Dear Search Guard Users

It came to our attention that the developers of Search Guard, a security plugin for Elasticsearch from floragunn GmbH, directly copied source code from our proprietary security features into their product. In looking deeper, we discovered a pattern of intellectual property theft that has apparently been going on for years. Whether open source or proprietary, any responsible creator must protect their work. So earlier today, we filed a lawsuit in the United States District Court for the Northern District of California against floragunn GmbH for copyright infringement and contributory copyright infringement.

We want to reach out to all users of Search Guard to let them know that the actions of floragunn may have put them in the position of running infringing code. This probably wasn’t what you expected when you implemented Search Guard, and you likely have many questions. As a starting point, we’re sharing what we know and what we’re doing about it.

About a month after we made the code of our proprietary features publicly accessible, developers of Search Guard directly copied the source code for some of our more advanced security features and used it in Search Guard. As we looked deeper, we discovered that this appears to be just the latest and most brazen example in a pattern of copying that goes back many years. We have now identified a number of examples spread across several parts of Search Guard, where their developers copied or created derivative code from our copyrighted code, in some cases shortly after we made deep technical changes to our code. Most of these instances of copying occurred before we opened our proprietary code last year, which means the Search Guard developers intentionally decompiled our binary releases in order to copy our code.

The structure, timing, and number of these instances — both before and after we opened our proprietary code — show a sustained pattern of IP theft that cannot be dismissed as license confusion or a one-off example of coincidental inspiration.

We are pursuing this matter swiftly and directly, and have taken the following steps:

  • We filed a copyright infringement and contributory copyright infringement claim against floragunn GmbH / Search Guard in the United States District Court for the Northern District of California. Case number 4:19-cv-05553
  • We issued a DMCA takedown notice to GitHub and Sonatype, to prevent distribution of the infringing code to new users.

All Search Guard users are a part of the Elastic community, and it is unfortunate that floragunn’s actions may have put you in the position of running infringing code. As you consider your options, please be aware that Elasticsearch now includes free security features by default, which will help ensure you don’t need to run an unprotected cluster. We want to help, so please reach out to us at if you have questions.

Editor’s Note (September 4, 2019): A previous version of this blog post referenced case number 3:19-cv-05553. This post has been updated to reference case number 4:19-cv-05553.

Editor's Note (November 26, 2019): An update about this lawsuit is available in this announcement.