We just raised a $30M Series A: Read our story

Elastic Security OverviewUNIXBusinessApplication

Elastic Security is the #18 ranked solution in our list of EDR tools. It is most often compared to Cortex XDR by Palo Alto Networks: Elastic Security vs Cortex XDR by Palo Alto Networks

What is Elastic Security?

Endgame's converged endpoint security platform is transforming security programs - their people, processes and technology - with the most powerful endpoint protection and simplest user experience, ensuring analysts of any skill level can stop targeted attacks before information theft. Endgame unifies prevention, detection, and threat hunting to stop known and unknown attacker behaviors at scale with a single agent.

Buyer's Guide

Download the Endpoint Detection and Response (EDR) Buyer's Guide including reviews and more. Updated: October 2021

Elastic Security Customers
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Elastic Security Video

Elastic Security Reviews

Filter by:
Filter Reviews
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
Filter Unavailable
Filter Unavailable
Order by:
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Showingreviews based on the current filters. Reset all filters
Manager- Information Security at a tech services company with 51-200 employees
Real User
Top 5
Good threat hunting and capability for AI chat-related queries with very good stability

Pros and Cons

  • "The stability of the solution is good."
  • "The solution could offer better reporting features."

What is our primary use case?

We primarily use the solution for endpoint protection.

What is most valuable?

The best feature would be the threat hunting and its AI chat-related queries. It's simple. You can just chat with the system so it can get you the report based on a chat rather than going through a configuration. It's got a built-in artificial solution, a chatbot.

The interface of the solution is good.

What needs improvement?

The solution could offer better reporting features.

For how long have I used the solution?

I've been using the solution for three years.

What do I think about the stability of the solution?

The stability of the solution is good.

We use a Linux box. And it's a hardened VM so you don't have to worry about any kind of batches, etc. You just deploy and start using, and it's quite stable and hasn't broken down on us at all.

What do I think about the scalability of the solution?

In terms of scalability, you just need to keep increasing your endpoint licenses. That's the only thing. It's as easy as getting a new license updated and then you can start deploying it to the new endpoints. Right now, we have around 500 end users. We have a buffer of 1,000, so we can add about 400 more endpoints, so we are ready to grow if we need to. I don't know if we'll extend beyond that.

Which solution did I use previously and why did I switch?

We didn't previously use a different solution.

How was the initial setup?

The initial setup is straightforward. Deployment can take up to four days.

What about the implementation team?

We used a reseller to assist us with the deployment. Our experience with them was positive.

What's my experience with pricing, setup cost, and licensing?

We pay a yearly licensing fee.

What other advice do I have?

I'd advise others to definitely do a POC, and have a plan for at least a couple of months, to see the benefits of it and then decide if it's the right solution for them.

You would need some kind of technical knowhow, not on the product, but on the kinds of incidents which you could face. You need some hands-on knowledge.

I'd rate the solution eight out of ten. The solution is effective. They even offer Mac versions now.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Endpoint Detection and Response (EDR) Report and find out what your peers are saying about Elastic, CrowdStrike, Carbon Black, and more!