How Bolt Reduced Security Infrastructure Maintenance by 75% with Elastic Security

Bolt operates one of Europe’s most complex consumer technology platforms, offering ride-hailing, car sharing, e-scooters, e-bikes, and food delivery to more than 150 million customers across 260 cities in 25 countries. As the company expands aggressively into new markets in Asia, Africa, and Latin America, its attack surface grows in proportion. The security team is small relative to the scale of infrastructure it must defend, making operational efficiency a strategic imperative rather than a preference.

Before deploying Elastic Security, Bolt ran an open-source SIEM with Elasticsearch at the backend. The configuration was functional but operationally expensive: Kadir Burak Mavzer, Cyber Security Engineer at Bolt, was spending more than two days a week — roughly 14 hours — simply keeping systems operational. The overhead left little time for strategic security work, and the team was constantly concerned about data loss and the cost of scaling self-hosted infrastructure. As Iuliia Laaneots, Cybersecurity Engineer at Bolt, put it, the team needed to control and minimize the attack surface without spending unnecessary time on maintenance.

Bolt migrated to Elastic Security on Elastic Cloud running on AWS in a two-week deployment. The platform ingests data from the organization’s networks, cloud infrastructure, SaaS tools, and its largest data source: the company’s identity and access management system. Prebuilt detection rules enabled rapid coverage of the security estate. Kibana dashboards give the team continuous visibility into key metrics, user activity, and incident investigations. Elastic Cloud’s managed infrastructure eliminated the operational burden of cluster scaling and cost estimation.

The operational shift was immediate and significant. Mavzer’s infrastructure maintenance time dropped from 14 hours per week to approximately 3 — a reduction of more than 75%. In one concrete demonstration of platform performance, Elastic Security restored a year’s worth of archived documents — over 100 million records — in a single hour. Ingestion pipelines have run without interruption since deployment. The team also used Elastic’s machine learning capabilities to detect spikes in authentication attempts that had previously gone unnoticed, demonstrating the platform’s ability to surface anomalies beyond what rule-based detection catches.

With infrastructure concerns removed, Bolt’s security team can focus on strategic contribution: expanding coverage, deepening incident investigation capability, and supporting the company’s international growth. Bolt is an Elastic Design Partner, feeding product feedback directly to the Elastic Security roadmap, including engagement with the cloud security posture management team. As Bolt adds new cities and transport modes, the security team is positioned to scale protection in step with the business rather than perpetually catching up.