Security and Alerting for Elasticsearch
Search Guard is a security and alerting plug-in that encrypts and protects your data and data flows in the entire Elastic Stack designed for the modern enterprise.
certificate icon
veracode logoalliance logosecurity logo
tile icon

Multilayer security

Protect your most sensitive data on all levels using role-based access control (RBAC) on your clusters, indices, fields and documents. From top to bottom Search Guard covers it all adding encryption, authentication, authorization, audit logging, multi tenancy and extended features to meet your compliance needs.
Industry standards
Search Guard supports all industry standards for authentication and authorization like LDAP, Active Directory, OpenID, SAML, Kerberos, JSON web tokens or client certificates. By using OpenSSL you can chose from a wide variety of modern and highly secure cipher suites.

Elastic Stack

Search Guard gives you full control over your entire Elastisearch environment. Protect all components of the Elastic stack, including Kibana, Logstash and Beats.
Search Guard is trusted by
company logo
company logo
company logo
company logo
company logo
company logo
company logo
company logo
company logo
certificate icon
Search Guard puts “Security First”. Your data is too valuable to take any security shortcut, which is why our code is rigorously tested by industry leaders, like CA Veracode and NCC. We have been committed to creating truly secure software for elasticsearch since 2013 when no security solution existed for the Elastic Stack.
shield icon
Priority support
Besides our active community forum we also offer priority support to our costumers with a 48h response time, guaranteed. Custom support plans, including follow-the-sun, and Elastic Stack support plans are also available
checkmark icon
Trusted by
We are used in production environments by Fortune 500, federal sector, and innovative start-ups. Our clients span all across the world.
Enterprise security on all levels
key shield icon
dblock icon
key icon
identity icon
Role-based access control
audit icon
Audit logging
people icon
db icon
Elastic stack
computer icon
Licensing models
standard edition
academic & custom
community icon
Community edition
Covers all your basic security needs
Free of charge
Integrated with the entire Elastic Stack
enterprise icon
Enterprise edition
Integrates with major security standards e.g. Active Directory
Field and Document-level Security and access control
Professional management API and Kibana multitenancy
compliance icon
Compliance edition
Designed for meeting compliance regulations e.g. GDPR
Record all read-and-write access to data
Monitor integrity of Elasticsearch installation
We offer an
Academic & Scientific License
, as well as
Custom Licenses
for your personal needs.
ct icon
60-day PoC License
Want to see how your company can benefit from our Compliance edition? Sign up to our 60-day trial, completely free of charge.
arrow icon
What our clients say
  • quote icon
    Search Guard met all of our needs and more. Not only have we found open source tools that meet our needs, but we’ve found a partner that’s worked with us through the development of the new platform. They’ve been responsive and engaged every step of the way.
    - Steve Croce
    Senior Product Manager and Head of User Experience
    quote icon
  • quote icon
    Security is paramount to the protection of our customer’s data. ICHEC chose Search Guard to protect its ELK-Stack environment because of its Single Sign-On authentication integration, access control measures and audit features. The licensing model is also flexible enough as we continue to grow our services.
    - Tim Murphy
    System Administrator
    Irish Centre for High-End Computing (ICHEC)
    quote icon
  • quote icon
    Security is the prerequisite for every project in the IT industry, especially when it comes to data. HEAnet chooses Search Guard to protect its ELK cluster because it provides node-to-node encryption (TLS) and more features such as multi-tenancy, compliance, unlike its competitors who only provide security on the REST layer.
    - Yasvanth Babu
    Middleware System Administrator
    HEAnet CLG
    quote icon
  • quote icon
    The Steinbuch Centre for Computing at KIT is using Search Guard to secure Elasticsearch instances operated in the World Wide LHC Computing Grid Tier-1 center "GridKa" and in the Large Scale Data Facility. Without fine-grained access control we would be unable to expose Elasticsearch to individual users or use single instances for both private and public data. The multitenancy features for Kibana offered by Search Guard are specially useful, enabling us to also use Kibana for public dashboards.
    - Andreas Petzold
    Manager “GridKa” WLCG Tier-1 Center
    Karlsruhe Institute of Technology (KIT) Steinbuch Centre for Computing (SCC)
    quote icon
  • quote icon
    Search Guard makes it possible for us to use the ELK-Stack in a productive environment. We chose Search Guard primarily because of the Active Directory and role-permission features. We find their licensing model incredibly helpful, as well as the fact that we are able to use an unlimited amount of nodes.
    - Arno Haß
    Project Manager
    Max-Delbrück Centre for Molecular Medicine
    quote icon
  • quote icon
    We have chose SearchGuard because it matches our values of technical rigour, openness, and auditability. It is enabled us to ensure that data in transit is secure against eavesdropping in off-prem environments, to implement verifiable and granular access to our Elastic clusters, and most importantly to give our analysts access to restricted data sets with confidence that PII remains protected and confidential.
    - Tom
    Deflect (DDoS protection CDN) & Deflect Labs (DDoS research)
    quote icon
follow us
twitter iconfacebook iconlinkedIn iconyoutube icon
stay updated
For the latest product developments, new versions and cybersecurity news, sign up to our newsletter.