Best IT Security Software for Elasticsearch - Page 2
View:
Compare the Top IT Security Software that integrates with Elasticsearch as of November 2025 - Page 2
Sort By:
This a list of IT Security software that integrates with Elasticsearch. Use the filters on the left to add additional filters for products that have integrations with Elasticsearch. View the products that work with Elasticsearch in the table below.
-
1
IRI Voracity
IRI, The CoSort Company
Voracity is the only high-performance, all-in-one data management platform accelerating AND consolidating the key activities of data discovery, integration, migration, governance, and analytics. Voracity helps you control your data in every stage of the lifecycle, and extract maximum value from it. Only in Voracity can you: 1) CLASSIFY, profile and diagram enterprise data sources 2) Speed or LEAVE legacy sort and ETL tools 3) MIGRATE data to modernize and WRANGLE data to analyze 4) FIND PII everywhere and consistently MASK it for referential integrity 5) Score re-ID risk and ANONYMIZE quasi-identifiers 6) Create and manage DB subsets or intelligently synthesize TEST data 7) Package, protect and provision BIG data 8) Validate, scrub, enrich and unify data to improve its QUALITY 9) Manage metadata and MASTER data. Use Voracity to comply with data privacy laws, de-muck and govern the data lake, improve the reliability of your analytics, and create safe, smart test data -
2
IRI Data Protector Suite
IRI, The CoSort Company
The IRI Data Protector suite contains multiple data masking products which can be licensed standalone or in a discounted bundle to profile, classify, search, mask, and audit PII and other sensitive information in structured, semi-structured, and unstructured data sources. Apply their many masking functions consistently for referential integrity: IRI FieldShield® Structured Data Masking FieldShield classifies, finds, de-identifies, risk-scores, and audits PII in databases, flat files, JSON, etc. IRI DarkShield® Semi & Unstructured Data Masking DarkShield classifies, finds, and deletes PII in text, pdf, Parquet, C/BLOBs, MS documents, logs, NoSQL DBs, images, and faces. IRI CellShield® Excel® Data Masking CellShield finds, reports on, masks, and audits changes to PII in Excel columns and values LAN-wide or in the cloud. IRI Data Masking as a Service IRI DMaaS engineers in the US and abroad do the work of classifying, finding, masking, and risk-scoring PII for you. -
3
Emgage
Emgage
The perfect business software at the price and speed of an off-the-shelf software at the value of custom-made software. Whether you’re a business or technology professional, get the incredible flexibility, performance, and near-infinite scalability to deploy or build any software in a fraction of the time and cost. Emgage Application Platform is a fully managed collection of services that are simple to use but can power nearly any functionality that you can dream of. Our applications are built on the core of the Emgage Application Platform, a robust and integrated set of technologies that enables powerful capabilities so you can build or expand your applications while staying anchored to a common foundation. Use your data and content without having to worry about where it lives. Connect hundreds of data sources to create a rich data infrastructure. Don’t lose sleep worrying about your business-critical applications.Starting Price: $0.00945 per month per unit -
4
IIS Inspector
IIS Inspector
Capture detailed information for every request without the need for log files. IIS Inspector does not use log files, it uses ETW instead. Capture both execution time and flush time (the time it takes to send a response to the client) for each request. Capture CPU, memory, .NET exceptions, app pool recycles, bandwidth, and much more. Understand the performance of any website hosted in IIS, including ASP.NET and PHP. IIS Inspector reports Microsoft IIS KPIs to Elasticsearch, which is visualized by Kibana. IIS Inspector comes with default visualizations, but you can easily create your own. Thanks to the power of Kibana, you can quickly Discover and Visualize verbose request information captured from Microsoft IIS by IIS Inspector. You can also create your own custom alerts using Elasticsearch's watcher. IIS Inspector comes with several default watch definitions to make it easy to get started. IIS Inspector gives you the detailed output of what Microsoft IIS is caching and compressing.Starting Price: $15.98 one-time payment -
5
DOT Anonymizer
DOT Anonymizer
