Best IT Security Software for Elastic Observability
View:
Compare the Top IT Security Software that integrates with Elastic Observability as of July 2025
Sort By:
This a list of IT Security software that integrates with Elastic Observability. Use the filters on the left to add additional filters for products that have integrations with Elastic Observability. View the products that work with Elastic Observability in the table below.
What is IT Security Software for Elastic Observability?
IT security software is designed to protect information technology (IT) systems, networks, and data from cyber threats, such as malware, hacking, and unauthorized access. These tools provide various features such as antivirus protection, firewalls, encryption, intrusion detection and prevention systems, and vulnerability management to ensure the integrity, confidentiality, and availability of sensitive information. IT security software helps organizations detect, prevent, and respond to security incidents, mitigate risks, and ensure compliance with industry regulations. It is critical for businesses and individuals to safeguard against cyberattacks, data breaches, and other security vulnerabilities. Compare and read user reviews of the best IT Security software for Elastic Observability currently available using the table below. This list is updated regularly.
-
1
Google Cloud Platform
Google
Google Cloud Platform offers robust IT security tools to protect cloud workloads, including identity management, encryption, and threat detection. GCP’s multi-layered approach ensures that businesses can secure their infrastructure, data, and applications. With tools like Google Cloud Identity & Access Management (IAM) and Google Cloud Security Command Center, businesses can manage risks and compliance. New customers receive $300 in free credits to run, test, and deploy workloads, making it easier to evaluate the platform's IT security features at no upfront cost. GCP’s security tools include automated patch management, vulnerability scanning, and secure authentication, which help mitigate risks and reduce the threat surface. The platform is also designed to meet stringent compliance standards, ensuring that businesses can secure their cloud environments while adhering to industry regulations.Starting Price: Free ($300 in free credits) -
2
Cisco Umbrella
Cisco
Cisco Umbrella's cloud-delivered security enables an immediate improvement in security and compliance posture. That's because DNS is at the heart of every internet connection request. Securing the DNS layer means blocking malicious domains, IP addresses, and cloud applications before a connection is ever established. More than 30,000 organizations depend upon Umbrella DNS to deliver a fast, safe, and reliable internet experience that is simple to deploy and easy to manage. A recent study by GigaOM ranked Cisco #1 in DNS-layer security, and our DNS security contributed to Miercom ranking Cisco #1 in the industry in its laboratory testing of SSE threat efficacy. When you are looking to build upon DNS-layer protection with additional user protection capabilities, including ZTNA, SWG, CASB, DLP, and more, see Cisco Secure Access. Cisco Secure Access features a single client, single manager, and single policy construct protection for multi-function internet access protection and integrated -
3
NetFlow Analyzer
ManageEngine
NetFlow Analyzer is a comprehensive traffic analysis tool that leverages flow technologies to provide real-time visibility into network bandwidth performance. NetFlow Analyzer is primarily a bandwidth monitoring tool, which has optimized thousands of networks globally, offering a holistic view of your network bandwidth and traffic patterns. NetFlow Analyzer is a unified solution that collects, analyzes, and reports on your network's bandwidth usage, and by whom. NetFlow Analyzer is your partner in optimizing bandwidth usage across a million interfaces globally, as well as providing network forensics and network traffic analysis. Reconfigure policies with traffic shaping via ACLs or class-based policies to gain control of the applications that use the most bandwidth. NetFlow Analyzer leverages Cisco NBAR technology to give you deep visibility into Layer 7 traffic and recognize applications that use dynamic port numbers or hide behind known ports.Starting Price: $245 -
4
PagerDuty
PagerDuty
PagerDuty, Inc. (NYSE:PD) is a leader in digital operations management. In an always-on world, organizations of all sizes trust PagerDuty to help them deliver a perfect digital experience to their customers, every time. Teams use PagerDuty to identify issues and opportunities in real time and bring together the right people to fix problems faster and prevent them in the future. PagerDuty's ecosystem of over 350+ integrations, including Slack, Zoom, ServiceNow, AWS, Microsoft Teams, Salesforce, and more, enable teams to centralize their technology stack, get a holistic view of their operations, and optimize processes within their toolsets. -
5
1Password
1Password
1Password is a secure, scalable, and easy-to-use password manager that's trusted by the world's leading companies. Using 1Password makes it easy for your employees to stay safe online. Once 1Password is part of their workflow, good security habits will become second nature. 1Password Advanced Protection is now available with 1Password Business. Set Master Password policies, enforce two-factor authentication team-wide, restrict access with firewall rules, review sign-in attempts and require your team to use the latest version of 1Password. Our award-winning apps are available for Mac, iOS, Linux, Windows, and Android. 1Password syncs seamlessly across devices, so your employees always have access to their passwords. When everyone uses 1Password, your risk goes down — and your productivity goes up.Starting Price: $3.99/month/user -
