One finds limits by pushing them. –Herbert A. Simon,,,At Elastic, we focus on bringing value to users through fast results that operate at scale and are relevant — speed, scale, and relevance are in our DNA. In Elasticsearch 7.16, we focused on scale, pushing the limits of Elasticsearch to make search even faster, memory less demanding, and clusters more stable. Along the way, we uncovered a range of dimensions on sharding and in the process sped up Elasticsearch to new heights. Historical
,Elasticsearch 7.16 introduced a new enrich policy: range. The range policy allows one to match a number, date, or IP address in incoming documents to a range of the same type in the enrich index. Being able to match against an IP range can be specifically useful in security use cases where the additional metadata can be used to further refine detection rules. As we’ve already added an example to our documentation using IP ranges, we’ll go through an example here using the date_range type.Our fi
,Elastic Security engineers have documented a less tedious way to find network beaconing from Cobalt Strike. In their full analysis ([1] [2]), Elastic Security team researchers Andrew Pease, Derek Ditch, and Daniel Stepanic walk users through the Elastic fleet policy, how to collect the beacon, beacon configuration, how to analyze its activity, and how you can set it up in your organization’s environment. These two articles ([1] [2]) are ideal for helping security analysts identify, collect, and
,It began with an earthquake swarm. More than 22,000 seismic events were recorded, at up to 3.5 on the Richter scale, beginning on September 11th, 2021. Just 8 days later, the first eruption on La Palma since 1971, and the largest in recorded history, commenced. For three months, lava ran out of the Cumbre Vieja volcano, pouring into the Atlantic Ocean surrounding the Canary Islands. The eruption destroyed more than 3,000 homes in a torrent of fire and liquid rock and caused untold impact on th
,Elastic Security has verified a new destructive malware targeting Ukraine: Operation Bleeding Bear. Over the weekend, Microsoft released details about this multi-stage and destructive malware campaign that the Ukrainian National Cyber Security Coordination Center has been referring to as Operation Bleeding Bear. Elastic users are fully protected from attacks like these through our advanced malware detection and Ransomware Protection capabilities, and the Elastic Security team continues to
,Elastic can now seamlessly ingest data from Microsoft Azure Spring Cloud so DevOps and SREs can monitor their Spring Boot applications to increase operational efficiency and developer productivity. Azure Spring Cloud is a fully managed service for Spring applications that simplifies infrastructure management. A 2021 survey from Microsoft indicated that “end-to-end monitoring” is the second biggest challenge DevOps and IT managers face as they migrate Spring Boot applications to the cloud.
,Before Rick Laner joined Elastic as our new Chief Customer Officer, he wanted to confirm if the company was committed to scaling, focusing on the customer experience, and lastly is the culture really as advertised. “Firstly, I really dug into the culture and tried to understand is it really how people operate. Are all the good things I heard true? After talking to more than 80 people in my first 8 weeks and observing how teams function, I realized it is absolutely the case,” said Rick. “People
,The rise of “Open Banking” has enabled banking customers to choose to share their previously inaccessible, locked down data with all sorts of third parties — from budgeting apps to mobile wallets, to peer to peer payment providers. This revolution has been a welcome boon for banks, customers, and financial services innovators alike. The ability to securely share access and permissions to accounts has fueled the rise and growth of an entire new industry — FinTech — as retail and institutional c
,While nearly one in five companies say they are releasing code 10 times faster than in the past, more software means more security flaws, and greater opportunity for bad actors to take advantage of them. The faster pace and increasing risks highlight the need for IT leaders to get serious about embracing DevSecOps, a management approach that makes security a shared responsibility among development, security, and IT operations teams. One indication that DevSecOps is gaining traction in the ente