Elastic Announces Osquery Management Integration for Unified Data Analysis to Address Cyber Threats
Elastic (NYSE: ESTC) announces updates in its Elastic Security 7.13 release, enhancing support for osquery, an open-source host instrumentation framework. A new beta feature allows security teams to manage osquery results efficiently, enabling easy orchestration across Windows, macOS, and Linux hosts. Users can ingest osquery data into Elasticsearch, facilitating live queries and centralized security analytics. Enhanced capabilities include prebuilt SQL queries and Kibana assistance for improved user experience.
- Introduction of a user-friendly osquery host management integration in beta, streamlining security processes.
- Centralized security analytics enhance threat visibility and monitoring capabilities for users.
- Enhanced user experience with prebuilt SQL queries and Kibana guidance features.
- None.
Elastic (NYSE: ESTC) (“Elastic”), the company behind Elasticsearch and the Elastic Stack, announces new updates across the Elastic Security solution in its 7.13 release to broaden support for osquery, the open source host instrumentation framework, with a new host management integration for Elastic Agent and unified analysis of osquery host data.
The osquery host management integration, now in beta, enables security teams to use osquery results to address cyber threats without the complexity or cost of a separate management layer. With one click, users can install and orchestrate osquery across their Windows, macOS, and Linux hosts.
Osquery data is ingested in Elasticsearch and shown in Kibana where users can run live queries with one or more agents, and define scheduled queries to capture changes to an organization’s security state. From a single pane of glass, users can centralize security analytics and contextualize osquery results against other event data, anomalies, and threats, and leverage that context to improve host visibility, analytical power, and monitoring.
Enhanced capabilities also include prebuilt and custom SQL queries, as well as Kibana query guidance to support users with code completion, code hinting, and content assistance.
For more information read the Elastic blog about what’s new in Elastic Security 7.13.
About Elastic:
Elastic is a search company built on a free and open heritage. Anyone can use Elastic products and solutions to get started quickly and frictionlessly. Elastic offers three solutions for enterprise search, observability, and security, built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real time and at scale. Thousands of organizations worldwide, including Cisco, eBay, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe and is publicly traded on the NYSE under the symbol ESTC. Learn more at elastic.co.
The release and timing of any features or functionality described in this document remain at Elastic’s sole discretion. Any features or functionality not currently available may not be delivered on time or at all.
Elastic and associated marks are trademarks or registered trademarks of Elastic N.V. and its subsidiaries. All other company and product names may be trademarks of their respective owners.
View source version on businesswire.com: https://www.businesswire.com/news/home/20210527005687/en/
FAQ
What are the new features in Elastic Security 7.13 for ESTC?
How does the osquery integration improve security for ESTC users?
What platforms does the osquery integration support for Elastic Security?
When was the Elastic Security 7.13 release announced for ESTC?
Where can I find more information about Elastic's new updates?
