This blog post was written in collaboration with the team at Lightrun: Itai Tieger, Roy Chen, and Tom Granot. Itai is an R&D team leader specializing in cybersecurity, with over 10 years of experience in the industry. Roy is a software engineer with over 6 years of diverse experience in multiple disciplines. Tom is a solution engineer and a former site reliability engineer. An application running in production is a difficult beast to tame. Most experienced developers–ones who spent enough late n
As a powerful search engine, Elasticsearch provides various ways to collect and enrich data with threat intel feeds, while the Elastic Security detection engine helps security analysts to detect alerts with threat indicator matching. In this blog post, we’ll provide an introduction to threat intelligence and demonstrate how Elastic Security can help organizations establish robust cyber threat intelligence (CTI) capabilities. CTI is contextual information obtained through research and analysis of
With Elastic 7.14, the filestream input, the successor of log input, is now generally available in Filebeat. This new, superior input provides better support for reading active log files, with faster reaction time when there is backpressure in the system, quicker registry updates, better cooperation with external log rotation tools, and more. Improved registry performance Previously, when a registry file (the file used for saving the progress of publishing events) contained many entries, state
While the 7.x minors keep delivering feature after feature, we are thrilled to announce the first public alpha of 8.0.0. Before we continue with this exciting news, we want to remind you that this is an alpha version. We recommend that you keep it an arm's length from production. There is no guarantee that 8.0.0-alpha1 will be compatible with other preview releases or with 8.0.0 general availability (GA). Also, 8.0.0-alpha1 will not be available on Elastic Cloud. But, we expect to make a preview
Software engineers cite constant distractions, long commute times, and a lack of flexibility as the biggest challenges of working in an office setting, according to an internal employee survey conducted by the Elastic Culture team. But the survey also revealed that the biggest benefits of a distributed environment could be the new opportunities it opens for employees — for example, the freedom to catch some waves during the workday. As Elastic offices slowly begin to reopen worldwide in accordan
Elastic received honors from two key partners, Microsoft and Google — a recognition of our efforts to ensure that customers can easily find and use Elastic products in the environments that best suit their needs. Elastic was named the 2021 Microsoft US Partner Award Winner in Business Excellence in the Commercial Marketplace. In addition, for the second year in a row, Elastic was selected by Google Cloud as the 2020 Technology Partner of the Year for Data Management. We understand that more
Today, we are happy to announce three major improvements that will make it easier to integrate your systems and applications with the Elastic Stack. First, we are launching the generally available (GA) release of our Elastic Agent, which is a single, unified agent for both observability and security. A unified agent will simplify data onboarding with fewer things to configure and install. Second, we are launching the GA release of Fleet, a new Kibana app that lets you centrally manage an entire
Elasticsearch 7.14 introduces match_only_text, a new field type that can be used as a drop-in replacement for the text field type in logging use cases with a much lower disk footprint, leading to lower costs. Elasticsearch is attractive for log analysis thanks to its ability to index log messages. Want to count how many log messages contain access denied in the last 24 hours? Elasticsearch can give you the answer in milliseconds thanks to its index structures — but index structures take CPU
Elastic Security's newest features define the potential of XDR for cybersecurity teams. Our single platform brings together SIEM and endpoint security, allowing users to ingest and retain large volumes of data from diverse sources, store and search data for longer, and augment threat hunting with detections and machine learning.Security vendors are using the term “XDR” with increasing frequency, applying varied definitions to suit their respective technologies. The term began as an evo
