In this post, I want to scratch at the surface of a very interesting technology that Elastic’s Universal Profiler and Security solution both use called eBPF and explain why it is a critically important technology for modern observability. I’ll talk a little bit about how it works and how it can be used to create powerful monitoring solutions — and dream up ways eBPF could be used in the future for observability use cases.

For far too long, the cybersecurity industry has subscribed to a flawed methodology — one that is based on the notion that organizations can avoid security threats through obscurity and secrecy. The assumption is that keeping security controls and processes covert makes products and data inherently more secure against cyber threats within the networks we defend. However, even the most sophisticated cybersecurity defenses are no match for well-funded, highly motivated adversaries.

With Elastic 8.5, we are excited to announce that the Cloud Workload and Posture capabilities are now generally available with this release! As organizations move rapidly to adopt newer cloud technologies, security teams are tasked with protecting their organization’s assets and data across various platforms — including endpoints, cloud, and on-prem environments.

Digital transformation is expanding the attack surface in financial services. Throughout the pandemic, the accelerated adoption of digital banking, payments, and insurance channels has enabled providers to offer greater levels of service, new financial products, and enhanced journeys to their customers. However, with growing amounts of data and increasingly complex IT ecosystems, bad actors are finding more creative ways of wreaking havoc. In fact, U.S.

More than “just SIEM” Just within the last 30 days, the two largest telecom operators in Australia1 were hit by a data breach impacting millions of customers and compromising sensitive personal information like home addresses, drivers’ licenses, and passport numbers. The situation is not very different in the Americas, where another leading telecom provider2 cited a 13% jump in ransomware attacks in the past year.

Kenneth Buckler, CASP, is a research analyst of information security/risk and compliance management for Enterprise Management Associates, a technology industry analyst and consulting firm. He has also served in technical hands-on roles across the Federal cyber security space and has published three Cyber Security books. Ken holds multiple technical certifications, including CompTIA’s Advanced Security Practitioner (CASP) certification.

If you’re a public sector organization, security is top of mind. One of the best ways you can secure your data and systems is through a modern SIEM platform, which many government agencies and education institutions are using as a critical piece of their Zero Trust cybersecurity architecture. SIEM technology and strategy is constantly changing, and keeping up with the latest updates and requirements can be challenging.

The Elastic Security Labs team is passionate about securing the world’s data from attack, and strives to raise the bar within the security industry. To this end, Elastic Security Labs has compiled the 2022 Global Threat Report to share trends and tactics adversaries and attack groups use, as observed by our threat research team and broader user community over the past year. Let’s dig into a few of the endpoint related findings.

Elastic has successfully delivered a leading Security Information and Event Management (SIEM) offering with only two years in the market. According to IDC Worldwide Security Information and Event Management Market Shares, 2021: The Cardinal SIEMs report, Elastic is one of the fastest growing SIEMs (more than 80% year-over-year growth) — and had the fifth largest market share in 2021 of the 20+ SIEM vendors in the report.

We are excited to announce that Elastic has been honored with the 2022 CyberSecurity Breakthrough Award for Threat Intelligence Platform of the Year, recognizing the cutting-edge threat intelligence capabilities of Elastic Security, which enable organizations to better understand current and emerging threats and respond more quickly to adversaries.