Vulnerability management (VM) is a challenging task. Of the three pillars of people, process, and technology, it is the latter that we have the most control over and that can make the greatest impact. We recognize that technology alone is not sufficient and must be accompanied by strong processes and skilled personnel. However, the right technology can greatly facilitate and improve the effectiveness of our vulnerability management efforts.

Free and open access is one of the core principles upon which Elastic was originally built and continues to operate. Our products are free to use, and much of our code is accessible in public source code repositories. In recent years, this commitment to transparency and availability has extended to our security offerings.

When we published the Elastic Global Threat Report in 2022, it included threat trends and correlations from our analysis of telemetry data shared by our users. In addition to telling us about how well features work for them, it also represents our visibility of the threat landscape. About 34% of the techniques we saw were related to defense evasion, which we believe is a direct result of endpoint security innovations.

According to Cybersecurity Ventures, it is estimated that 3.5 million security analyst positions remain unfilled. It’s no surprise, then, that more than a third of CISOs find the skills shortage to be their primary challenge, according to the ThoughtLab study Cybersecurity Solutions for a Riskier World.

Cyber attacks are becoming more frequent, targeted, and complex. When it comes to sophisticated attacks, one of the most commonly seen tactics is Lateral Movement. During lateral movement, many attackers try impersonating a legitimate user by abusing admin tools (e.g., SMB, SAMBA, FTP, WMI, WinRM, and PowerShell Remoting) to move laterally from system to system in search of sensitive information.