Mask your personal data while ensuring it looks and acts like real data. Software development needs realistic test data. DOT Anonymizer masks your test data while ensuring its consistency, across all your data sources and DBMS. The use of personal or identifying data outside of production (development, testing, training, BI, external service providers, etc.) carries a major risk of data leak. Increasing regulations across the world require companies to anonymize/pseudonymize personal or identifying data. Anonymization enables you to retain the original data format. Your teams work with fictional but realistic data. Manage all your data sources and maintain their usability. Invoke DOT Anonymizer functions from your own applications. Consistency of anonymizations across all DBMS and platforms. Preserve relations between tables to guarantee realistic data. Anonymize all database types and files like CSV, XML, JSON, etc.Starting Price: €488 per month -
6
Sandfly Security
Sandfly Security
Trusted on critical infrastructure globally, Sandfly delivers agentless Linux security with no endpoint agents and no drama. Instant deployment without compromising stability or needing endpoint agents. Sandfly is an agentless, instantly deployable, and safe Linux security monitoring platform. Sandfly protects virtually any Linux system, from modern cloud deployments to decade-old devices, regardless of distribution or CPU architecture. Besides traditional Endpoint Detection and Response (EDR) capabilities, Sandfly also tracks SSH credentials, audits for weak passwords, detects unauthorized changes with drift detection, and allows custom modules to find new and emerging threats. We do all of this with the utmost safety, performance, and compatibility on Linux. And, we do it without loading agents on your endpoints. The widest coverage for Linux on the market. Sandfly protects most distributions and architectures such as AMD, Intel, Arm, MIPS, and POWER CPUs. -
7
Trapster
Ballpoint
Trapster is a complete Deceptive Security platform that uncovers intrusions by deploying convincing decoy systems within your network, luring attackers into revealing their presence. Its powerful detection capabilities are built on three key components: 1) Network-Based Honeypot Server: launches virtual machines on your Hypervisor or Cloud, supporting 15+ protocols. It detects scans and lateral movements, delivering real-time alerts via email, dashboard, webhooks, syslog, or API. Effortlessly auto-configured and maintenance-free for seamless integration. 2) Lures (Honeytokens): plants deceptive files, URLs, API keys, or database entries to trap attackers early. 3) External Login Panel: mimics authentic login interfaces to expose credential leaks before they’re exploited. Unlike traditional security tools, Trapster proactively identifies threats that evade conventional detection, empowering organizations to stay one step ahead.Starting Price: $1000/year -
8
NetWatch.ai
NetWatch.ai
NetWatch.ai offers a comprehensive, AI-driven monitoring and security platform designed to replace fragmented tools with an integrated solution for modern IT environments. The platform is structured around three core product lines, NetWatch OPS, a server and network monitoring solution providing real-time insights, proactive alerts and streamlined resource management; Secure OPS, a hybrid SIEM built for unified security monitoring and compliance across cloud and on-premises infrastructures; and AI OPS, which uses machine learning to predict issues, automate remediation workflows and elevate operational performance. A patented “AI System Administrator” acts as a virtual operator that monitors customer infrastructure, connects via API to existing workflows, and offers complete visibility and automation. For organizations seeking turnkey expertise, NetWatch.ai also delivers Hive OPS SOC, a tiered Security Operations Center as a service with 24/7 monitoring, incident response, and more. -
9
D3 Smart SOAR
D3 Security
D3 Security leads in Security Orchestration, Automation, and Response (SOAR), aiding major global firms in enhancing security operations through automation. As cyber threats grow, security teams struggle with alert overload and disjointed tools. D3's Smart SOAR offers a solution with streamlined automation, codeless playbooks, and unlimited, vendor-maintained integrations, maximizing security efficiency. Smart SOAR's Event Pipeline normalizes, de-dupes, enriches and correlates events to remove false positives, giving your team more time to spend on real threats. When a real threat is identified, Smart SOAR brings together alerts and rich contextual data to create high-fidelity incidents that provide analysts with the complete picture of an attack. Clients have seen up to a 90% decrease in mean time to detect (MTTD) and mean time to respond (MTTR), focusing on proactive measures to prevent attacks. -
10
NetScaler
Cloud Software Group
