Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Elastic

How to Contribute to Detection Rules in Elastic Security - Version 7.10

Jan 4, 2021 By Elastic In Elastic
Elastic Security has open sourced all our detection rules to work alongside the security community to stop threats at scale and arm every analyst. As part of our belief in the power of open source, Elastic includes prebuilt rules within the Security App to detect threats automatically. In this video, you’ll learn how you can contribute by creating a new rule, adding your new rule to the detection rules repo, and getting credit for it in the Elastic contributor program.
View Video

How to Enable Detection Rules via Elastic Security - Version 7.10

Dec 16, 2020 By Elastic In Elastic
The detection engine brings automated threat detection to the Elastic Stack through the Security app in Kibana. As part of our belief in the power of open-source, Elastic Security has open sourced all our detection rules to work alongside the security community to stop threats at scale and arm every analyst. In this video, you’ll learn more about the detection engine and how to automate the protection of your data.
View Video
elastic

Elastic Security provides free and open protections for SUNBURST

Dec 15, 2020 By Devon Kerr In Elastic

On December 13, SolarWinds released a security advisory regarding a successful supply-chain attack on the Orion management platform. The attack affects Orion versions 2019.4 HF 5 through 2020.2.1, software products released between March and June of 2020. Likewise, on December 13, FireEye released information about a global campaign involving SolarWinds supply-chain compromise that affected some versions of Orion software.

Read Post
elastic

Elastic on Elastic: How InfoSec deploys infrastructure and stays up-to-date with ECK

Dec 9, 2020 By Angel Rios In Elastic

This post is part of a blog series highlighting how we embrace the solutions and features of the Elastic Stack to support our business and drive customer success. The Elastic InfoSec Security Engineering team is responsible for deploying and managing InfoSec's infrastructure and tools. At Elastic, speed, scale, and relevance is our DNA and leveraging the power of the Elastic Stack is the heart of InfoSec.

Read Post
elastic

Testing your Okta visibility and detection with Dorothy and Elastic Security

Dec 8, 2020 By David French In Elastic

When approached by stakeholders in their organization, few security teams can confidently demonstrate that logging and alerting capabilities are working as expected. Organizations have become more distributed and reliant on cloud offerings for use cases such as identity and access management, user productivity, and file storage. Meanwhile, adversaries have extended their operational capabilities in cloud environments.

Read Post
elastic

Gaining holistic visibility with Elastic Security

Oct 5, 2020 By Jae Lee In Elastic

Let’s talk visibility for a moment. Security visibility is a data-at-scale problem. Searching, analyzing, and processing across all your relevant data at speed is critical to the success of your team’s ability to stop threats at scale. Elastic Security can help you drive holistic visibility for your security team, and operationalize that visibility to solve SIEM use cases, strengthen your threat hunting practice with machine learning and automated detection, and more.

Read Post
elastic

Security operations: Cloud monitoring and detection with Elastic Security

Aug 20, 2020 By Brent Murphy In Elastic

As many organizations have migrated their infrastructure, applications, and data to cloud offerings, adversaries have extended their operational capabilities in cloud environments to achieve their mission — whether that means stealing intellectual property, disrupting business operations, or holding an organization’s data for ransom.

Read Post
elastic

Introduction to Windows tokens for security practitioners

Aug 20, 2020 By Will Burgess In Elastic

This blog series is aimed at giving defense practitioners a thorough understanding of Windows access tokens for the purposes of detection engineering. Here in Part 1, we'll cover key concepts in Windows Security. The desired outcome is to help defenders understand how access tokens work in Windows environments.

Read Post

Elastic Security - Unified Protection for Everyone - Aug 13, 2020 Elastic meetup

Aug 19, 2020 By Elastic In Elastic
Learn how the latest security capabilities in the Elastic Stack enable interactive exploration, incident management and automated analysis, as well as unsupervised machine learning to reduce false positives and spot anomalies — all at the speed and scale your security practitioners need to defend your organisation.
View Video
elastic

Elastic 7.9 released, with free distribution tier of features of Workplace Search and endpoint security

Aug 19, 2020 By Steve Kearns In Elastic

We are pleased to announce the general availability of Elastic 7.9. This release brings a broad set of new capabilities to our Elastic Enterprise Search, Observability, and Security solutions, which are built on the Elastic Stack — Elasticsearch, Kibana, Logstash, and Beats.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.