Elastic: Best practices for detection with Elastic Security

Elastic: Best practices for detection with Elastic Security

 CEST
Online

Security analytics needs to rapidly adapt to changing threats. Advanced detection techniques is one of the core capabilities of security operation centres in addressing different threat use cases. However, identifying and creating appropriate detection types for the use case might be challenging.

In this webinar, we will discuss different detection techniques associated with Elastic Security’s detection engine presented and demonstrated in the context of real-world examples and scenarios.

Get your Elastic Security detection skillset up to speed with Haran Kumar, Solutions Architect in Elastic’s global security specialists group.

Highlights:

  • Elastic’s detection engine and prebuilt detection rules
  • Understanding security rule configurations and MITRE ATT&CK® mappings
  • How different detection techniques work and creating your own rules
  • Detection alerts with threat intel lookups
  • Alert triage and rule fine tuning

Additional resources:

  • Free training: Elastic Security: SIEM fundamentals
  • Docs: Detection and Alerts
  • Want to try it for yourself? Learn more about Elastic Security or, if you're ready to get started, spin up a free 14-day trial

Can't make it? Register and we'll send you the recording. You'll also receive an email with related content.