Application delivery at scale can be complex. Make it simpler with NetScaler. Firmly on-prem. All-in on cloud. Good with hybrid. Whichever you choose, NetScaler works the same across them all. NetScaler is built with a single code base using a software-based architecture, so no matter which ADC form factor you choose — hardware, virtual machine, bare metal, or container — the behavior will be the same. Whether you are delivering applications to hundreds of millions of consumers, hundreds of thousands of employees, or both, NetScaler helps you do it reliably and securely. NetScaler is the application delivery and security platform of choice for the world’s largest companies. Thousands of organizations worldwide — and more than 90 percent of the Fortune 500 — rely on NetScaler for high-performance application delivery, comprehensive application and API security, and end-to-end observability. -
11
Splunk SOAR
Cisco
Splunk SOAR (Security Orchestration, Automation, and Response) is a powerful platform that enables organizations to streamline and automate their security operations. It integrates with various security tools and systems, allowing teams to automate repetitive tasks, orchestrate workflows, and respond to incidents faster. With Splunk SOAR, security teams can create playbooks that automate incident response processes, reducing the time to detect, investigate, and resolve security threats. The platform also offers advanced analytics, real-time threat intelligence, and collaboration tools to enhance decision-making and improve overall security posture. By automating routine tasks and enabling more efficient use of resources, Splunk SOAR helps organizations respond to threats with greater speed and accuracy, minimizing risks and enhancing cybersecurity resilience. -
12
Nightfall
Nightfall
Discover, classify, and protect your sensitive data. Nightfall™ uses machine learning to identify business-critical data, like customer PII, across your SaaS, APIs, and data infrastructure, so you can manage & protect it. Integrate in minutes with cloud services via APIs to monitor data without agents. Machine learning classifies your sensitive data & PII with high accuracy, so nothing gets missed. Setup automated workflows for quarantines, deletions, alerts, and more - saving you time and keeping your business safe. Nightfall integrates directly with all your SaaS, APIs, and data infrastructure. Start building with Nightfall’s APIs for sensitive data classification & protection for free. Via REST API, programmatically get structured results from Nightfall’s deep learning-based detectors for things like credit card numbers, API keys, and more. Integrate with just a few lines of code. Seamlessly add data classification to your applications & workflows using Nightfall's REST API. -
13
Centreon
Centreon
Centreon is a global provider of business-aware IT monitoring for always-on operations and performance excellence. The company’s holistic, AIOps-ready platform is designed for today’s complex, distributed hybrid cloud infrastructures. Centreon monitors the complete IT Infrastructure from Cloud-to-Edge for a clear and comprehensive view. Centreon removes blind spots, monitoring all equipment, middleware and applications that are part of modern IT workflows, from on-premise legacy assets to private and public cloud environments, all the way to the edge of the network, where smart devices and customers combine to create business value. Centreon is constantly current, able to support the most dynamic environments. With auto-discovery capabilities it can keep track of Software-Defined Network (SDN) elements, AWS or Azure cloud assets, Wi-Fi access points or any other component of today’s agile IT infrastructure. -
14
Malwarelytics
Wultra
Protect your app users from mobile malware and other device-related threats. Learn what malware is currently active on your users' devices, see which specific users have insecure devices, and actively help them fix their smartphone's problematic configuration as soon as it shows up on your radar. Mobile malware and cyber attackers became extremely sophisticated. They are looking for new ways to hack your mobile apps and cause damage. By misusing the mobile operating system features, they can gain an advantage and steal your users’ personal data or even money. Avoid these devastating consequences. After all, your business reputation is at stake! Malwarelytics® prevents the most common threats that mobile apps are facing these days and helps your organization stay safe and compliant. Device rooting or jailbreak disables security features provided by the mobile operating system, which opens the device to the attackers. -
15
Secuvy AI
Secuvy
Secuvy is a next-generation cloud platform to automate data security, privacy compliance and governance via AI-driven workflows. Best in class data intelligence especially for unstructured data. Secuvy is a next-generation cloud platform to automate data security, privacy compliance and governance via ai-driven workflows. Best in class data intelligence especially for unstructured data. Automated data discovery, customizable subject access requests, user validations, data maps & workflows for privacy regulations such as ccpa, gdpr, lgpd, pipeda and other global privacy laws. Data intelligence to find sensitive and privacy information across multiple data stores at rest and in motion. In a world where data is growing exponentially, our mission is to help organizations to protect their brand, automate processes, and improve trust with customers. With ever-expanding data sprawls we wish to reduce human efforts, costs & errors for handling Sensitive Data. -
