Operations | Monitoring | ITSM | DevOps | Cloud

Latest Posts

How Elastic is helping Honeywell generate sales from online search

Honeywell is a Fortune 100 company that produces commercial and consumer products. With roots dating to 1906, the multinational conglomerate offers chemicals, industrial manufacturing, engineering services, aerospace systems, and much more. The United States-based company employs 110,000 workers globally, and posts revenue of nearly $37 billion. Honeywell is a key player in 50 industries. It produces everything from N95 masks to automated warehouse solutions and airport security scanners.

How to set up Elastic Cloud: Advice from Elastic Support

I hate reinventing the wheel once I find a good setup. On top of that, I dislike searching for all the links I used to come up with the “ultimate setup” for different services. So, I decided to outline for myself (and for you of course) my default setup when I deploy on Elastic Cloud to set myself up for success and automate insight for the future. Most of my setup steps make monitoring accessible or automate various warnings to myself.

What you need to know about Process Ghosting, a new executable image tampering attack

Security teams defending Windows environments often rely on anti-malware products as a first line of defense against malicious executables. Microsoft provides security vendors with the ability to register callbacks that will be invoked upon the creation of processes on the system. Driver developers can call APIs such as PsSetCreateProcessNotifyRoutineEx to receive such events.

Adversary emulation with Prelude Operator and Elastic Security

It’s no secret that organisations are up against skilled, relentless and determined adversaries. Security operations teams need to continuously test their detection capabilities by carrying out adversary emulation plans that are made up of varying tactics, techniques and procedures (TTPs) and track key metrics of their coverage in order to close any existing gaps. There are many tools available for running adversary emulation plans and performing purple team exercises.

How to configure Elastic Cloud on Kubernetes with SAML and hot-warm-cold architecture

Elastic Cloud on Kubernetes (ECK) is an easy way to get the Elastic Stack up and running on top of Kubernetes. That’s because ECK automates the deployment, provisioning, management, and setup of Elasticsearch, Kibana, Beats, and more. As logging and metric data — or time series data — has a predictable lifespan, you can use hot, warm, and cold architecture to easily manage your data over time as it ages and becomes less relevant.

How South Dakota Bureau of Information and Telecommunications deploys Elastic to secure endpoints

The South Dakota Bureau of Information and Telecommunications (BIT) provides quality customer services and partnerships to ensure South Dakota’s IT organization is responsive, reliable, and well-aligned to support the state government’s business needs. The BIT believes that “People should be online, not waiting in line.” The bureau’s goals for the state's 885,000 residents include.

ProblemChild: Generate alerts to detect living-off-the-land attacks

In an earlier blog post, we spoke about building your own ProblemChild framework from scratch in the Elastic Stack to detect living off the land (LOtL) activity. As promised, we have now also released a fully trained detection model, anomaly detection configurations, and detection rules that you can use to get ProblemChild up and running in your environment in a matter of minutes.

Total Economic Impact study: Elastic delivers 10X performance with up to 75% cost savings

Ten times faster at a fraction of the cost. If you want a headline as to why you should consider adopting Elastic for security and observability, that is it. We often work with our customers to help them establish the business value of Elastic within their organizations. We commissioned Forrester to conduct a Total Economic Impact (TEI) study of our security and observability solutions so our customers have an unbiased view that they can share with their internal stakeholders.

Elastic License Update

In January 2021, we announced that starting with version 7.11, we would be changing the Apache 2.0 portions of Elasticsearch and Kibana source code to be dual licensed under Elastic License and SSPL, at the users’ discretion. As part of that change, we created Elastic License 2.0 (ELv2) as a permissive, fair-code license, which allows free use, redistribution, modification, and derivative works, with only three simple limitations, outlined in our original announcement.