6
Cloudflare
Cloudflare
Cloudflare is the foundation for your infrastructure, applications, and teams. Cloudflare secures and ensures the reliability of your external-facing resources such as websites, APIs, and applications. It protects your internal resources such as behind-the-firewall applications, teams, and devices. And it is your platform for developing globally scalable applications. Your website, APIs, and applications are your key channels for doing business with your customers and suppliers. As more and more shift online, ensuring these resources are secure, performant and reliable is a business imperative. Cloudflare for Infrastructure is a complete solution to enable this for anything connected to the Internet. Behind-the-firewall applications and devices are foundational to the work of your internal teams. The recent surge in remote work is testing the limits of many organizations’ VPN and other hardware solutions.Starting Price: $20 per website -
7
Okta
Okta
One platform, infinite ways to connect to your employees and customers. Build auth into any app. Create secure, delightful experiences quickly by offloading customer identity management to Okta. Get security, scalability, reliability, and flexibility by combining Okta’s Customer Identity products to build the stack you need. Protect and enable your employees, contractors, and partners. Secure your employees—wherever they are—with Okta’s workforce identity solutions. Get the tools to secure and automate cloud journeys, with full support for hybrid environments along the way. Companies around the world trust Okta with their workforce identity. -
8
CrowdStrike Falcon
CrowdStrike
CrowdStrike Falcon is a cloud-native cybersecurity platform that provides advanced protection against a wide range of cyber threats, including malware, ransomware, and sophisticated attacks. It leverages artificial intelligence (AI) and machine learning to detect and respond to threats in real time, offering endpoint protection, threat intelligence, and incident response capabilities. The platform uses a lightweight agent that continuously monitors endpoints for signs of malicious activity, providing visibility and protection without significant impact on system performance. Falcon’s cloud-based architecture ensures fast updates, scalability, and rapid threat response across large, distributed environments. Its comprehensive security features help organizations prevent, detect, and mitigate potential cyber risks, making it a powerful tool for modern enterprise cybersecurity. -
9
Zscaler
Zscaler
Zscaler, creator of the Zero Trust Exchange platform, uses the largest security cloud on the planet to make doing business and navigating change a simpler, faster, and more productive experience. The Zscaler Zero Trust Exchange enables fast, secure connections and allows your employees to work from anywhere using the internet as the corporate network. Based on the zero trust principle of least-privileged access, it provides comprehensive security using context-based identity and policy enforcement. The Zero Trust Exchange operates across 150 data centers worldwide, ensuring that the service is close to your users, co-located with the cloud providers and applications they are accessing, such as Microsoft 365 and AWS. It guarantees the shortest path between your users and their destinations, providing comprehensive security and an amazing user experience. Use our free service, Internet Threat Exposure Analysis. It’s fast, safe, and confidential. -
10
FortiClient
Fortinet
Multilayered endpoint security with behavior based analysis for prevention against known and unknown threats. Complete real-time visibility of all your global software inventory. Here, there, anywhere. Cloud-delivered FortiClient endpoint protection service designed for small and medium-sized business. Integrated endpoint protection platform that provides automated next-generation threat protection, visibility and control of your software and hardware inventory across the entire security fabric. Identify & remediate vulnerable or compromised hosts across your attack surface. As a key piece of the Fortinet Security Fabric, FortiClient integrates endpoints into the fabric for early detection and prevention of advanced threats. Security events including zero-day malware, botnet detections, and vulnerabilities are reported in real-time. -
11
Proofpoint Email Protection
Proofpoint
Proofpoint Email Protection solutions—deployed as a cloud service or on-premises—protect against malware and threats that don't involve malware, including impostor email, or business email compromise (BEC). Granular email filtering controls spam, bulk "graymail" and another unwanted email. And continuity capabilities keep email communications flowing when your email server fails. Proofpoint Email Protection is the industry-leading email gateway, which can be deployed as a cloud service or on premises. It catches both known and unknown threats that others miss. Powered by NexusAI, our advanced machine learning technology, Email Protection accurately classifies various types of email. And it detects and blocks threats that don’t involve malicious payload, such as impostor email—also known as business email compromise (BEC)—using our Advanced BEC Defense. You can also automatically tag suspicious email to help raise user awareness. And you can track down any email in seconds. -
