Author

Elastic Security Intelligence & Analytics Team


Articles

Security operations: Cloud monitoring and detection with Elastic Security

Security operations: Cloud monitoring and detection with Elastic Security

As companies migrate to cloud, so too do opportunist adversaries. That's why our Elastic Security team members have created free detection rules for protecting users' cloud platforms like AWS and Okta. Learn more in this blog post.

A close look at the advanced techniques used in a Malaysian-focused APT campaign

A close look at the advanced techniques used in a Malaysian-focused APT campaign

Our Elastic Security research team has focused on advanced techniques used in a Malaysian-focused APT campaign. Learn who’s behind it, how the attack works, observed MITRE attack® techniques, and indicators of compromise.

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 2)

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 2)

Learn how Elastic Endpoint Security and Elastic SIEM can be used to hunt for and detect malicious persistence techniques at scale.

Playing defense against Gamaredon Group

Playing defense against Gamaredon Group

Learn about the recent campaign of a Russia-based threat group known as Gamaredon Group. This post will review these details and provide detection strategies.

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 1)

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 1)

Learn how Elastic Endpoint Security and Elastic SIEM can be used to hunt for and detect malicious persistence techniques at scale.

Elastic Security opens public detection rules repo

Elastic Security opens public detection rules repo

Elastic Security has opened its detection rules repository to the world. We will develop rules in the open alongside the community, and we’re welcoming your community-driven detections. This is an opportunity to share collective security knowledge.

Elastic SIEM detections

Elastic SIEM detections

Provide your SOC team with a unified, pre-built SIEM detection rule experience.

Threat hunting capture the flag with Elastic Security: BSides 2020

Threat hunting capture the flag with Elastic Security: BSides 2020

In our last Elastic Security capture the flag event, participants hunted for suspicious behavior after a mock network compromise. See how contenders fared in this blog post.