Case Study: KPN achieves robust protection from malware and ransomware with Elastic

KPN Harnesses the Elastic Stack to Thwart Security Data Overload

KPN is a leading Dutch telecommunications and IT provider (10.5M mobile and 4.3M broadband subscribers, >10,000 employees) that must protect a vast, distributed infrastructure and large customer base from evolving cyber threats—ranging from DDoS, malware, and ransomware to nation‑backed attackers—while meeting fast‑moving regulations like the EU NIS2 directive.

KPN deployed Elastic Security, Elastic Observability, and Elastic Consulting to power its SOC and secure customers on‑premises, in the cloud, and in hybrid environments. The platform filters 40 billion events daily down to about 100 for investigation, monitors 35,000 customer contact moments per day (50GB of sentiment data), helps accelerate regulatory compliance, and enables 2,000 developers to use log and error analysis for faster, higher‑quality releases.

KPN

Han Pieterse

Senior Solution Architect