Pricing

Elastic Cloud Serverless

Build powerful search experiences, monitor cloud native environments with ease, and enhance security with AI-driven analytics. Enjoy simplified APIs, workload-based autoscaling, and no infrastructure management hassle. Get started quickly and pay only for what you use.

Elastic Security Serverless pricing components

Pricing should be simple. With Elastic Security Serverless, you can spend more time protecting your organization and less time with complicated pricing and packaging details.

  • Ingest

    Ingest all of your security-related data including logs, telemetry, events, alerts, intelligence, context, and anything else your organization needs to defend against threats. We measure the total amount of data you ingest into your serverless project and bill you monthly at the per-GB ingest price of your project’s feature tier.

  • Retention

    Search AI Lake brings together the expansive storage capacity of a data lake and the low latency querying, powerful search and AI relevance capabilities of Elasticsearch.

    You can retain your ingested data in your project's Search AI Lake for as long or short a period as you need. We measure the total amount of ingested data you retain in your serverless project and bill you monthly at the per-GB retention price of your project’s feature tier.

Pricing details and feature tiers

Elastic Security Serverless for security analytics/SIEM is available in two tiers of carefully selected features to enable common security operations.

Pricing details and feature tiers

Security Analytics Essentials

The Security Analytics Essentials tier includes everything you need to operationalize a traditional SIEM in most organizations.

Try for free

Includes

  • Ad hoc analytics
  • Prebuilt detection rules
  • Triage, investigation, and hunting
  • Collaboration workflows
  • Threat intelligence integration
Ingest
$2.25 Per ingested GB
Retention
$0.095* Per retained GB per month
Egress* (Data transfer out of Project)
Recommended

Security Analytics Complete

The Security Analytics Complete feature tier adds advanced security analytics and AI-driven features that many organizations will require when modernizing legacy SIEM systems.

Try for free

Includes

  • Everything in Security Analytics Essentials
  • Entity analytics/UEBA
  • Threat intelligence management
  • Bi-directional response framework
  • Extended security content
  • Elastic AI Assistant
Ingest
$2.75* Per ingested GB
Retention
$0.115* Per retained GB per month
Egress* (Data transfer out of Project)
Ingest
$2.25
Per ingested GB
$2.75
Per ingested GB
Retention
$0.095*
Per retained GB per month
$0.115*
Per retained GB per month
Egress(Data transfer out of Project)
*
*
*Free during the technical preview period

Optional add-ons

Endpoint and Cloud Protection are optional add-ons to security analytics in Elastic Security Serverless. You can choose one or both of these to provide additional protection capabilities over and above the security analytics capabilities included with all Elastic Security Serverless projects.

Endpoint and Cloud Protection add-ons are each available in two tiers of carefully selected features to enable common sets of endpoint and cloud security operations.

  • Optional

    Endpoint Protection add-ons

    Endpoint Protection Essentials tier includes robust protection against malware, ransomware, and other malicious behaviors.

    Endpoint Protection Complete tier adds endpoint response actions and advanced policy management.

  • Optional

    Cloud Protection add-ons

    Cloud Protection Essentials tier protects your cloud workloads, continuously tracks the posture of your cloud assets, and helps you manage risks by detecting configuration issues per CIS benchmarks.

    The Cloud Protection Complete tier adds response capabilities and configuration drift prevention for cloud and container workloads.

If you've already got an existing EDR or cloud security solution, you may not need these add-ons — Elastic Security Serverless works just fine with your alerts and events from your existing systems.

Add-on pricing details and feature tiers

Pricing breakdown

Essentials

Optional
Endpoint Protection
(Per endpoint per month)
$1.25

Includes

  • Elastic Defend integration for malware prevention
  • Ransomware prevention
  • Memory and behavior prevention
Optional
Cloud Protection CSPM
(Per billable asset per month)
$2.00

Includes

  • Cloud native posture management for Kubernetes, AWS, GCP, and Azure environments
Optional
Cloud Workload Protection
(Per billable asset per month)
$1.25

Includes

  • Workload runtime protection
Recommended

Complete

Optional
Endpoint Protection
(Per endpoint per month)
$1.50

Includes

  • Everything in Endpoint Protection Essentials
  • Endpoint response actions
  • Advanced endpoint policy management
Optional
Cloud Protection CSPM
(Per billable asset per month)
$2.00

Includes

  • Everything in Cloud Protection CSPM Essentials
Optional
Cloud Workload Protection
(Per billable asset per month)
$1.25

Includes

  • Everything in Cloud Workload Protection Essentials
  • Drift protection for Containers
  • Response actions
Optional Endpoint Protection (Per endpoint per month)

$1.25

Includes

  • Elastic Defend integration for malware prevention
  • Ransomware prevention
  • Memory and behavior prevention

$1.50

Includes

  • Everything in Endpoint Protection Essentials
  • Endpoint response actions
  • Advanced endpoint policy management
Optional Cloud Protection CSPM (Per billable asset per month)

$2.00

Includes

  • Cloud native posture management for Kubernetes, AWS, GCP, and Azure environments

$2.00

Includes

  • Everything in Cloud Protection CSPM Essentials
Optional Cloud Workload Protection (Per billable asset per month)

$1.25

Includes

  • Workload runtime protection

$1.50

Includes

  • Everything in Cloud Workload Protection Essentials
  • Drift protection for Containers
  • Response actions

Support package

Limited support is included with a Standard subscription; all other support pricing is based on the percentage of your consumption. For more information on what's included in each support level, please go to elastic.co/support.

Support package
Elastic Cloud organization subscription level* Standard Gold Platinum Enterprise
Support and total bill
Support level Limited Base Enhanced Premium
% of charge Included 5% 10% 15%

*Subscription level is selected during sign up

Serverless benefits

The same Elastic Security, just easier

Onboarding has never been simpler. Streamlined workflows and transparent pricing allow you to ingest your security data to start detecting threats, protecting resources, and gaining AI-driven security analytics in minutes.

  • Easy to get started

    Your Elastic Serverless Security project is up and running in minutes. Use one of our hundreds of data source integrations to quickly start ingesting your security logs, events, and intelligence and start defending against threats.

  • All insight, no management

    You don't need another platform or application to monitor. Deploying Elastic Security Serverless means you don't have to worry about managing infrastructure or scaling with dynamic security workloads.

  • Simple ingest-based pricing

    It's simple: for SIEM and security analytics, you pay based on the volume of security data you ingest and retain. That's it. Say goodbye to complex calculations, monthly overages, and committed spends.

    Optional endpoint and cloud asset protection is available for an additional per-asset price.

Discover everything you can do with Elastic serverless