Endgame FAQ

For many years, Elastic Endgame has been a trusted solution in endpoint security, protecting numerous organizations from advanced threats. However, since Elastic's acquisition of Endgame in 2019, we have been integrating its core technology into the Elastic Security platform. This shift enables you to gain comprehensive visibility across their entire attack surface, not just endpoints, through a unified security analytics platform. By announcing the end of life for Elastic Endgame, we can focus our efforts on delivering a single, streamlined XDR solution with Elastic Defend, offering customers enhanced protection built on the power of Elastic's leading Search and AI technology.

Learn more about Elastic for XDR.

For self-managed and on-premises deployments, Endgame components will continue to function, however, Endgame cloud services such as ReputationScore will be decommissioned post end-of-life. Endgame SaaS instances will be decommissioned on this date. Additionally, no new protections or security fixes will be added to Elastic Endgame after the end of life.

For self-managed and on-premises deployment, you can continue using Elastic Endgame at no additional cost. However, services such as ReputationScore will be decommissioned and you will be less protected as a result. Additionally, no new protections or security fixes will be added to Elastic Endgame after the end of life.

Endgame 3.50 will be the final major Endgame release. While security patches and bug fixes will be provided until April 30, 2026, no further updates will be available after that date.

We are not offering the option to pay for extended support beyond April 30, 2026.

We recommend migrating to Elastic’s native endpoint protection, Elastic Defend. However, Elastic Security’s XDR capabilities can integrate with third-party endpoint security solutions such as CrowdStrike, SentinelOne, and Microsoft Defender. XDR allows you to maintain your current endpoint solution while benefiting from Elastic’s centralized threat detection, investigation, and response features. Contact us to explore how XDR can enhance your security posture without needing an immediate migration.

While we strongly encourage migrating to Elastic Defend, we understand if you would like to explore other options. Our XDR offering provides comprehensive security capabilities designed to work seamlessly with other endpoint security solutions including CrowdStrike, SentinelOne, and Microsoft Defender. By integrating with leading vendors through open APIs, XDR delivers centralized threat detection, investigation, and response across your entire environment, including endpoints. This means you can benefit from a unified security view, leveraging Elastic's powerful analytics and investigation tools, even if you maintain your current endpoint solution for now. Don't hesitate to contact our team to discuss how XDR can enhance your security posture without requiring an immediate endpoint migration.

Elastic has published an Endgame to Defend migration guide to guide you through the process. We have even added the ability to install Elastic agent via Elastic Endgame, to all hosts currently running Elastic Endgame. This ensures a quick and seamless transition to the agent required by Elastic Security.