Tag Archive for: Elastic

How Elastic manages cyber security threats


Like any chief information security officer (CISO), Elastic’s Mandy Andress has had to grapple with a fast-changing threat landscape that could affect its business, which provides search, observability and security offerings used by organisations across industries such as government, healthcare and financial services.

The stakes of a cyber breach are high, particularly for customers in regulated industries, which makes Andress’s job all the more crucial to defend its services and assets from nefarious actors.

“From a threat landscape perspective, we focus on understanding the overall activities that are happening, the TTPs [tactics, techniques and procedures] we need to be looking for, and then building our programme to ensure we are defending and getting the best visibility we can for our organisation,” Andress told Computer Weekly on a recent visit to Singapore.

That includes a recent move to implement phishing-resistant multifactor authentication for every employee amid efforts by threat actors to leverage social engineering to access employee credentials and compromise targeted systems. “That’s an example of what we’re looking at holistically that can have a real impact on security,” she said.

Elastic’s security team also conducts regular threat hunting as well as red-teaming exercises, penetration testing and code reviews to ensure nothing falls through the cracks. “My biggest concern as CISO is what am I missing? So, we always have multiple activities to bring in different insights, perspectives and experiences to help us see what’s there and what we could be doing better,” she said.

Being a supplier of a security platform that provides visibility into the attack surface, supports incident response and threat hunting among other security capabilities has been helpful. Andress said her security team ingests about 150TB of data daily to monitor and analyse threats.

“I’ve been in security for a long time and used a number of analytics tools. If I didn’t work for Elastic, I would still be using it as my analytics tool of choice because it can really provide insights quickly on your data,” she added.

Elastic’s security team also works…

Source…

Elastic Announces the Launch and General Availability of Limitless XDR in Elastic Security, General Availability of Elastic Agent, and Centralized Management of Elastic Enterprise Search | Business


MOUNTAIN VIEW, Calif.–(BUSINESS WIRE)–Aug 3, 2021–

Elastic (NYSE: ESTC) (“Elastic”), the company behind Elasticsearch and the Elastic Stack, today announced new capabilities and enhancements across its Elastic Enterprise Search, Observability, and Security solutions, which are built in a single platform – the Elastic Stack.

New capabilities include the general availability of Elastic Agent, a single, unified agent that simplifies the management and monitoring of data from a growing volume of diverse sources, centrally managed in Fleet to give users broad visibility and control over their environments.

With Elastic Agent, Elastic Security users benefit from integrated ransomware and malware prevention, as well as remediation capabilities directly from the endpoint. Elastic Observability users gain better visibility across their applications and infrastructure, as well as secure, centralized agent management.

Elastic announces the launch and general availability of the industry’s first free and open Limitless Extended Detection and Response (XDR). Part of Elastic Security, Elastic Limitless XDR modernizes security operations by unifying the capabilities of security information and event management (SIEM), security analytics, and endpoint security on one platform.

Additionally, Elastic Enterprise Search can now be centrally managed in Kibana, the single management interface across all Elastic solutions.

Other key updates across the Elastic Stack, Elastic Cloud, and solutions include:

Elastic Stack and Elastic Cloud

Elastic announces the general availability of Elastic Agent with centralized management in Elastic Fleet. First released in beta in 7.9 and now generally available in 7.14, Elastic Agent serves as a single unified agent to make it simple for customers and users to onboard and manage new data sources fast, while also protecting their endpoints from cyber security threats. Elastic Agent is an Elastic Stack capability that delivers value to users across Elastic Security and Elastic Observability solutions.

Elastic also announces that support for Microsoft Azure Private Link is now generally available. Customers can now privately and…

Source…

UWP Community Toolkit 2.0, XebiaLabs DevOps Platform 7.1, and Amazon EC2 Elastic GPUs for Windows — SD … – SDTimes.com


SDTimes.com

UWP Community Toolkit 2.0, XebiaLabs DevOps Platform 7.1, and Amazon EC2 Elastic GPUs for Windows — SD …
SDTimes.com
According to a blog post from the Android developers team, Android 8.0 focuses on kernel self-protection with four security hardening features, which are backported from upstream Linux to all kernels supported in devices that first ship with the

and more »

android security – read more