16
CrowdSec
CrowdSec
CrowdSec is a free, open-source and collaborative IPS to analyze behaviors, respond to attacks & share signals across the community, outnumbering cybercriminals all together. Set up your own intrusion detection system. Apply behavior scenarios to identify cyber threats. Share and benefit from a crowdsourced and curated cyber threat intelligence system. Define the type of remediation you want to apply and where. Leverage the community’s IP blocklist and automate your security. CrowdSec is designed to run seamlessly on virtual machines, bare-metal servers, containers or to be called directly from your code with our API. Our strength comes from our cybersecurity community that is burning cybercriminals’ anonymity. By sharing IP addresses that aggressed you, you help us curate and redistribute a qualified IP blocklist to protect everyone. CrowdSec is 60x faster than tools like Fail2ban and can parse massive amounts of logs in no time. -
17
LogMan.io
TeskaLabs
TeskaLabs Logman.io is a modern and effective tool for log management, collection, archiving, and log analysis. Scalable Log Management can be easily upgraded to the full-scale tool TeskaLabs SIEM (security information and event management). Be always one step ahead of all potential threats and achieve a total overview of the security of your IT infrastructure. Thanks to timely and clear threat detection, TeskaLabs LogMan.io protects important data and sensitive information. TeskaLabs is a cybersecurity expert and therefore all our products meet the security standards of your company. LogMan.io ensures regulatory compliance with legislation covering cyber security and GDPR. Logman.io can grow with your needs. It can be easily upgraded to TeskaLabs SIEM. You can promptly get a central essential overview of the entire IT infrastructure, a full-scale tool for threat modeling, risk management, and vulnerability scanning. -
18
TeskaLabs SIEM
TeskaLabs
A state-of-the-art tool for security information and event management. A security surveillance tool that allows you to automatically monitor, correlate, and evaluate security events and create reports in real-time. TeskaLabs SIEM will bring a central overview of the entire company infrastructure and early detection helps eliminate risks and their possible effects on the operation of your company. TeskaLabs SIEM will always be one step ahead of potential threats and you will gain absolute supervision. TeskaLabs is a cybersecurity expert and therefore all our products meet the security standards of your company. TeskaLabs SIEM ensures regulatory compliance with legislation covering Cyber Security, GDPR, and ISO 27001:2013. Automated real-time detection and reporting of known incidents and anomalies will allow you to quickly react and prioritize the solution to individual incidents. Time savings allow you to proactively search for potential threats. -
19
SeeMetrics
SeeMetrics
Introducing a cybersecurity performance management platform for security leaders to see, track, and improve operations. See your security program performance in one place. Turn to one centralized place to understand how your stack has been performing and how it can perform better. Stop chasing after and consolidating data. Decide, plan and invest based on data, not on intuition. Actionable information about products, people and budget allow you to make more informed decisions about your corporate security. Identify gaps in your cyber resilience and performance based on cross-product insights and real-time threats. Enjoy out of-the-box, dynamic metrics that you can share and communicate easily with non-technical audiences. SeeMetrics’ agentless platform integrates with all of your existing tools so you can start generating insights within minutes. -
20
Learn what a digital risk protection solution is and how it can help you be better prepared by understanding who is targeting you, what they’re after, and how they plan to compromise you. Google Digital Risk Protection delivers a broad digital risk protection solution either via stand-alone self-managed SaaS products or a comprehensive service. Both options give security professionals visibility outside their organization, the ability to identify high-risk attack vectors, malicious orchestration from the deep and dark web, and attack campaigns on the open web. The Google Digital Risk Protection solution also provides contextual information on threat actors and their tactics, techniques, and procedures to provide a more secure cyber threat profile. Gain visibility into risk factors impacting the extended enterprise and supply chain by mapping your attack surface and monitoring deep and dark web activity.
