,Version 7.16.3 of the Elastic Stack was released today. We recommend you upgrade to this latest version. The 7.16.3 patch release contains an updated version of Log4j (2.17.1) for both Elasticsearch and Logstash. For a full list of changes for each product, please refer to the release notes:7.16.3 release notesElastic StackElasticsearchKibanaBeatsLogstashElastic Enterprise SearchEnterprise SearchElastic ObservabilityAPMElastic SecurityElastic Security Solution https://www.elastic.co/blog/elasti
,Version 6.8.23 of the Elastic Stack was released today. We recommend you upgrade to this latest version. The 6.8.23 patch release contains an updated version of Log4j (2.17.1) for both Elasticsearch and Logstash. For a full list of changes for each product, please refer to the release notes:6.8.23 release notesElastic StackElasticsearchKibanaBeatsLogstash https://www.elastic.co/blog/elastic-stack-6-8-23-released
,Overview Following the discovery of Log4Shell, a vulnerability in Log4J2, Elastic released a blog post describing how users of our platform can leverage Elastic Security to help defend their networks. We also released an advisory detailing how Elastic products and users are impacted. In this blog, we expand on these initial posts and highlight how the combination of security and observability solutions can provide deep visibility into the exploited vulnerability and arm security analysts with v
,The early stages of an intrusion usually include initial access, execution, persistence, and command-and-control (C2) beaconing. When structured threats use zero-days, these first two stages are often not detected. It can often be challenging and time-consuming to identify persistence mechanisms left by an advanced adversary as we saw in the 2020 SUNBURST supply chain compromise. Could we then have detected SUNBURST in the initial hours or days by finding its C2 beacon?The potential for beaconi
,Today we had an exciting announcement at Elastic. Below is part of an internal email that we shared with our fellow Elasticians. First, hear from Shay: Almost two years ago, I decided to move to Israel because it was better for my family (that took time to happen, Covid!). At that time, I started thinking about how to do what is right for my family while being able to be a meaningful part of Elastic. Those of you who know me, know that Elastic is my life’s work. And we have only just begun. Ou
,We are thrilled to announce the first release candidate of 8.0.0 after the last beta release. Again, we want to remind you that this is not for production use. There is no guarantee that 8.0.0-rc1 will be compatible with other preview releases or with 8.0.0 general availability (GA). We’d love to get your feedback and tips on any bugs you find through our Pioneer Program. To become an Elastic Pioneer, try out the preview of any (preferably, every) part of the Elastic Stack and open issues as yo
,My first week at Elastic, I showed up to orientation and sat next to a trans woman with bright blue hair. That evening, at a welcome reception with executives all in casual attire, a male colleague arrived wearing a black skirt and combat boots. It was pretty obvious from Day 1 that Come as YOU Are was not lip service, it was truly part of our source code. As the years of my Elastic journey progressed, kindness, empathy and understanding for all employees has permeated the culture via emails, c
,Overview With our recent 7.16 Elastic Security product release, we improved our existing Linux malware feature by adding memory protection. In this blog, brought to you by Elastic’s Engineering Security Team, we lean into this recent advancement to show how we are protecting the world’s data from attack. Recent events such as the exploitation of the Open Management Infrastructure (OMI) agent through CVE-2021-38647, which is installed by many Azure Linux machines, represents how quickly adv
,As we kick off a new year, so does new and refreshed thinking in the public sector. With another full year of lessons learned from the pandemic, public sector leaders will apply these insights in the way they execute their documented data strategies. Synthesizing what we see and hear from our stakeholders, below are five of the needle movers we see in public sector data strategy execution. Note that the key here is data, and being deliberate with it: 2022 will be the year of harnessing the pow
,Government data strategies lay a promising groundwork for how data will be used to drive more informed decision making internally and more streamlined public services externally. A commonality between these strategies is the need for improved role-based data sharing and data re-use. The sticking point, however, is in the way to implement data sharing when there are known silos across and within various departments. More often than not, these silos exist for good reason, particularly for data pr