As attackers continue to evolve and advance their techniques, tactics, and procedures (TTPs), it is crucial for enterprise organizations to deploy necessary countermeasures and defenses to secure their networks. Elastic Security provides an endpoint protection platform (EPP) with some of the most advanced and effective endpoint protections and preventions on the market today.

Tools. As engineers we all love great tools that help our teams work productively, resolve problems faster, be better. But tools can tend to grow in number, require additional maintenance, and most importantly, create silos. Each team has certain responsibilities and is constantly searching for tools that can address specific requirements in the best possible way.

Following the fully featured public beta of the Elasticsearch Service on Microsoft Azure earlier this year, we are pleased to declare it is now generally available! Existing Elasticsearch Service customers can log in and launch deployments on Azure in their existing accounts, and new users can get started with a free 14-day trial of the Elasticsearch Service.

With the addition of new data structures in Lucene 6.0, the Elasticsearch 5.0 release delivered massive indexing and search performance improvements for one-dimension numeric, date, and IP fields, and two-dimension (lat, lon) geo_point fields. Building on this work, the Elasticsearch 6.0 release further improved usability and simplicity of the geo_point API by setting the default indexing structure to the new block k-d tree (BKD) and removing all support for legacy prefix tree encoding.

Software giant Adobe is known the world around for its Photoshop, Illustrator, and Acrobat products, which are rolled into cloud service suites — Creative Cloud, Document Cloud, and Experience Cloud — of other similar software offerings. A number of their products — especially those where image search is critical, such as Adobe Stock — feature slick search capabilities that use Elasticsearch behind the scenes.

We are happy to announce that Elastic Stack 7.5 brings support for the Azure Monitor service in Metricbeat and Azure activity logs and AD (Active Directory) activity reports in Filebeat.

As part of Elasticsearch 7.5.0, a new ingest processor — named enrich processor — was released. This new processor allows ingest node to enrich documents being ingested with additional data from reference data sets. This opens up a new world of possibilities for ingest nodes.

Thousands of customers leverage the official Elasticsearch Service (ESS) on top of Elastic Cloud to get the best experience for running Elasticsearch — including all of Elastic’s exclusive products such as Elastic Logs, Elastic APM, Elastic SIEM, and more.

Hey, there. This is part four of the Elastic SIEM for home and small business blog series. If you haven’t read the first, second, and third blogs, you may want to before going any further. In the Getting started blog, we created our Elasticsearch Service deployment and started collecting data from one of our computers using Winlogbeat. In the Securing cluster access blog, we secured access to our cluster by restricting privileges for users and Beats.

So you want to install Elastic Cloud Enterprise (you know, the orchestration solution for the Elastic Stack that simplifies and standardizes how you deploy, upgrade, resize, configure, and monitor one to many clusters from a single UI/API) Installing ECE on one host isn’t tough. Installing it on two isn’t much harder. However, when you start dealing with 3, 5, 7, 11, etc., the complexity grows, as does the work involved in operating and maintaining (upgrading!) it all.