Dear Search Guard users #2, including Amazon Elasticsearch Service and Open Distro, and others

Back on September 4th, we filed a lawsuit against floragunn GmbH, the makers of Search Guard, a security plugin for Elasticsearch and Kibana, for a multi-year pattern of copying our proprietary code. After filing the claim, we have continued to investigate floragunn’s actions. Today, we have updated our lawsuit in two important ways. First, we have identified additional copying by floragunn with respect to the separate, proprietary code base for our Kibana product. Second, we have identified specific companies and products whose infringement floragunn has induced — that is, third-party products and services that use or are based on the infringing Search Guard code.

We have not made the companies offering these products and services parties to the lawsuit and we have no reason to believe that they intended to use infringing code or create the associated legal risks for themselves and their users. However, their continued use of Search Guard code has left many users with questions. This blog is intended to address the updated claims in the lawsuit and provide answers to those questions.

Additional Copyright Infringement in Search Guard Kibana Plugin

The original lawsuit included examples of copying by floragunn from a range of security features for Elasticsearch: core security features like SSL/TLS, and more advanced features like field- and document-level security. After the lawsuit was announced, we noticed some similarities between the Kibana-related portions of Search Guard and our security features. Upon closer inspection, we identified additional copying by floragunn in several key parts of the Search Guard Kibana plugin, including aspects like user management. These examples go back several years, further confirming the pattern of copying we identified and referenced in our original complaint.

Examples of "Induced Infringement"

We directed our first blog on this topic to Search Guard users - individuals and companies that chose to use Search Guard. Now that we have identified additional third-party products and services that include floragunn’s infringing code, we have created this blog post to address that induced infringement. The amended complaint we filed today names several products and services that use floragunn’s infringing code, including Open Distro for Elasticsearch from AWS, Amazon Elasticsearch Service, ObjectRocket for Elasticsearch, and IBM Cloud Databases for Elasticsearch. While we have no reason to believe that these companies intended to use infringing code (and have not named them as defendants in the lawsuit), it’s important to be aware that floragunn's actions have put these companies and their customers in the position of running and using infringing code.

We believe that all Search Guard users are a part of the Elastic community. As you consider your options, please be aware that Elasticsearch includes free security features by default (both on-prem and in Elastic Cloud), which will help ensure you don’t need to run an unprotected cluster. We want to help, so please reach out to us at if you have questions.