12
Amazon CloudWatch
Amazon
Amazon CloudWatch is a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers. CloudWatch provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. CloudWatch collects monitoring and operational data in the form of logs, metrics, and events, providing you with a unified view of AWS resources, applications, and services that run on AWS and on-premises servers. You can use CloudWatch to detect anomalous behavior in your environments, set alarms, visualize logs and metrics side by side, take automated actions, troubleshoot issues, and discover insights to keep your applications. CloudWatch alarms watch your metric values against thresholds that you specify or that it creates using ML models to detect anomalous behavior. -
13
Cisco Meraki
Cisco
Network security is hard. Current solutions are complex and tedious to implement. Learn how to simplify security with Cisco Meraki! Trusted by influential brands around the world. With over a million active networks and counting, organizations far and wide count on Meraki to help deliver premium, reliable experiences. All Cisco Meraki devices are centrally and securely managed from the cloud using a single web-based dashboard. Our feature-rich, intuitive architecture enables customers to save time, reduce operating costs, and solve new business problems. The industry standard for easy-to-manage, fast and dependable Wi-Fi. Protect and securely connect what matters most, regardless of location. Uncompromising performance and reliability at the heart of your network. Remote monitoring and identity-based configuration for all your devices.Starting Price: $40.00 -
14
Microsoft Defender Antivirus
Microsoft
Microsoft Defender Antivirus is the next-generation protection component of Microsoft Defender for Endpoint. This protection brings together machine learning, big-data analysis, in-depth threat resistance research, and the Microsoft cloud infrastructure to protect devices in your enterprise organization. Your next-generation protection services include the following capabilities: Behavior-based, heuristic, and real-time antivirus protection, which includes always-on scanning using file and process behavior monitoring and other heuristics (also known as real-time protection). It also includes detecting and blocking apps that are deemed unsafe, but might not be detected as malware, cloud-delivered protection, which includes near-instant detection and blocking of new and emerging threats, dedicated protection and product updates, which includes updates related to keeping Microsoft Defender Antivirus up to date. -
15
Microsoft Defender XDR
Microsoft
Microsoft Defender XDR is an industry-leading extended detection and response (XDR) platform that provides unified investigation and response capabilities across various assets, including endpoints, IoT devices, hybrid identities, email, collaboration tools, and cloud applications. It offers centralized visibility, powerful analytics, and automatic cyberattack disruption to help organizations detect and respond to threats more effectively. By integrating multiple security services, such as Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Identity, and Microsoft Defender for Cloud Apps, it enables security teams to correlate signals across these services, providing a comprehensive view of threats and facilitating coordinated responses. This integration allows for automatic actions to prevent or stop attacks and self-heal affected assets, enhancing overall security posture. -
16
Snyk
Snyk
Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world. Our developer-first approach ensures organizations can secure all of the critical components of their applications from code to cloud, leading to increased developer productivity, revenue growth, customer satisfaction, cost savings and an overall improved security posture. Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and is purpose-built for security teams to collaborate with their development teams. Snyk is used by 1,200 customers worldwide today, including industry leaders such as Asurion, Google, Intuit, MongoDB, New Relic, Revolut and Salesforce. Snyk is recognized on the Forbes Cloud 100 2021, the 2021 CNBC Disruptor 50 and was named a Visionary in the 2021 Gartner Magic Quadrant for AST.Starting Price: $0 -
17
Sophos Firewall
Sophos
The world's best visibility, protection, and response. Superior visibility into risky activity, suspicious traffic, and advanced threats helps you regain control of your network. Powerful next-gen protection technologies like deep learning and intrusion prevention keep your organization secure. Automatic threat response instantly identifies and isolates compromised systems on your network to stop threats from spreading. XG Firewall makes it easy to extend your secure network to employees anywhere. Sophos Connect provides an intuitive VPN connection client that’s easy to deploy and configure. Give your remote workers secure access to resources on the corporate network from Windows and macOS devices. Our small, ultra-affordable XG 86(w) and SD-RED devices provide the ultimate in SOHO protection with always-on dedicated or split-tunnel VPN that’s easy to deploy and manage with a variety of flexible options. -
18
CylanceENDPOINT
BlackBerry
