Elastic Announces New Cloud Application and Host Protections and Streamlined Security Operations Workflows
Elastic (NYSE: ESTC) announced updates to Elastic Security 7.11, enhancing protection for cloud applications and hosts. This release includes prebuilt machine learning jobs and detection rules for SaaS applications like Google Workspace and Microsoft 365, improving security operations workflows. Streamlined alert management allows analysts to respond quickly, with customizable notifications and integrations with tools like Slack and ServiceNow. The refreshed Timeline workspace aids in threat hunting and investigation, further enhancing SOC efficiency.
- Introduction of prebuilt machine learning jobs for SaaS security enhancements.
- Integration with popular third-party tools (Slack, ServiceNow) for alert management.
- Improved usability features in the Timeline workspace for efficient threat investigation.
- None.
Elastic (NYSE: ESTC) (“Elastic”), the company behind Elasticsearch and the Elastic Stack, recently announced new prebuilt machine learning jobs and detection rules to protect cloud applications and hosts, and improved usability and accessibility to streamline security operations workflows in Elastic Security.
Elastic Security 7.11 helps secure the modern enterprise by automating detections and operationalizing analytics with prebuilt machine learning jobs and detection rules supporting MITRE sub-techniques. Prebuilt detections for cloud applications automatically spot techniques and behaviors associated with attacks against SaaS technologies such as Google Workspace, Microsoft 365 and Okta, and complements existing Elastic protections for IaaS technologies. Prebuilt security analytics content for Windows and Linux environments centrally detect a wide range of attacker activity, with a focus on addressing persistence, privilege escalation and lateral movement.
Elastic Security 7.11 streamlines alert management, enabling analysts to maintain velocity when addressing threats. Customizable alert notifications deliver key context to third-party workflow tools including Slack and ServiceNow, reducing swivel-chair analysis and accelerating triage. Security analysts can now attach alerts directly to cases to align responders and centralize relevant information. An expanded set of rule actions tighten integrations with Jira, ServiceNow and IBM Resilient, driving SOC efficiency.
A refreshed Timeline workspace drives efficient threat hunting, alert triage and investigation. Users can see key information on dedicated tabs, view events in a full-screen view and access event details without losing sight of surrounding events.
For more information read the Elastic blog about what's new in Elastic Security 7.11.
About Elastic:
Elastic is a search company built on a free and open heritage. Anyone can use Elastic products and solutions to get started quickly and frictionlessly. Elastic offers three solutions for enterprise search, observability, and security, built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real time and at scale. Thousands of organizations worldwide, including Cisco, eBay, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe and is publicly traded on the NYSE under the symbol ESTC. Learn more at elastic.co.
Elastic and associated marks are trademarks or registered trademarks of Elastic N.V. and its subsidiaries. All other company and product names may be trademarks of their respective owners.
View source version on businesswire.com: https://www.businesswire.com/news/home/20210303006027/en/