event log monitoring tool do you recommend?
  • 55
What is the difference between log management and SIEM?
  • 43
Splunk vs. Elastic Stack
  • 12
How can Cloudtrail logs be used effectively to improve log monitoring?
  • 201
Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?

Product Categories

Product Categories
Log Management
Security Information and Event Management (SIEM)
Endpoint Detection and Response (EDR)
Security Orchestration Automation and Response (SOAR)
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Microsoft Defender for Endpoint vs Elastic Security Logo
Microsoft Defender for Endpoint vs Elastic Security
Fortinet FortiEDR vs Elastic Security Logo
Fortinet FortiEDR vs Elastic Security
Datadog vs Elastic Security Logo
Datadog vs Elastic Security
Microsoft Sentinel vs Elastic Security Logo
Microsoft Sentinel vs Elastic Security
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
SentinelOne Singularity Complete vs Elastic Security Logo
SentinelOne Singularity Complete vs Elastic Security
Microsoft Defender XDR vs Elastic Security Logo
Microsoft Defender XDR vs Elastic Security
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Cortex XDR by Palo Alto Networks vs Elastic Security Logo
Cortex XDR by Palo Alto Networks vs Elastic Security
Trellix Endpoint Security Platform vs Elastic Security Logo
Trellix Endpoint Security Platform vs Elastic Security
Elastic Observability vs Elastic Security Logo
Elastic Observability vs Elastic Security
Tanium vs Elastic Security Logo
Tanium vs Elastic Security
Graylog vs Elastic Security Logo
Graylog vs Elastic Security
See all alternatives
 
Elastic Security Reviews Summary
Author infoRatingReview Summary
Assistant Director at PTA4.5We use Elastic Security for centralized monitoring in Pakistan's telecom sector, handling 7,000-8,000 alerts per minute efficiently. While continuous upgrades for vulnerabilities are needed, its community-based model offers cost-effective enterprise security, ideal for security scholars and SMEs.
I Specialist Security Engineer I at Platin Bilisim4.5I've used Elastic Security for two years and find it effective, scalable, and cost-efficient, though installation can be complex. It integrates key modules well, offers strong AI features, and I recommend it for unified security management.
Performance Practice Specialist at a local government with 10,001+ employees4.0I evaluated Elastic Security and found its advanced features, like machine learning and ChatGPT integration, valuable. It's versatile and cost-effective but requires a substantial setup, consuming many resources. Despite a successful proof of concept, I haven't deployed it yet.
Senior Cyber Security Manager at a tech services company with 11-50 employees4.0Elastic Security provides integrated security solutions for enterprises, offering observability, SIEM capabilities, and user-friendly rule creation through Kibana. It’s flexible like Microsoft Sentinel but sometimes struggles with threat identification compared to more established solutions like CrowdStrike and Defender.
Chief Technology Officer & Co-founder at CS24.0I use Elastic Security to consolidate logs from various devices effectively. Its valuable features include anomaly detection and automation. Despite a complex setup, it offers better cost predictability and AI assistance compared to Splunk, making it more affordable.
Cyber Security Engineer II at a healthcare company with 10,001+ employees3.0Elastic Security is highly customizable with easy-to-build dashboards and exceptional speed. However, it's challenging to navigate due to inconsistent formatting and complex data organization, especially without prior knowledge of the environment. We also considered Microsoft Sentinel before choosing Elastic Security.
Information Technology Security Specialist at IPro SIA3.5I use Elastic Security for basic SIEM reporting. Its valuable features include non-licensed agents and a good interface. However, the dashboards lack aesthetic appeal, and query building can be challenging without familiarity with Elastic syntaxes.
Assistant Manager - IT Security at Photon inc3.5We primarily use Elastic Security for log management due to its customizable dashboards, scalability, and affordability. While it's mostly stable, the user interface is complex, and premium support needs improvement. We've also used Wazuh and Rapid7 before.