How Bolt Reduced Security Infrastructure Maintenance by 75% with Elastic Security
Bolt, Europe’s largest mobility super-app serving 150 million customers across 260 cities, deployed Elastic Security on Elastic Cloud with AWS to consolidate its SIEM and protect its rapidly expanding platform. The move cut weekly infrastructure maintenance from 14 hours to 3 hours — a 75% reduction — and eliminated logging availability concerns across the organization.
Impact
75%+
Infrastructure maintenance time reduction
>100M docs in 1 hour
Archived document restoration speed
100% since deployment
Ingestion pipeline uptime
Challenge
Bolt’s small security team was spending more than 14 hours a week maintaining a self-hosted SIEM, leaving insufficient time for strategic security work, while concerns about log availability and the operational cost of scaling self-managed infrastructure grew with the company’s rapid international expansion.
Solution
Bolt migrated to Elastic Security on Elastic Cloud with AWS, replacing its self-hosted SIEM with a fully managed platform that ingests data from networks, cloud infrastructure, SaaS tools, and IAM — reducing maintenance overhead by 75% and delivering prebuilt detection rules, Kibana dashboards, and ML-based anomaly detection.
Tools & Technologies
What Leaders Say
“I’m now spending about three hours a week on infrastructure instead of 14. I’m a lot happier as I can now focus on supporting the security team and the expansion of our urban mobility service to a wider audience.”
“Elastic isn’t just an advanced SIEM solution—the database technology is outstanding. We can onboard data with minimum fuss, investigate events in greater depth, and ultimately achieve greater business value from our investment.”
Sign up to read complete case studies, access detailed metrics, and unlock all use cases.
Full Story
Bolt operates one of Europe’s most complex consumer technology platforms, offering ride-hailing, car sharing, e-scooters, e-bikes, and food delivery to more than 150 million customers across 260 cities in 25 countries. As the company expands aggressively into new markets in Asia, Africa, and Latin America, its attack surface grows in proportion. The security team is small relative to the scale of infrastructure it must defend, making operational efficiency a strategic imperative rather than a preference.
Before deploying Elastic Security, Bolt ran an open-source SIEM with Elasticsearch at the backend. The configuration was functional but operationally expensive: Kadir Burak Mavzer, Cyber Security Engineer at Bolt, was spending more than two days a week — roughly 14 hours — simply keeping systems operational. The overhead left little time for strategic security work, and the team was constantly concerned about data loss and the cost of scaling self-hosted infrastructure. As Iuliia Laaneots, Cybersecurity Engineer at Bolt, put it, the team needed to control and minimize the attack surface without spending unnecessary time on maintenance.
Bolt migrated to Elastic Security on Elastic Cloud running on AWS in a two-week deployment. The platform ingests data from the organization’s networks, cloud infrastructure, SaaS tools, and its largest data source: the company’s identity and access management system. Prebuilt detection rules enabled rapid coverage of the security estate. Kibana dashboards give the team continuous visibility into key metrics, user activity, and incident investigations. Elastic Cloud’s managed infrastructure eliminated the operational burden of cluster scaling and cost estimation.
The operational shift was immediate and significant. Mavzer’s infrastructure maintenance time dropped from 14 hours per week to approximately 3 — a reduction of more than 75%. In one concrete demonstration of platform performance, Elastic Security restored a year’s worth of archived documents — over 100 million records — in a single hour. Ingestion pipelines have run without interruption since deployment. The team also used Elastic’s machine learning capabilities to detect spikes in authentication attempts that had previously gone unnoticed, demonstrating the platform’s ability to surface anomalies beyond what rule-based detection catches.
With infrastructure concerns removed, Bolt’s security team can focus on strategic contribution: expanding coverage, deepening incident investigation capability, and supporting the company’s international growth. Bolt is an Elastic Design Partner, feeding product feedback directly to the Elastic Security roadmap, including engagement with the cloud security posture management team. As Bolt adds new cities and transport modes, the security team is positioned to scale protection in step with the business rather than perpetually catching up.