Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Join James Spiteri, PMM Director for Elastic Security, as he walks through an entire incident response scenario using several features of the Elastic Search platform including Security features such as SIEM, Endpoint Security, osquery, correlation and case management. Observability features such as logging and APM are also covered as part of this investigative workflow. Additional References.

Elastic Security has introduced the industry’s only free and open Limitless XDR solution. Now, native endpoint security comes on every host, automated detections prioritize the biggest risks, and universal data ingestion and centralized analysis accelerate analyst workflows across triage, investigation, escalation, and response. Join our keynote session to learn what unrestricted data ingestion, visibility, and analysis means for analysts, the impacts that key technology and cloud integrations have on security teams, and what the future with Limitless XDR looks like for organizations worldwide.

In this session, you'll learn how to make sense of Microsoft 365 and Azure AD logs to secure and monitor your environment. Speaker: Eric Ooi, Director of Security and Research, Iron Vine Security

Elastic Security equips analysts to solve their most pressing infosec problems by preventing, detecting, and responding to threats quickly and at scale.

Learn how to use Elastic Security’s ransomware protection to stop threats at scale. In this tutorial, you will learn how to enable ransomware protection through Elastic Security and how our technology uses behaviors — not signatures — to protect your network.

Elastic Security empowers analysts to collect data from multiple data source integrations, perform traditional SIEM functions, and take advantage of machine learning-based malware protection on the endpoint. Analysts can filter, group, and visualize data in real-time while performing automated threat detection across various security events and information. In this video, you’ll learn about the components that make up Elastic Security and what those components do to help you protect your data.

Elastic Security has open sourced all our detection rules to work alongside the security community to stop threats at scale and arm every analyst. As part of our belief in the power of open source, Elastic includes prebuilt rules within the Security App to detect threats automatically. In this video, you’ll learn how you can contribute by creating a new rule, adding your new rule to the detection rules repo, and getting credit for it in the Elastic contributor program.

The detection engine brings automated threat detection to the Elastic Stack through the Security app in Kibana. As part of our belief in the power of open-source, Elastic Security has open sourced all our detection rules to work alongside the security community to stop threats at scale and arm every analyst. In this video, you’ll learn more about the detection engine and how to automate the protection of your data.