USAA, a financial institution serving the U.S. military community, successfully transitioned from traditional security information and event management (SIEM) solutions to the Elastic Stack, significantly enhancing their data management and cyber threat prevention capabilities. This shift, led by Nelly Cyrus from the company's Cyber Threat Operations Center, resulted in cost savings and improved productivity for security analysts, as they could now proactively hunt for malicious activity using advanced logging and monitoring tools. The transition to a multi-cluster setup using Elasticsearch allowed USAA to manage vast amounts of data more efficiently, reducing the time for data snapshots and enabling quick responses to potential threats. The Elastic Stack's open-source nature and robust support from Elastic's engineers were pivotal in advocating for its adoption within the company, demonstrating tangible benefits such as increased analyst productivity and scalability in handling billions of security events daily.