For over a decade, Cylance® AI has been deployed by businesses and governments around the world, stopping both current and future zero-day attacks with validated accuracy. Now it also incorporates the intelligence of generative AI. Cylance® Assistant, our generative AI model trained on BlackBerry's award-winning cyber threat intelligence, helps you achieve more with less. It uses private LLMs for enhanced privacy and accuracy to proactively predict your needs and provide expert guidance. Included with CylanceENDPOINT™, this feature provides lightning-fast expert guidance to security analysts. The result: quicker investigations and efficient resolution of potential security threats.Starting Price: $29 per year -
19
Snort
Cisco
Snort is the foremost Open Source Intrusion Prevention System (IPS) in the world. Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users. Snort can be deployed inline to stop these packets, as well. Snort has three primary uses: As a packet sniffer like tcpdump, as a packet logger — which is useful for network traffic debugging, or it can be used as a full-blown network intrusion prevention system. Snort can be downloaded and configured for personal and business use alike. Once downloaded and configured, Snort rules are distributed in two sets: The “Community Ruleset” and the “Snort Subscriber Ruleset.” The Snort Subscriber Ruleset is developed, tested, and approved by Cisco Talos. Subscribers to the Snort Subscriber Ruleset will receive the ruleset in real-time as they are released to Cisco customers. -
20
pfSense
Netgate
The pfSense project is a free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third party free software packages for additional functionality. pfSense software, with the help of the package system, is able to provide the same functionality or more of common commercial firewalls, without any of the artificial limitations. It has successfully replaced every big name commercial firewall you can imagine in numerous installations around the world, including Check Point, Cisco PIX, Cisco ASA, Juniper, Sonicwall, Netgear, Watchguard, Astaro, and more. -
21
Istio
Istio
Connect, secure, control, and observe services. Istio’s traffic routing rules let you easily control the flow of traffic and API calls between services. Istio simplifies configuration of service-level properties like circuit breakers, timeouts, and retries, and makes it easy to set up important tasks like A/B testing, canary rollouts, and staged rollouts with percentage-based traffic splits. It also provides out-of-box failure recovery features that help make your application more robust against failures of dependent services or the network. Istio Security provides a comprehensive security solution to solve these issues. This page gives an overview on how you can use Istio security features to secure your services, wherever you run them. In particular, Istio security mitigates both insider and external threats against your data, endpoints, communication, and platform. Istio generates detailed telemetry for all service communications within a mesh. -
22
Carbon Black EDR
Broadcom
Carbon Black Endpoint Detection and Response (EDR) by Broadcom offers a comprehensive solution for detecting, investigating, and responding to cybersecurity threats on endpoints. It utilizes advanced behavioral analysis and machine learning to identify suspicious activities in real time, providing security teams with actionable insights to prevent data breaches and mitigate risks. With its cloud-based architecture, Carbon Black EDR enables continuous monitoring, visibility into endpoint activity, and automated threat response. It’s designed to support organizations of all sizes by improving threat detection, reducing investigation time, and enhancing overall endpoint security. -
23
SonicWall Capture Client
SonicWall
SonicWall Capture Client is a unified client platform that delivers multiple endpoint protection capabilities, including next-generation malware protection and application vulnerability intelligence. It leverages cloud sandbox file testing, comprehensive reporting, and enforcement for endpoint protection. Additionally, provide consistent assurance of client security, with easy-to-use and actionable intelligence and reporting. Examine files that are possibly waiting to activate in a cloud sandbox. Rely on dynamic white/blacklisting and cloud intelligence. Utilize advanced static analysis to identify threats during download. Exercise shared threat intelligence from SonicWall’s verdict database. View threat visualization maps to see where threats came from and went. Effortlessly understand your security posture. Catalog your applications and see which ones are vulnerable. -
24
CyberArk Privileged Access Manager
CyberArk
Keep your business safe by preventing the malicious use of privileged accounts and credentials – a common path to an organization’s most valuable assets. The CyberArk PAM as a Service solution leverages leading automation technologies to protect your business as it grows. Attackers never stop seeking ways in. Manage privileged access to minimize risk. Prevent credential exposure and keep critical assets from falling into the wrong hands. Maintain compliance with recorded key events and tamper-resistant audits. Privileged Access Manager easily integrates with a host of applications, platforms and automation tools. -
25
Elastic Cloud
Elastic
