Virtual Meetup: SIEM 101: What, Why & How of Information Security
SIEM abbreviated as Security Information & event management plays an important role in an organization's information security posture.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
Elastic's Guide to Keeping Services up and Running with Real-time Visibility
Learn how to start monitoring in minutes, keep your networks up and running, and make sure citizens have continuous access to digital portals and services. Increased traffic. New users on the network. Data sharing at unprecedented levels. Meet all the challenges coming your way with the free and open Elastic Stack.
Coming in 7.7: Significantly decrease your Elasticsearch heap memory usage
As Elasticsearch users are pushing the limits of how much data they can store on an Elasticsearch node, they sometimes run out of heap memory before running out of disk space. This is a frustrating problem for these users, as fitting as much data per node as possible is often important to reduce costs. But why does Elasticsearch need heap memory to store data? Why doesn't it only need disk space?
Creating modern customer service experiences with Elastic Enterprise Search
Let’s be honest. No one wakes up in the morning thinking of reasons to contact customer support. It’s tedious, onerous, and can eat into your evening Netflix time. Thankfully, most brands realize that customer experiences drive brand loyalty and repeat purchases.
A Journey of Elastic SIEM: Getting Started through Threat Analysis Part 1
Calling all security enthusiasts! Many of us are now facing similar challenges working from home. Introduced in 7.2, Elastic SIEM is a great way to provide security analytics and monitoring capabilities to small businesses and homes with limited time and resources. In this three-part meetup series we will take you on a journey from zero to hero, getting started with the Elastic SIEM to becoming a threat hunter.
Introduction in the Elasticsearch REST client
This blog post introduces the Java REST clients for Elasticsearch. The main focus will be on the High Level REST Client, but the low level REST client will be covered as well.
Virtual Meetup: Advanced Threat Hunting & Monitoring with Elastic APM
Aligning security and risk management to the business strategy is imperative in driving value. With a “yes, and here’s how” attitude, CISO’s organization has now become a trusted advisor to the business enabled with preventative, detective, and responsive solutions. Tools such as application performance monitoring (APM) can shed light on the components that make up the organization’s DNA including the current COVID-19 impact and the need for a distributed workforce.
Benchmarking binary classification results in Elastic machine learning
Binary classification aims to separate elements of a given dataset into two groups on the basis of some learned classification rule. It has extensive applications from security analytics, fraud detection, malware identification, and much more. Being a supervised machine learning method, binary classification relies on the presence of labeled training data that can be used as examples from which a model can learn what separates the classes.
Monitoring Amazon EKS logs and metrics with the Elastic Stack
To achieve unified observability, we need to gather all of the logs, metrics, and application traces from an environment. Storing them in a single datastore drastically increases our visibility, allowing us to monitor other distributed environments as well. In this blog, we will walk through one way to set up observability of your Kubernetes environment using the Elastic Stack — giving your team insight into the metrics and performance of your deployment.
MITRE ATT&CK® round 2 APT emulation validates Elastic's ability to eliminate blind spots
Six months ago we celebrated the joining of forces between Endgame and Elastic under the banner of Elastic Security and announced the elimination of per endpoint pricing. Simultaneously, while the newest members of Elastic Security were getting acquainted with the Elastic SIEM team, a few of our analysts were locked away in an office at MITRE HQ for round 2 of MITRE’s APT emulation.