Elastic named Leader in Forrester Wave for security analytics 2025
Elastic has been named a Leader in the Forrester Wave: Security Analytics Platforms, Q2 2025, with the highest possible scores in 14 evaluation criteria, including Artificial Intelligence, Analyst Experience, Investigation, and Deployment Options.
Forrester recognition
Elastic was identified by Forrester Research as a Leader among security analytics platform vendors. The evaluation assessed 17 vendors, and Elastic was the sole participant to achieve perfect scores in both the Real-World Protection and Malware Protection tests.
Forrester's report highlighted Elastic's approach to security and observability use cases. Allie Mellen, Principal Analyst and report author at Forrester, stated, "Elastic is an engineering-driven company that manages and analyses data for security and observability use cases. It has a consistent vision of solving security as a data problem. Its innovation, especially in AI, is at the forefront of the market..."
The report further noted feedback from clients regarding Elastic's service and approach. It stated, "Customers hail Elastic's support, its built-in security expertise, and its generative AI innovators, especially Attack Discovery and its use of retrieval augmented generation. Clients who want to work with an engineering-focused company that prioritises an open and flexible approach and a cost-effective offering are best suited to Elastic."
Criteria and platform features
Elastic achieved the highest possible scores across 14 evaluation criteria, which spanned Federated Search, Artificial Intelligence, Analyst Experience, Investigation, and Deployment options. The Federated Search criterion saw Elastic ranked highest among participants.
Elastic attributes its performance in the evaluation to its focus on operational efficiency, AI transparency, cost control, analysis tools, and adaptable deployment choices. The company says its platform unifies SIEM, threat intelligence, XDR, and cloud security in one environment, designed to minimise tool overlap and complexity for customers.
Elastic's AI model is designed to support, rather than replace, human analysts, offering insights and logic explanations within the workflow, with an aim to foster transparency and augment rather than automate tasks entirely. Cost management and flexibility were also cited, including the removal of paywalls and support for hybrid, air-gapped, and on-premise deployments.
Customer outcomes
Elastic stated that well-known organisations, such as KPN, Booking.com, Infomatica, and several global Fortune 500 companies, use its platform. These customers reportedly see reductions in mean time to respond (MTTR) by up to 99%, as well as broader improvements in visibility and SOC performance, and reduced total cost of ownership. Elastic's approach is described as compatible with open detection rules and federated search, following workflows typical for security analysts.
Elastic believes this recognition affirms the company's direction and approach in meeting the evolving needs of security teams. A spokesperson said Elastic's solutions are designed to provide speed, visibility, and outcomes at scale.
Leadership comment
"Elastic is committed to solving security as a data problem with an open, AI-driven analytics approach that puts analysts in control with visibility across the entire attack surface and augmenting team expertise with context-aware AI," said Santosh Krishnan, General Manager of Security and Observability at Elastic. "For us, being recognised as a Leader by Forrester Research in the 2025 Forrester Wave for Security Analytics reiterates our continued investment in bringing powerful, practical security solutions to our customers."
Forrester has clarified in its publications that it does not endorse any company, product, or service featured in its research or recommend purchasing decisions based solely on its ratings. Information provided in the Forrester Wave reflects the best available resources at the time of publication and may be subject to change.