Let’s be honest. No one wakes up in the morning thinking of reasons to contact customer support. It’s tedious, onerous, and can eat into your evening Netflix time. Thankfully, most brands realize that customer experiences drive brand loyalty and repeat purchases.

Binary classification aims to separate elements of a given dataset into two groups on the basis of some learned classification rule. It has extensive applications from security analytics, fraud detection, malware identification, and much more. Being a supervised machine learning method, binary classification relies on the presence of labeled training data that can be used as examples from which a model can learn what separates the classes.

If you want to skip ahead to see the MITRE ATT&CK eval round 2 results visualized in an easy-to-configure Kibana dashboard, check it out here.

To achieve unified observability, we need to gather all of the logs, metrics, and application traces from an environment. Storing them in a single datastore drastically increases our visibility, allowing us to monitor other distributed environments as well. In this blog, we will walk through one way to set up observability of your Kubernetes environment using the Elastic Stack — giving your team insight into the metrics and performance of your deployment.

Six months ago we celebrated the joining of forces between Endgame and Elastic under the banner of Elastic Security and announced the elimination of per endpoint pricing. Simultaneously, while the newest members of Elastic Security were getting acquainted with the Elastic SIEM team, a few of our analysts were locked away in an office at MITRE HQ for round 2 of MITRE’s APT emulation.

As COVID-19 continues to make clear, being adaptable and resilient when the world changes can help a business stay alive. At Elastic, we know from experience that being distributed helps build a strong company that can scale and adapt as new challenges arise. In the spirit of open source and our relationship with the Elastic community, we’ve been offering tips and tricks on our blog and on social media about how to work effectively while remote.

A classic problem that every backend developer has faced during their work is testing an application that uses a database. A perfectly valid solution is to use the real database for testing your application, but you would be doing an integration test, while you want a unit test. There are many ways to solve this problem. You could create the database with docker, or use an in-memory compatible one, but if you are writing unit tests that can be easily parallelized this will become quite uncomfortable.

We are offering a variety of on-demand Elastic training courses for free — featuring 11 titles that span observability, security, and Elastic Stack administration. If you haven’t tried one of our self-paced courses yet, now is the perfect time to find out why so many people have shifted their learning preference from in-class to online. Our on-demand courses provide the same immersive learning experience found in the classroom, but delivered in a convenient, remote environment.

When working with observability data, a good portion of it comes in as time series data — things like CPU or memory utilization, network transfer, even application trace data. And the Elastic Stack offers powerful tools within Kibana for time series analysis, including TSVB (formerly Time Series Visual Builder). In this blog post, I’m going to attempt to demystify rates in TSVB by walking through three different types: positive rates, rate of change, and event rates.

Elasticsearch allows you to store, search, and analyze large amounts of structured and unstructured data. This speed, scale, and flexibility makes the Elastic Stack a powerful solution for a wide variety of use cases, like system observability, security (threat hunting and prevention), enterprise search, and more. Because of this flexibility, effectively architecting your deployment’s data storage for scale is incredibly important.

Confession: I am a security practitioner. I am also a mom. What I am not is a homeschool teacher. Earlier this year, I spoke to the 5th- and 6th-grade classes at my son’s Innovation Day about cybersecurity. I discussed what it means to be a cybersecurity practitioner and how the practice of cybersecurity affects everyday life.

Many mature security teams look to the MITRE ATT&CK® matrix to help improve their understanding of attacker tactics, techniques, and procedures (TTPs) and to better understand their own capabilities relative to these common adversarial approaches. With the release of Elastic Security 7.6, Elastic SIEM saw 92 detection rules for threat hunting and security analytics aligned to ATT&CK.

We’re excited to announce the release of Elastic Cloud Enterprise (ECE) 2.5! This release improves the experience of managing your deployments with a dedicated coordinating layer, support for snapshot lifecycle management (SLM), and more.

Open source software development can have a reputation for abrasive behavior. The search community is a clear counterexample for me, with a culture that emphasizes respect and acceptance. This culture played an important part in my own path to open source development. A little over six years ago, I was a wide-eyed software engineer settling into my first full-time job.

If your organization is like virtually every other in the world (including ours!), you use a mix of Microsoft products in your productivity stack, possibly including SharePoint, Office 365 and OneDrive. But you probably also rely on a variety of other applications, maybe even mingling in “competing” tools like G Suite or Dropbox, in addition to complementary tools like Zendesk or GitHub.

Ingram Micro is a Fortune 100 company with $50 billion plus in revenue and operating in 56 countries. As the global leader in delivering technology and supply chain services to businesses, Ingram Micro touches about 80% of all high tech products sold around the world. Andre Dykhno, Head of Product for Global ecommerce, says ecommerce has been a large contributing factor to Ingram Micro’s modern day successes.

In Part 2 of this two-part series, our goal is to provide security practitioners with better visibility, knowledge, and capabilities relative to malicious persistence techniques that impact organizations around the world every day. In this post, we’ll explore two additional persistence techniques that are being used by attackers in the wild: Scheduled Tasks (T1053) and BITS Jobs (T1197).

From the very beginning, the Elastic Stack — Elasticsearch, Kibana, Beats, and Logstash — has been free and open. Our approach is not only to make our technology stack available for free, but to make it open — housed in public repositories and developed through a transparent approach with direct involvement from the community. Two simple principles — free and open — broke down barriers and enabled many amazing things.

We’re excited to announce that Zendesk is now available as a pre-built content source, along with a host of others, as part of the Workplace Search application. With more than 130,000 customers in 30 countries, Zendesk has become one of the de facto customer service platforms in the world. Each day, millions of users interact with support agents via the cloud-based tool regardless of the support channel they choose.

With Elasticsearch machine learning one can build regression and classification models for data analysis and inference. Accurate prediction models are often too complex to understand simply by looking at their definition. Using feature importance, introduced in Elastic Stack 7.6, we can now interpret and validate such models.

Wherever people encounter a search bar — whether on Google, phone apps, or while shopping online — they're conditioned to expect search experiences that deliver fast and relevant results. With this ever-evolving expectation in mind, millions of developers and organizations have chosen Elasticsearch for building powerful content discovery experiences over the years, to the great delight of their audience and user base.