![Page 2: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/2.jpg)
Enterprise Search
Observability Security
• Site Search
• App Search
• Workplace Search
• Logs & Metrics
• Application Performance
Monitoring (APM)
• Uptime
• SIEM (Threat Hunting)
• EndPoint Security (EPP & EDR)
All running on the same Elastic Stack
3 Solutions – 1 Stack
![Page 3: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/3.jpg)
Elasticsearch
Kibana
Elastic Stack
Store, Search, & Analyze
Visualize & Manage
Ingest
SaaS On-Prem
Elastic cloudElastic cloudEnterprise
Elastic cloudOn Kubernetes
Standalone
Elastic Stack
Site
Search
App
Search
Workplace
Search
Logs APM SIEMMetrics Endpoint
Security
Beats Logstash Endpoint
![Page 4: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/4.jpg)
Elastic Stack
![Page 5: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/5.jpg)
Asynchronous Search
![Page 6: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/6.jpg)
Integrated Alerting
![Page 7: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/7.jpg)
This is only phase 1!
Look forward to:
• New alert types
• New alert integrations
Soon
Integrated Alerting
![Page 8: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/8.jpg)
Transforms GA
![Page 9: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/9.jpg)
In version 7.5 we introduced binary
classification, which classified data
points into two possible categories.
E.g. malicious, benign
In version 7.7 we have released
multi-class classification. This
chooses the best class for each
data point from up to 30 possible
categories. E.g. class of DGA
algorithm - benign, zloader, kraken,
mydoom, pizd. Multi-class jobs can
be created in the data frame
analytics part of the UI, with the
results page including a confusion
matrix for measuring the accuracy
of the classification.
Supervised learning - multi-class classification
![Page 10: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/10.jpg)
Running Red Hat Enterprise Linux 8?
CentOS 8? Windows 2019?
Good news: with the 7.7 release
we're supporting Elasticsearch on all
three platforms.
In addition, with 7.7 we've added
support for OpenJDK 14.
For details please check our Elastic
Support Matrix.
Updated OS Support Matrix
![Page 11: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/11.jpg)
Elastic Enterprise Search
![Page 12: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/12.jpg)
Workplace Search now GA
![Page 13: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/13.jpg)
Workplace Search now GA
![Page 14: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/14.jpg)
Workplace Search now GA
Free Basic Tier for
quick and easy
deployment
Enterprise level
security and
integration available
![Page 15: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/15.jpg)
Workplace Search now GA
Privacy as a priority
Relevance at any scale
Get started quickly
![Page 16: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/16.jpg)
Elastic Observability
![Page 17: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/17.jpg)
APM Service Maps
Show dependencies
between services,
other services and
backends
View KPIs of each
service
![Page 18: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/18.jpg)
APM Central Configuration
No more YAML typo’s!
![Page 19: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/19.jpg)
APM Distributed Profiling
https://www.elastic.co/blog/from-distributed-tracing-to-distributed-profiling-with-elastic-apm
![Page 20: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/20.jpg)
Integrations
![Page 21: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/21.jpg)
Observability for Pivotal Cloud Foundry (PCF) Operators and Developers
Monitoring PCF is no joke!
“PCF is a complicated, distributed black box
that just works! Except when it doesn’t and
it’s a nightmare to figure out the root cause.”
The PCF healthwatch team built super-metrics to
measure uptime and performance KPIs for developers
and PCF KPIs for operators trying to maintain SLAs.
• https://www.elastic.co/guide/en/beats/metricbeat/7.7/metricbeat-
module-cloudfoundry.html
• https://www.elastic.co/guide/en/beats/filebeat/7.7/filebeat-input-
cloudfoundry.html
![Page 22: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/22.jpg)
Enhanced Cloud Integrations
Consolidate monitoring of
various public cloud
deployments in one single
“Pane of Glass”.
These integrations are
based on generic ELK
components.
