Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

April 2020

A Journey of Elastic SIEM: Getting Started through Threat Analysis Part 1

Apr 28, 2020 By Elastic In Elastic
Calling all security enthusiasts! Many of us are now facing similar challenges working from home. Introduced in 7.2, Elastic SIEM is a great way to provide security analytics and monitoring capabilities to small businesses and homes with limited time and resources. In this three-part meetup series we will take you on a journey from zero to hero, getting started with the Elastic SIEM to becoming a threat hunter.
View Video

Virtual Meetup: Advanced Threat Hunting & Monitoring with Elastic APM

Apr 24, 2020 By Elastic In Elastic
Aligning security and risk management to the business strategy is imperative in driving value. With a “yes, and here’s how” attitude, CISO’s organization has now become a trusted advisor to the business enabled with preventative, detective, and responsive solutions. Tools such as application performance monitoring (APM) can shed light on the components that make up the organization’s DNA including the current COVID-19 impact and the need for a distributed workforce.
View Video
elastic

MITRE ATT&CK® round 2 APT emulation validates Elastic's ability to eliminate blind spots

Apr 22, 2020 By Mike Nichols In Elastic

Six months ago we celebrated the joining of forces between Endgame and Elastic under the banner of Elastic Security and announced the elimination of per endpoint pricing. Simultaneously, while the newest members of Elastic Security were getting acquainted with the Elastic SIEM team, a few of our analysts were locked away in an office at MITRE HQ for round 2 of MITRE’s APT emulation.

Read Post
elastic

Virtual safety: How to teach your kids cybersecurity best practices

Apr 15, 2020 By Cami Lewis In Elastic

Confession: I am a security practitioner. I am also a mom. What I am not is a homeschool teacher. Earlier this year, I spoke to the 5th- and 6th-grade classes at my son’s Innovation Day about cybersecurity. I discussed what it means to be a cybersecurity practitioner and how the practice of cybersecurity affects everyday life.

Read Post
elastic

Generating MITRE ATT&CK® signals in Elastic SIEM: Sysmon data

Apr 15, 2020 By Craig Chamberlain In Elastic

Many mature security teams look to the MITRE ATT&CK® matrix to help improve their understanding of attacker tactics, techniques, and procedures (TTPs) and to better understand their own capabilities relative to these common adversarial approaches. With the release of Elastic Security 7.6, Elastic SIEM saw 92 detection rules for threat hunting and security analytics aligned to ATT&CK.

Read Post
elastic

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 2)

Apr 7, 2020 By Brent Murphy In Elastic

In Part 2 of this two-part series, our goal is to provide security practitioners with better visibility, knowledge, and capabilities relative to malicious persistence techniques that impact organizations around the world every day. In this post, we’ll explore two additional persistence techniques that are being used by attackers in the wild: Scheduled Tasks (T1053) and BITS Jobs (T1197).

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.