Case Study: Kenna Security achieves faster, scalable search across 4 billion documents with Elastic's Elasticsearch

How Kenna Security Speeds Up Search at Scale using Elasticsearch

Kenna Security, a cybersecurity company, faced a major scaling challenge as its Elasticsearch deployment grew to over four billion documents and hundreds of millions of daily updates. Search performance deteriorated as shard counts rose and unbounded user queries (heavy wildcards/ORs) and occasional scoring bugs pushed the cluster to CPU saturation.

Kenna reorganized data by client so searches hit far fewer shards, converted searchable IDs to keyword fields (yielding a ~30% search speed improvement), and rewrote queries to use non-scoring filters wherever possible. They also constrained user-facing search syntax and documented allowed keywords. The result: a far more stable, fast cluster that handles massive scale—supporting billions of documents and ~200M updates per day—while keeping search latency low.

Kenna Security

Molly Struve

Sr. Site Reliability Engineer