Many mature security teams look to the MITRE ATT&CK® matrix to help improve their understanding of attacker tactics, techniques, and procedures (TTPs) and to better understand their own capabilities relative to these common adversarial approaches. With the release of Elastic Security 7.6, Elastic SIEM saw 92 detection rules for threat hunting and security analytics aligned to ATT&CK.

We’re excited to announce the release of Elastic Cloud Enterprise (ECE) 2.5! This release improves the experience of managing your deployments with a dedicated coordinating layer, support for snapshot lifecycle management (SLM), and more.

Open source software development can have a reputation for abrasive behavior. The search community is a clear counterexample for me, with a culture that emphasizes respect and acceptance. This culture played an important part in my own path to open source development. A little over six years ago, I was a wide-eyed software engineer settling into my first full-time job.

If your organization is like virtually every other in the world (including ours!), you use a mix of Microsoft products in your productivity stack, possibly including SharePoint, Office 365 and OneDrive. But you probably also rely on a variety of other applications, maybe even mingling in “competing” tools like G Suite or Dropbox, in addition to complementary tools like Zendesk or GitHub.

Ingram Micro is a Fortune 100 company with $50 billion plus in revenue and operating in 56 countries. As the global leader in delivering technology and supply chain services to businesses, Ingram Micro touches about 80% of all high tech products sold around the world. Andre Dykhno, Head of Product for Global ecommerce, says ecommerce has been a large contributing factor to Ingram Micro’s modern day successes.

In Part 2 of this two-part series, our goal is to provide security practitioners with better visibility, knowledge, and capabilities relative to malicious persistence techniques that impact organizations around the world every day. In this post, we’ll explore two additional persistence techniques that are being used by attackers in the wild: Scheduled Tasks (T1053) and BITS Jobs (T1197).

From the very beginning, the Elastic Stack — Elasticsearch, Kibana, Beats, and Logstash — has been free and open. Our approach is not only to make our technology stack available for free, but to make it open — housed in public repositories and developed through a transparent approach with direct involvement from the community. Two simple principles — free and open — broke down barriers and enabled many amazing things.

We’re excited to announce that Zendesk is now available as a pre-built content source, along with a host of others, as part of the Workplace Search application. With more than 130,000 customers in 30 countries, Zendesk has become one of the de facto customer service platforms in the world. Each day, millions of users interact with support agents via the cloud-based tool regardless of the support channel they choose.

With Elasticsearch machine learning one can build regression and classification models for data analysis and inference. Accurate prediction models are often too complex to understand simply by looking at their definition. Using feature importance, introduced in Elastic Stack 7.6, we can now interpret and validate such models.

Wherever people encounter a search bar — whether on Google, phone apps, or while shopping online — they're conditioned to expect search experiences that deliver fast and relevant results. With this ever-evolving expectation in mind, millions of developers and organizations have chosen Elasticsearch for building powerful content discovery experiences over the years, to the great delight of their audience and user base.