Enterprise search, observability, and security for the cloud. Quickly and easily find information, gain insights, and protect your technology investment whether you run on Amazon Web Services, Google Cloud, or Microsoft Azure. We handle the maintenance and upkeep, so you can focus on gaining the insights that help you run your business. Configuration and deployment are a breeze. Simple scaling, custom plugins, and architecture optimized for log and time series data are only a taste of what’s possible. Get the complete Elastic experience with features like machine learning, Canvas, APM, index lifecycle management, Elastic App Search, Elastic Workplace Search, and more — exclusively available here. Logging and metrics are just the start. Bring your diverse data together to address security, observability, and other critical use cases.Starting Price: $16 per month -
26
Azure Application Gateway
Microsoft
Protect your applications from common web vulnerabilities such as SQL injection and cross-site scripting. Monitor your web applications using custom rules and rule groups to suit your requirements and eliminate false positives. Get application-level load-balancing services and routing to build a scalable and highly available web front end in Azure. Autoscaling offers elasticity by automatically scaling Application Gateway instances based on your web application traffic load. Application Gateway is integrated with several Azure services. Azure Traffic Manager supports multiple-region redirection, automatic failover, and zero-downtime maintenance. Use Azure Virtual Machines, virtual machine scale sets, or the Web Apps feature of Azure App Service in your back-end pools. Azure Monitor and Azure Security Center provide centralized monitoring and alerting, and an application health dashboard. Key Vault offers central management and automatic renewal of SSL certificates.Starting Price: $18.25 per month -
27
NGINX
F5
NGINX Open Source: The open source web server that powers more than 400 million websites. NGINX Plus is a software load balancer, web server, and content cache built on top of open source NGINX. Use NGINX Plus instead of your hardware load balancer and get the freedom to innovate without being constrained by infrastructure. Save more than 80% compared to hardware ADCs, without sacrificing performance or functionality. Deploy anywhere: public cloud, private cloud, bare metal, virtual machines, and containers. Save time by performing common tasks through the built‑in NGINX Plus API. From NetOps to DevOps, modern app teams need a self‑service, API‑driven platform that integrates easily into CI/CD workflows to accelerate app deployment – whether your app has a hybrid or microservices architecture – and makes app lifecycle management easier. -
28
Barracuda Spam Firewall
Barracuda
Spam, malicious email and virus attacks are becoming ever more sophisticated. Your corporate email is a gateway that can allow sensitive information to be destroyed or lost as well as for attacks that can hurt your network performance and employee productivity. The Barracuda Spam Firewall scans email and incoming files using three layers of powerful virus scanning technology. The firewall connects to the Barracuda Security Cloud to for the most up-to-date protection against the latest email-borne threats. Threats do not always come from the outside. The firewall also checks for internally tainted email to prevent the spread of viruses that don’t access the email gateway. Barracuda is the industry leader in spam protection for businesses. The Barracuda Spam Firewall leverages Barracuda Central to identify email from known spammers and determine whether domains embedded within emails lead to known spam or malware sites.Starting Price: $699.99/one-time -
29
Sophos UTM
Sophos
Sophos UTM drives threat prevention to unmatched levels. The artificial intelligence built into Sophos Sandstorm is a deep learning neural network, an advanced form of machine learning, that detects both known and unknown malware without relying on signatures. Sophos UTM 9.4 is one of the first Sophos products to offer our advanced next-gen cloud sandboxing technology. Sandstorm provides a whole new level of ransomware and targeted attack protection, visibility, and analysis. It can quickly and accurately identify evasive threats before they enter your network. And, it’s tremendous value: it’s enterprise-grade protection without the enterprise-grade price-tag or complexity. Harden your web servers and Microsoft Enterprise Applications against hacking attempts while providing secure access to external users with reverse proxy authentication. Full SMTP and POP message protection from spam, phishing and data loss with our unique all-in-one protection. -
30
HAProxy Enterprise
HAProxy Technologies
HAProxy Enterprise is the industry’s leading software load balancer. It powers modern application delivery at any scale and in any environment, providing the utmost performance, observability and security. Load balance by round robin, least connections, URI, IP address and several hashing methods. Make advanced decisions based on any TCP/IP information or HTTP attribute with full logical operator support. Send requests to specific application clusters based on URL, domain name, file extension, client IP address, health state of backends, number of active connections, SSL client certificate, and more. Extend and customize HAProxy with Lua scripts that have access to the request/response pipeline. Maintain users' sessions based on TCP/IP information or any property of the HTTP request (cookies, headers, URI, and more). The world’s fastest, and most widely used software load balancer.
