Elastic Security: How to Plan and Execute a Hunt
In this Black Hat 2020 presentation, learn from Elastic Security researchers how to hunt for adversary tradecraft in your organization’s network before damage and loss can occur.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
Journey of Elastic SIEM Getting Started to Investigating Threats: Part 2
Calling all security enthusiasts! Many of us are now facing similar challenges working from home. Introduced in 7.2, Elastic SIEM is a great way to provide security analytics and monitoring capabilities to small businesses and homes with limited time and resources. In this three part meetup series we will take you on a journey from zero to hero - getting started with the Elastic SIEM to beginner threat hunting.
Threat Hunting with Elastic APM
Learn how APM lets you monitor the performance of applications deployed anywhere within your network. Now you can use APM data to hunt for threats and injection attacks, too. Elastic provides a common data platform so you can view HTTP data collected with your APM agents in the Elastic SIEM app. It’s seamless monitoring and protection to keep your systems up, running, and secure.
Threat Hunting with Network Metadata
Maintaining a safe and secure network is not optional with an ever increasing amount of threats and methods of intrusion. Learn how you can leverage network metadata for fast and effective threat hunting, today. In this webinar, you will see how bringing together NetOps and SecOps information can help your organization continually locate and validate past and present indicators of compromise more efficiently
Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 2)
In Part 2 of this two-part series, our goal is to provide security practitioners with better visibility, knowledge, and capabilities relative to malicious persistence techniques that impact organizations around the world every day. In this post, we’ll explore two additional persistence techniques that are being used by attackers in the wild: Scheduled Tasks (T1053) and BITS Jobs (T1197).
Next-Level Threat Hunting: Shift Your SIEM from Reactive to Proactive
Threat hunting is proactively identifying and thwarting unusual network activity that could indicate an attempted security breach. It's a historically manual activity, making it time-intensive and arduous. It’s no wonder, then, why most organizations don’t have the time, budget, or resources to undertake it effectively…if at all.