List of Elastic Security Customers
Amsterdam, 1016 ED,
Netherlands
Since 2010, our global team of researchers has been studying Elastic Security customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased Elastic Security for Security Information and Event Management (SIEM) from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using Elastic Security for Security Information and Event Management (SIEM) include: Ahead, a United States based Professional Services organisation with 1500 employees and revenues of $4.00 billion, Mimecast, a United Kingdom based Professional Services organisation with 649 employees and revenues of $240.0 million, Proficio, a United States based Communications organisation with 70 employees and revenues of $7.0 million and many others.
Contact us if you need a completed and verified list of companies using Elastic Security, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The Elastic Security customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
Ahead | Professional Services | 1500 | $4.0B | United States | Elasticsearch | Elastic Security | Security Information and Event Management (SIEM) | 2023 | n/a |
In 2023, Ahead deployed Elastic Security as the core Security Information and Event Management (SIEM) platform supporting its Managed SOC and XDR services. The implementation positioned Elastic Security to ingest massive event volumes into Elastic Cloud, centralizing telemetry from client environments across the United States and providing a unified detection and response backbone for Ahead’s security operations.
Elastic Security was configured to deliver enrichment, ML driven detection, and SOAR integration as primary functional capabilities. The deployment emphasized continuous event ingestion and automated analytic pipelines, with machine learning models and detection rules used to surface actionable alerts and drive automated playbook execution within the SIEM.
Integrations included Elastic Cloud for scalable indexing and analytics, and orchestration into SOAR workflows to accelerate containment and remediation, enabling the Managed SOC and XDR teams to operate from a single, cloud native control plane. Operational coverage explicitly spanned Ahead’s client base in the United States and the firm’s internal security operations, aligning monitoring, alerting, and response across engagements.
Governance and process changes focused on standardizing detection engineering, formalizing automated playbooks, and centralizing triage workflows within Elastic Security. The implementation achieved materially stated outcomes, reducing triage time by 73 percent, reaching a 92 percent automated resolution rate, and maintaining a mean time to remediation under seven minutes for clients.
|
 |
Mimecast | Professional Services | 649 | $240M | United Kingdom | Elasticsearch | Elastic Security | Security Information and Event Management (SIEM) | 2021 | Elastic |
In 2021, Mimecast deployed Elastic Security on Elastic Cloud on AWS to centralize security telemetry and accelerate onboarding of new data sources across its global operations, improving detection and remediation workflows in the UK and globally. The deployment is framed as a Security Information and Event Management (SIEM) implementation using Elastic Security, with the vendor and services delivered by Elastic and Elastic Consulting/Professional Services.
The Elastic Security implementation focused on core SIEM capabilities including centralized log and event ingestion, event correlation, detection rule orchestration, alerting, and security analytics. Configuration work emphasized data onboarding pipelines and index management on Elastic Cloud on AWS to reduce time to ingest and normalize diverse telemetry, while dashboards and detection engineering were used to operationalize monitoring and investigations.
Integrations were implemented to absorb telemetry from Mimecast's global estate, supporting security operations and incident response processes across the organization. Operational coverage explicitly included Mimecast security operations teams in the UK and international sites, with work to standardize ingest formats and accelerate onboarding of additional data sources to broaden detection coverage.
Governance and process changes were supported by Elastic Consulting/Professional Services, which helped standardize detection workflows, establish alert triage processes, and document operational playbooks. Mimecast reported a reduction in severe incidents of about 95 percent and a roughly 50 percent reduction in security management overhead following the Elastic Security deployment.
|
 |
Proficio | Communications | 70 | $7M | United States | Elasticsearch | Elastic Security | Security Information and Event Management (SIEM) | 2024 | n/a |
In 2024, Proficio implemented Elastic Security to centralize security telemetry and accelerate SOC workflows. Proficio is a global MSSP and deployed Elastic Security with SIEM and AI features across its SOCs in San Diego, Singapore, and Barcelona. The implementation uses Elastic Security to deliver Security Information and Event Management (SIEM) capabilities that support threat detection and investigative operations across the company.
Core functional capabilities implemented include SIEM ingestion pipelines, AI driven detection and alerting, analytics and investigation workflows, and case handling to accelerate triage. Configuration work focused on detection rule tuning and automated enrichment to reduce analyst time spent on initial investigations, aligning Elastic Security functionality with SOC playbooks and monitoring processes. The deployment emphasized automated alert prioritization and analyst-facing investigation tooling consistent with Security Information and Event Management (SIEM) operational patterns.
Operational coverage spans Proficio SOC operations in San Diego, Singapore and Barcelona, centralizing telemetry and standardizing detection and response across sites. Governance changes established unified incident response playbooks and standardized analyst workflows to support cross site escalations and scalability of the SOC service. The deployment boosted SOC efficiency by approximately 50 percent and cut investigation time by 34 percent, and Proficio projects cost savings of about $1,000,000 over three years.
|
Buyer Intent: Companies Evaluating Elastic Security
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated | ||
|---|---|---|---|---|---|---|---|---|
| No data found | ||||||||