-
21
LightBeam.ai
LightBeam.ai
Discover within minutes if sensitive information lurks in places you never expected (screenshots, logs, tickets, messages, tables). With one click, LightBeam can easily generate executive or delta reports to gain valuable insights into your sensitive data. Automate DSRs leveraging LightBeam's unique PII/PHI graphs comprehensively created from your data infrastructure. Build trust with your users by empowering them to exercise control over their data collection. Continuously monitor how sensitive data is collected, used, shared, and maintained with appropriate safeguards within your organization. -
22
Blink
Blink Ops
Blink is an ROI force multiplier for security teams and business leaders looking to quickly and easily secure a wide variety of use cases. Get full visibility and coverage of alerts across your organization and security stack. Utilize automated flows to reduce noise and false positives in alerts. Scan for attacks and proactively identify insider threats and vulnerabilities. Create automated workflows that add relevant context, streamline communications, and reduce MTTR. Take action on alerts and improve your cloud security posture with no-code automation and generative AI. Shift-left access requests, streamline approvals flows, and unblock developers while keeping your applications secure. Continuously monitor your application for SOC2, ISO, GDPR, or other compliance checks and enforce controls. -
23
SURF Security
SURF Security
Create a security air gap, reduce your attack surface and isolate your business from internal and external exploits, while streamlining SaaS apps and accessing your data. Grants access based on the identity of the users and their devices to any SaaS or on-prem apps. Isolated work environment from device and web threats locally on the endpoint, by encrypting, sandboxing and rendering content. Enforcing enterprise browser security policies like DLP, web filtering, phishing protection, extension management and more. SURF brings Zero-Trust principles to the user via the browser, protecting everyone and everything in the enterprise regardless of role. By configuring only a few policies, IT and security teams can significantly reduce the attack surface. Discover the benefits of utilizing SURF from an Information technology perspective. -
24
Apono
Apono
Use the Apono cloud-native access governance platform to work faster and more securely with self-service, secure, scalable access built for modern enterprises running in the cloud. Discover who has access to what with context. Identify access risk leveraging enriched identity and cloud resource context from the environment. Enforce access guardrails at scale. Apono automatically suggests dynamic policies that fit your business needs, streamlining the cloud access lifecycle and gaining control of cloud-privileged access. Improve your environment access controls with Apono’s AI, which detects high-risk unused, over provisioned and shadow access. Remove standing access and prevent lateral movement in your cloud environment. Organizations can enforce strict authentication, authorization, and audit controls for these high-level accounts, reducing the risk of insider threats, data breaches, and unauthorized access. -
25
Tenzir
Tenzir
Tenzir is a data pipeline engine specifically designed for security teams, facilitating the collection, transformation, enrichment, and routing of security data throughout its lifecycle. It enables users to seamlessly gather data from various sources, parse unstructured data into structured formats, and transform it as needed. It optimizes data volume, reduces costs, and supports mapping to standardized schemas like OCSF, ASIM, and ECS. Tenzir ensures compliance through data anonymization features and enriches data by adding context from threats, assets, and vulnerabilities. It supports real-time detection and stores data efficiently in Parquet format within object storage systems. Users can rapidly search and materialize necessary data and reactivate at-rest data back into motion. Tension is built for flexibility, allowing deployment as code and integration into existing workflows, ultimately aiming to reduce SIEM costs and provide full control. -
26
ThreatStryker
Deepfence
Runtime attack analysis, threat assessment, and targeted protection for your infrastructure and applications. Stay ahead of attackers and neutralize zero-day attacks. Observe attack behavior. ThreatStryker observes, correlates, learns and acts to protect your applications and keep you one step ahead of attackers. Deepfence ThreatStryker discovers all running containers, processes, and online hosts, and presents a live and interactive color-coded view of the topology. It audits containers and hosts to detect vulnerable components and interrogates configuration to identify file system, process, and network-related misconfigurations. ThreatStryker assesses compliance using industry and community standard benchmarks. ThreatStryker performs deep inspection of network traffic, system, and application behavior, and accumulates suspicious events over time. Events are classified and correlated against known vulnerabilities and suspicious patterns of behavior. -
27
ThreatMapper
Deepfence
Open source, multi-cloud platform for scanning, mapping, and ranking vulnerabilities in running containers, images, hosts, and repositories. ThreatMapper discovers the threats to your applications in production, across clouds, Kubernetes, serverless, and more. What you cannot see, you cannot secure. ThreatMapper auto-discovers your production infrastructure. It identifies and interrogates cloud instances, Kubernetes nodes, and serverless resources, discovering the applications and containers and mapping their topology in real-time. Use ThreatMapper to discover and visualize the external and internal attack surface for your applications and infrastructure. Exploiting known vulnerabilities in common dependencies is one of the easiest ways for bad actors to gain a foothold within your infrastructure. ThreatMapper scans hosts, containers, and applications for known vulnerable dependencies, taking threat feeds from over 50 different sources. -
28
Stamus Networks
Stamus Networks
Network-based threat detection and response solutions from Stamus Networks. Expose serious threats and unauthorized activity lurking in your network. We tap into the inherent power of network traffic to uncover critical threats to your organization. We offer the best possible asset-oriented visibility and automated detection to help practitioners cut through the clutter and focus on serious and imminent threats. Stamus Security Platform (SSP) is an open network detection and response solution built on a Suricata foundation that delivers actionable network visibility and powerful threat detection. Stamus Security Platform is trusted by some of the world’s most targeted organizations, including government CERTs, central banks, insurance providers, managed security service providers, financial service providers, multinational government institutions, broadcasters, travel and hospitality companies, and even a market-leading cybersecurity SaaS vendor.
