Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Elastic

Strengthening small utilities: The power of public-private partnership

In the wake of recent cyber attacks against US water utilities, the vulnerability of local entities dependent on operational technology (OT) has been starkly highlighted. This danger was further emphasized last week when Congress held a hearing titled Securing Operational Technology: A Deep Dive into the Water Sector. Witnesses at the hearing painted a stark picture of the significant cybersecurity risks facing small utility companies today.

Introducing the Elastic Trust Center!

Your one-stop shop for transparent cloud security information Elastic® knows that security and compliance requirements are mandatory for regulated and non-regulated customers alike. We strongly believe in providing clear and transparent information to earn your trust in Elastic as an organization and in the services we provide. Our Trust Center is a public one-stop shop for information on security, compliance, privacy, and resiliency for Elastic and the Elastic Cloud.

How Elastic AI Assistant for Security and Amazon Bedrock can empower security analysts for enhanced performance

Generative AI and large language models (LLMs) are revolutionizing natural language processing (NLP), offering enhanced conversational AI experiences for customer service and boosting productivity. To meet enterprise needs, it’s important to ensure the responses that are generated are accurate as well as respect the permissions model associated with the underlying content.

NEW! Elastic Security 8.12: AI Assistant alert insights, onboard major CSPs

With the new year in swing, we’re excited to announce that Elastic® 8.12 is now available! This release supports Elastic Security’s mission to redefine security operations by pushing the boundaries of what constitutes a SIEM. Our team is prioritized on elevating your SOC with intelligent, AI powered analytics and the 8.12 release is another step toward this reality.

Is it time to replace your SIEM?

Security teams with an existing security information and event management (SIEM) investment may find themselves having to pay more to their vendor in order to ingest and index more of their data. In fact, nearly half (44%) of organizations want to augment or replace their current SIEM solution. It may be time to replace your SIEM. Fortunately, Elastic allows all users to try out a new, powerful SIEM with little to no upfront cost.

M-21-31 logging compliance: Overcoming the 3 top challenges

How US federal agencies can better meet advanced event logging requirements Recently, the US Government Accountability Office (GAO) released a study tracking US federal agencies’ progress on meeting the requirements set out in OMB M-21-31. Released in 2021, the Office of Management and Budget (OMB)’s M-21-31 memorandum provided guidance and requirements for federal agencies in order to improve centralized visibility into logging data before, during, and after cybersecurity incidents.

Maximizing security insights: A deep dive into the Amazon Security Lake and Elastic Security integration

In the ever-evolving landscape of cybersecurity, having a robust and efficient security information and event management (SIEM) system is crucial. One powerful solution that has gained significant traction is the Elastic® integration with Amazon Security Lake. This integration not only facilitates the collection of security-related log and event data, but also empowers organizations to analyze and understand their security posture comprehensively.

Detecting account compromise with UEBA detection packages

The Elastic InfoSec Threat Detection team is responsible for building, tuning, and maintaining the security detections used to protect all Elastic® systems. Internally, we call ourselves Customer Zero and we strive to always use the newest versions of our products. This blog details how we are building packages of detection rules that work together to create a high fidelity alert for strange user behavior.

What's new in Elastic Security 8.11: Piped queries, AI assistance, and cloud and user data

Elastic Security 8.11 introduces pipe queries with Elasticsearch Query Language (ES|QL), an Elastic AI Assistant connector for AWS Bedrock, and data integrations for Okta, Microsoft Entra ID, Wiz, and Palo Alto Prisma Cloud. Together, these enhancements deliver vital guidance and context to threat hunters and investigators. Elastic Security 8.11 is available now on Elastic Cloud — the only hosted Elasticsearch® offering to include all of the new features in this latest release.

Unpacking the new US executive order on artificial intelligence

On Monday, October 30, President Biden signed the Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence — the longest in history at 117 pages. The executive order (EO) aims to advance and regulate artificial intelligence (AI) in the US. This landmark order pulls together a number of priorities that influence not just the AI industry, but also society at large.