If a service is not present
in this list, there is still a
good chance it is available.
and many more…
![Page 23: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/23.jpg)
Prometheus
Do you monitor multiple Kubernetes clusters?
Prometheus has some challenges in enterprise world:
• Long term storage
• Scalability
• Security
Elastic Elevates Prometheus to Enterprise.
With the Elastic 7.7 release, Metricbeat is now able to act as a
remote_write endpoint for Prometheus. Plus, added support for
PromQL queries in the Prometheus module.
https://www.elastic.co/what-is/prometheus-monitoring
https://www.elastic.co/blog/prometheus-monitoring-at-scale-with-the-elastic-stack
![Page 24: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/24.jpg)
Prometheus
You can start streaming metrics from Prometheus to
Elasticsearch already now with Metricbeat. Using the
prometheus module you can scrape metrics from either
Prometheus servers, exporters or push gateways.
![Page 25: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/25.jpg)
OpenMetrics
Support for OpenMetrics
Moving more deployments to
the cloud? The Elastic Stack
handles cloud native metrics
just like any other index.
As OpenMetrics continues to
standardize how metric data
is exposed, we focus on
streamlining the experience
of collecting all of your
metrics for unified analysis.
![Page 26: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/26.jpg)
Further Integrations added in 7.7
![Page 27: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/27.jpg)
Elastic Security
![Page 28: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/28.jpg)
Stop threats at scaleEliminate blind spots Arm every analyst
Elastic Security7.7 Update
➔ New Filebeat modules for
Office 365 and Okta
➔ Filebeat CEF module supports
Check Point
➔ Elastic Endpoint Security
streams to Logstash
➔ ECS “Mapper” tool made
public
➔ SIEM queries support ECS
fields
➔ Notifications - Email, Slack,
PagerDuty, Webhook
➔ Direct ML integration in
detection engine
➔ Expanded prebuilt rules (130)
➔ Prebuilt MITRE Based
Protections
➔ Import and export timelines
➔ SIEM rule execution
monitoring
➔ New case management
workflows
➔ New simple case
management workflow
integration with
ServiceNow®
➔ New Investigation Guide
playbooks
![Page 29: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/29.jpg)
Case management - Integrated
![Page 30: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/30.jpg)
Case management – ServiceNow Integration
Fit into Your
EcosystemElastic SIEM adds native
integration with ServiceNow ITSM
![Page 31: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/31.jpg)
Find -> Detect -> Protect
Find malicious behavior with Timeline or ML
and turn it in a Detection rule with 4 clicks.
![Page 32: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/32.jpg)
New prebuilt Detection Rules
New prebuilt detection rules protecting against:
•Living-off-the-land techniques— attackers using executing malicious code with OS-native applications.
•Privilege escalation via UAC bypass and related techniques— attackers bypassing Windows User Account Controls (UAC)
•Suspicious child processes of targeted business applications— attackers using PDF applications to download and execute malicious payloads
![Page 33: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/33.jpg)
Reading Material
https://www.elastic.co/blog/elastic-stack-7-7-0-released
https://www.elastic.co/blog/elastic-enterprise-search-7-7-0-released
https://www.elastic.co/blog/elastic-observability-7-7-0-released
https://www.elastic.co/blog/elastic-apm-7-7-0-released
https://www.elastic.co/blog/elastic-logs-7-7-0-released
https://www.elastic.co/blog/elastic-metrics-7-7-0-released
https://www.elastic.co/blog/elastic-uptime-monitoring-7-7-0-released
https://www.elastic.co/blog/elastic-security-7-7-0-released
![Page 34: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/34.jpg)
https://ela.st/26-may-lunchnlearn-financial-services
![Page 35: Elastic 7.7 Update 7.7...In version 7.5 we introduced binary classification, which classified data points into two possible categories. E.g. malicious, benign In version 7.7 we have](https://reader036.vdocuments.us/reader036/viewer/2022071511/613047691ecc51586943fe87/html5/thumbnails/35.jpg)
Questions?