We just raised a $30M Series A: Read our story

Elastic Security OverviewUNIXBusinessApplication

What is Elastic Security?

Endgame's converged endpoint security platform is transforming security programs - their people, processes and technology - with the most powerful endpoint protection and simplest user experience, ensuring analysts of any skill level can stop targeted attacks before information theft. Endgame unifies prevention, detection, and threat hunting to stop known and unknown attacker behaviors at scale with a single agent.

Buyer's Guide

Download the Endpoint Detection and Response (EDR) Buyer's Guide including reviews and more. Updated: November 2021

Elastic Security Customers
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Elastic Security Video

Archived Elastic Security Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
TV
Manager- Information Security at a tech services company with 51-200 employees
Real User
Good threat hunting and capability for AI chat-related queries with very good stability

Pros and Cons

  • "The stability of the solution is good."
  • "The solution could offer better reporting features."

What is our primary use case?

We primarily use the solution for endpoint protection.

What is most valuable?

The best feature would be the threat hunting and its AI chat-related queries. It's simple. You can just chat with the system so it can get you the report based on a chat rather than going through a configuration. It's got a built-in artificial solution, a chatbot.

The interface of the solution is good.

What needs improvement?

The solution could offer better reporting features.

For how long have I used the solution?

I've been using the solution for three years.

What do I think about the stability of the solution?

The stability of the solution is good.

We use a Linux box. And it's a hardened VM so you don't have to worry about any kind of batches, etc. You just deploy and start using, and it's quite stable and hasn't broken down on us at all.

What do I think about the scalability of the solution?

In terms of scalability, you just need to keep increasing your endpoint licenses. That's the only thing. It's as easy as getting a new license updated and then you can start deploying it to the new endpoints. Right now, we have around 500 end users. We have a buffer of 1,000, so we can add about 400 more endpoints, so we are ready to grow if we need to. I don't know if we'll extend beyond that.

Which solution did I use previously and why did I switch?

We didn't previously use a different solution.

How was the initial setup?

The initial setup is straightforward. Deployment can take up to four days.

What about the implementation team?

We used a reseller to assist us with the deployment. Our experience with them was positive.

What's my experience with pricing, setup cost, and licensing?

We pay a yearly licensing fee.

What other advice do I have?

I'd advise others to definitely do a POC, and have a plan for at least a couple of months, to see the benefits of it and then decide if it's the right solution for them.

You would need some kind of technical knowhow, not on the product, but on the kinds of incidents which you could face. You need some hands-on knowledge.

I'd rate the solution eight out of ten. The solution is effective. They even offer Mac versions now.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Ankit Satsangi
Former CISO | Cyber Security Enthusiast at a tech services company with 51-200 employees
Real User
The system intelligence gives you good detail for creating intelligence reports

Pros and Cons

  • "The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
  • "The solution could also use better dashboards. They need to be more graphical, more matrix-like."

What is most valuable?

The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the attacks within an organization is good. The intelligence bit that it gathers from within itself is really good. It's pretty accurate and gives you good details to create an intelligence report and present that to your C-level management. 

What needs improvement?

I think user interface could be improved. They should introduce a hybrid model, because for now, Endgame is purely on premises. They do not have a full-blown model. They don't market themselves that way, which is why customers lose out on a lot of information. They don't know if the product is worth the trial or not because it's an organization that is going completely in the direction of digital transformation on the cloud and then Endgame's automatically removed as an option for them. They wouldn't even know Endgame goes on the cloud, because the company does not market it. 

The solution could also use better dashboards. They need to be more graphical, more matrix-like.

For how long have I used the solution?

I've been using the solution for a few months.

What do I think about the stability of the solution?

The solution is pretty stable.

What do I think about the scalability of the solution?

I don't think I can comment on the scalability, because it wasn't in my use case. I was the only primary user; I was testing it because I was testing it against a competitor.

How are customer service and technical support?

I haven't had to reach out to technical support.

How was the initial setup?

The initial setup was a little complex.

What about the implementation team?

We used a deployment consultant, but I installed it on my own.

What other advice do I have?

It works well offline. It works on the cloud as well, but I doubt that it has 100% capability as it does on-premise. There's a difference. Endgame works very well when it's not connected to the internet as well. For example, if it's installed on a computer and the person's out on the road, it's still going to protect. Go through a good assessment of the Endpoint from an Endpoint security assessment methodology perspective.

I would rate this solution 7.5 out of 10 because I know of a solution that does better.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Endpoint Detection and Response (EDR) Report and find out what your peers are saying about Elastic, CrowdStrike, VMware, and more!