Elastic Security at ElasticOn Amsterdam
At ElasticOn Amsterdam, the security team reaffirmed their ambition to create an Elastic Security solution for both cloud environments as well as the Endpoint functionality. This was reflected by renaming Endpoint security to Elastic Defend.
By integrating two critical components of Cybersecurity — endpoint security and SIEM — Elastic Security provides prevention, detection, and response capabilities for unified protection across your infrastructure, which is all based on collecting data, the core strength of Elastic.
The main functions of Elastic Security are the detection engine to identify attacks, investigations, interactive visualization possibilities, and case management with automated alerts.
A great feature is an option for active (prebuilt) machine-learning jobs to find anomalies. There are also out-of-the-box detection rules that make it easy to protect your organization.
Marvin Ngoma’s “Defense Against The Dark Arts” talk, demonstrated new features such as Cloud security capabilities for both Kubernetes and docker environments as well as security focused to cloud environments such as AWS, Azure and Google cloud.
With the help of Machine learning and automating redundant steps, a security operator using Elastic security will be able to respond faster to intrusions.
Security also needs broader visibility and speed is very important. Organizations need real-time analysis of files, users, processes, and networks to determine the root cause and take immediately the necessary actions. Elastic can provide this security solution.
The future for Elastic security looks bright as it has the capability to cover the entire digital infrastructure of a company, both on the endpoint side covering all available operating systems, as well as on the cloud and on-premise.
Elastic Security provides great functionalities that are a big added value for companies & organizations.
It’s better safe than sorry .. Elastic Security can secure your organizations!