We’re happy to announce the beta availability of our new government region, AWS GovCloud (US East), for the Elasticsearch Service on Elastic Cloud. This new region is our first step in simplifying operations for Elastic users who handle government data as we work toward gaining a Moderate authorization for the Federal Risk and Authorization Management Program (FedRAMP).
Until now, standard search solution pricing has been based on models that are difficult to understand, expensive to scale, and/or beneficial to only the search vendor. At Elastic, we’re taking a different approach based on the principles of transparency, fairness, and scalability, and have introduced resource-based pricing for our products running on Elastic Cloud. And we believe that this pricing approach will revolutionize Enterprise Search buying and ownership.
With the release of Elastic Security 7.6, we've announced our creation of a modern detection engine that provides SOC teams with a unified SIEM rule experience through Elastic SIEM detections. The detection engine draws from a purpose-built set of Elasticsearch analytics engines and runs on a new distributed execution platform in Kibana.
At Elastic, we are adding data layers to our Maps Service on a regular basis. We are proud to announce that we have recently finished adding a number of layers that complete the European continent for all second level national boundaries. The list of new layers are Albania, Andorra, Bosnia and Herzegovina, Bulgaria, Czechia, Greece, Greenland, Iceland, Latvia, Liechtenstein, Lithuania, North Macedonia, Moldova, Montenegro, Romania, Serbia, and Ukraine.
Hello, security enthusiasts! This is part seven (can you believe it?) of the Elastic SIEM for home and small business blog series. If you haven’t read the first six blogs in the series, you may want to before going any further. In the prerequisite blogs we created our Elasticsearch Service deployment (part 1), secured access to our cluster by restricting privileges for users and Beats (part 2), then we created an ingest pipeline for GeoIP data and reviewed our Beats configurations (part 3).
We introduced meta engines for Elastic App Search on Elastic Cloud and self-managed versions in the 7.6 release and have been thrilled to see the response to the new feature. Meta engines provide the ability to search across multiple existing or new engines. Think of adding a new search box to a page that then goes off and searches the documents in the sub-engines of your choosing.
Logstash is an open source data processing pipeline that ingests events from one or more inputs, transforms them, and then sends each event to one or more outputs. Some Logstash implementations may have many lines of code and may process events from multiple input sources. In order to make such implementations more maintainable, I will show how to increase code reusability by creating pipelines from modular components.
Given the complexity of large enterprise environments, coupled with the diversity of the vendor landscape, there is no single, agreed-upon “best” way to buy security. The battles continue between CAPEX or OPEX, net-30 or net-90, annual or multi-year, perpetual or subscription. One thing we do know, however, is that all too often the consumer pays for something he or she does not use.
Thousands of customers call the official Elasticsearch Service (ESS) on Elastic Cloud their home for running not only Elasticsearch, but exclusive products such as Elastic Logs, Elastic APM, Elastic SIEM, and more.
As antivirus and machine learning-based malware detection have increased their effectiveness in detecting file-based attacks, adversaries have migrated to “living off the land” techniques to bypass modern security software. This involves executing system tools preinstalled with the operating system or commonly brought in by administrators to perform tasks like automating IT administrative tasks, running scripts on a regular basis, executing code on remote systems, and much more.
