Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Deep dive on the BLISTER loader

Yesterday, the Elastic Security Research Team released a detailed report outlining technical details regarding the BLISTER launcher, a sophisticated campaign that we uncovered in December 2021. This latest release continues on research we’ve developed while observing the campaign over the last few months — specifically pertaining to the technical details of how the group behind this payload is able to stay under the radar and evade detection for many new samples identified.

Is It Reasonable to Deploy a SIEM Just for Compliance?

Many organizations need to meet various compliance standards, and investing in a security information and event management (SIEM) solution can often help them reach that goal. But it worth the cost and effort to deploy a SIEM solution solely for compliance? Or is there a way to maximize the value of your SIEM by strengthening cybersecurity as well as achieving compliance? This article will help you answer those critical questions.

What's new in Elastic Security 8.2: Streamline analyst workflows with context and expertise

Elastic Security 8.2 powers the efficiency and effectiveness of security teams, arming analysts with invaluable insights and deep visibility into the attacks targeting their organization. The release delivers rich alert contextualization, osquery host inspection directly from an alert, new investigation guides, and the general availability of threat intelligence. Let’s jump in.

Detect cryptocurrency mining in your environment with Datadog Cloud SIEM

Cryptocurrency mining (or crypto mining) can be a lucrative yet resource-intensive operation, so cyber threat actors are targeting more organizations in order to take advantage of their cloud resources for mining. Datadog Cloud SIEM can now help you monitor your cloud-based systems for unwanted crypto mining via a built-in detection rule. All you need to get started is to configure your resource logs with Datadog’s @network.client.ip standard attribute.

Detect Credential Access with Elastic Security

Within our Elastic Security research group, a strong area of focus is implementing detection mechanisms for capabilities we understand adversaries are currently exploiting within environments. We’ll often wait to see the impact that bringing these capabilities to market will have from a detection standpoint. This allows our researchers to explore different detection strategies through these additions, providing deep insight into how effective the Elastic Security platform can be.

5 benefits of integrating corporate SIEM systems

A company can accumulate massive amounts of information that security analysts are not able to monitor instantly. This can mean that priority security alerts either go unnoticed or are considered a false alarm because the appropriate technology is not available, which results in organizations failing to take action in time.

What is SIEM? A guide to cyber Security Information and Event Management

Security information and event management refer to Security Information Management (SIM) and Security Event Management (SEM) through a single pane of glass. SIEM solutions are used by security analysts to monitor any potential threats within the infrastructure of their organisation.

Welcome to the Age of Cybersecurity Attack Stories

Let me tell you a story. Not a bedtime story or the sort of happy-ending story you’d read to your kids. This is a darker, much more serious story. It’s a story about cybersecurity. Specifically, it’s a story about attack stories. You may be asking yourself, what is an attack story? Every cyberattack has a story. And that story consists of a sequence of steps adversaries take to learn, access and control the resources and data of the victims they’re pursuing.

Elastic announces TISAX certification, enhancing security in connected vehicles

Today, connected vehicles are proliferating, smart cities are translating from vision to reality, and cloud-based connectivity services are increasing. Advanced connectivity solutions like 5G, cloud-based services and automations, and personalized experiences are redefining in-vehicle experiences. In addition, the growth of an intelligent Edge, smart infrastructure, and the Internet of Things are pushing the boundaries of the connected car.