Twenty years ago, Elastic CEO Shay Banon built a search engine for his wife’s recipes while she attended cooking school at Le Cordon Bleu. Little did he know that he was cooking up a company that would rise faster than souffle.

Search doesn’t end with Google – Elastic is open source and is used by the likes of Netflix, eBay and Uber for operational and security insights.

GovInsider spoke to Elastic to find out why it decided to go open source, and how their tech helps companies search their data with security and privacy.

Open source technology

Elastic makes its products free and open source so that organisations can test it out before deciding to adopt the full version. They aim “to strike a healthy balance between open source and commercial code in a single, open software stack, in addition to support and services,” the company wrote on its website.

There are several advantages to open source. First, it builds the resilience and reliance of the software. As the old cybersecurity maxim Linus’ Law goes: “Given enough eyeballs, all bugs are shallow.”

As more downloads occur, more people can scrutinise the code and point out errors that may have gone unnoticed by the original Elastic developers. This establishes resilience and reliance as users test, troubleshoot and evolve the code across different use cases. “It’s an effective way to make the best product possible,” says Elastic.

Next, the code is often more secure because it has been thoroughly tested and reviewed by the community, compared to proprietary codes which can have security vulnerabilities that remain undiscovered.

Users will also know how the software will collect and use data, fostering a culture of transparency. This has become increasingly rare, as collection of data by huge closed book tech companies have sparked privacy concerns from governments and citizens alike. To stand out as a cybersecurity vendor, “being transparent about “how” and “what” the product is doing is a great start,” Elastic tells GovInsider.

Unlock the power of data

In today’s data-driven economy, effective search and filtering is key. Elastic recommends centralising data to make it easier to comb through. “If you are trying to search data from multiple different platforms at the source they originate from, it is going to be particularly time consuming, and frustrating,” says Elastic.

Not only should data be easy to filter through – being able to analyse it helps organisations prepare for future risks and challenges. Data can uncover patterns that may be early signals of change or correct misunderstandings of trends that may not happen.

The United States Public Service Credit Union, with the help of Elastic technology, used data analytics to predict financial fraud before it even occurs. Machine learning monitors activity before a credit card is swiped. If customer behaviour falls out of that norm, the PSCU team is alerted to stop the fraud in its tracks.

The credit union has blocked $35 million in fraudulent activity in just 18 months after deploying Elastic technology. It also uses Kibana, Elastic’s data visualisation tool, and Elastic Maps to be notified of pending natural disasters. This enables them to adjust their local customer support accordingly so that members can still access their money and credit in times of crisis.

Netflix is another company that uses Elasticsearch for its messaging system, done through its app push notifications, emails, or text messages. Back in 2012, Netflix noticed that the success rate of message delivery to Brazilian customers was much lower.

By using Kibana, the team found out that users were using invalid phone numbers. They then found out from the national provider that the digit 9 had been added to existing mobile numbers in many regions. Elasticsearch enabled Netflix to quickly discover these issues near real-time and quickly narrow down possible causes, leading to a shorter remediation time.

Offering security solutions

While security analytics was embedded in their solutions for a long time, Elastic broadened their security solutions offering last year. “As time passed, and more and more users and customers started to invest in our technology for this particular use case, we felt it was time to formally start leveraging the technology stack for security,” Elastic tells GovInsider.

Elastic is part of a toolset used by the US Air Combat Command to organise, train and equip the cyber defense force to protect its weapon systems. The Air Combat Command is using Elastic to identify and visualize anomalies on the MIL-STD-1553, a military standard aircraft communication system.

Though Elastic began from humble beginnings, its foundation as an open source company has brought it a long way. Even as it expands, Elastic has promised to remain open source.

“The open source path isn’t always easy. But we firmly believe that it’s the best way to develop software and ensure ongoing success for our products, company, and community,” says Elastic.

Image by US Air Force – CC BY-NC 2.0