Elastic, the company behind the most widely used enterprise search engine ElasticSearch and the Elastic Stack, today announced that it has decided to make core security features of the Elastic Stack free and accessible to all users.
ELK Stack or Elastic Stack is a collection of three powerful open source projects—Elasticsearch, Logstash, and Kibana—that many large and small companies are using to format, search, analyse, and visualise a large amount of data in real time.
Since the free version of Elastic Stack by default does not have any authentication or authorisation mechanism, many developers and administrators fail to properly implement important security features manually.
The core security features—like encrypted communication, role-based access control, authentication realms—in previous versions required a paid Gold subscription, but the latest versions 6.8.0 and 7.1.0 of the Elastic Stack released today offers these features for free so that everyone can run a fully secure cluster without any hassle.
Here’s the list of core security features that are now free in the latest Elastic Stack versions as a part of the Basic tier:
- TLS (Transport Layer Security) for encrypted communications.
- File and native realm for creating and managing users.
- Role-based access control for controlling users’ access to cluster APIs and indexes; also allows multi-tenancy for Kibana with security for Kibana Spaces.
images from Hacker News