Skip to main content
TrustRadius
Elastic Security

Elastic Security
Formerly Endgame

Overview

What is Elastic Security?

Elastic Security equips analysts to prevent, detect, and respond to threats. The free and open solution delivers SIEM, endpoint security, threat hunting, and cloud monitoring. The solution encompasses Elastic SIEM, which brings Elasticsearch to SIEM and threat hunting. The Elastic…

Read more

Learn from top reviewers

Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Elastic Security?

Elastic Security equips analysts to prevent, detect, and respond to threats. The free and open solution delivers SIEM, endpoint security, threat hunting, and cloud monitoring. The solution encompasses Elastic SIEM, which brings Elasticsearch to SIEM and threat hunting. The Elastic Agent (or Elastic…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

24 people also want pricing

Alternatives Pricing

What is InsightIDR?

In addition to their incident response service, Rapid7 offers InsightIDR, a combined XDR and SIEM that provides user behavior and threat analytics.

Return to navigation

Product Details

What is Elastic Security?

Elastic Security equips analysts to prevent, detect, and respond to threats. The free and open solution delivers SIEM, endpoint security, threat hunting, and cloud monitoring. The solution encompasses Elastic SIEM, which brings Elasticsearch to SIEM and threat hunting. The Elastic Agent (or Elastic Endpoint Security based on the former Endgame security product acquired by Elastic in late 2019) brings signatureless malware prevention to endpoints, as well as security data collection for analytics.

Elastic Security Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(13)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Elastic Security provides insights and analytics on network hosts, alerting users when action is needed to maintain host security. Users recommend integrating Elastic Security with Elasticsearch, Logstash, and Kibana for monitoring cloud service logs. The product is known for its simplicity, ease of use, and reliability in gathering authentication data from service providers. Elasticsearch is a vital tool for searching a parameterized database, ingesting product updates, and analyzing user activity. It has enabled the processing and visualization of large network-related log files, enabling the creation of automated alerting systems. Elastic Security is widely used for threat hunting and as a SIEM solution for SOC teams. Users rely on it for log compliance and monitoring purposes. Logstash is praised for its performance and cost-effectiveness as an open-source tool for creating data pipelines to Elasticsearch and other output destinations. The ELK stack, which consists of Elasticsearch, Logstash, and Kibana, forms the foundation of the audit process. Users appreciate the ability to quickly search SIEM logs using Elasticsearch. It is also valuable for analyzing access logs in ETL workloads. The product helps track and analyze logs to understand user activities. Elasticsearch provides a centralized view of system and client behavior by analyzing Windows and Linux log files. The ELK stack offers easy log search and analysis capabilities, enhancing threat visibility and resolving recurring build system problems.

Reliability and effectiveness: Many users have consistently found Elastic security to be reliable and effective in protecting their sensitive data. They have praised its ability to detect and prevent threats, providing peace of mind for organizations dealing with valuable information.

Ease of setup and configuration: Reviewers appreciate the straightforward setup process of Elastic. The software offers clear documentation and forum support that guides users through the installation and configuration steps. This ease of use helps save time and allows users to quickly start leveraging Elastic's security features.

Visual aspect as a key feature: The visual aspect of Elastic is highly regarded by many users. Its intuitive interface makes it easy to navigate through different features, visualize data, and gain insights. The visually appealing design enhances the user experience, making it enjoyable to work with Elastic on a daily basis.

Confusing User Interface: Some users have mentioned that the user interface can be confusing, making it difficult to find everything in the menu. They feel that the organization of the menu could be improved for better navigation.

Steep Learning Curve: Several reviewers have expressed that the platform's constant changes and new features make it hard to grasp, requiring users to constantly relearn how to use it. This steep learning curve can be a challenge for those who are not tech-savvy or do not have much experience with similar software.

Integration Module Needs Improvement: Users have stated that the integration module needs improvement in order to make it easier to integrate with other software. They feel that streamlining the integration process would save time and effort for users trying to connect different systems.

Reviews

(1-1 of 1)
Companies can't remove reviews or game the system. Here's why

Being in cybersecurity, I highly recommend Endgame

Rating: 9 out of 10
February 26, 2020
Verified User
Vetted Review
Verified User
Elastic Security
1 year of experience
It's being used across the entire organization and helps create threat visibility.
  • Identify 0-day malware.
  • Provides a few forensic details on endpoints.
  • Very easy to administer.
I believe Endgame is well suited to organizations that have their own Cybersecurity department. Its not well suited for organizations that don't have a Cybersecurity department.
  • Being able to identify threats we couldn't identify before.
  • Easier management of endpoints.
  • Being able to immediately isolate endpoints remotely that have high severity threats.
Endgame is based on the MITRE framework which has proven to be a successful framework to identify various attack patterns that attackers use. Also, compared to the others it's easier to administer and manage.
Even though their support is good, I think there are some areas where they need to provide more thorough solutions to issues, some of their solutions are pretty basic and have already been tried.
Return to navigation