sans elastic security · 2021. 1. 14. · only elastic security provides a free agent to instantly...
TRANSCRIPT
![Page 1: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/1.jpg)
1
SANS Elastic SecurityJames Spiteri, Mike NicholsElastic Security
![Page 2: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/2.jpg)
2
Security is a data problem
![Page 3: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/3.jpg)
Lack of data fidelity
![Page 4: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/4.jpg)
Cost and complexity of data completion
![Page 5: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/5.jpg)
5
How did we get here?Going where our users are
![Page 6: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/6.jpg)
2,000 employees in 40 countries
IPO 2018, NYSE “ESTC”
Founded 2012
A Brief OverviewAbout Elastic
World’s #1 databasesearch engine (DBEngines)
![Page 7: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/7.jpg)
2010
TodayElasticsearch 0.4
released
ECS 1.0released
Elasticsearch 1.0 released
Growing use of ELK for threat hunting
SIEM appreleased
Perched acquired
Endgameacquired
Logstashjoins forces
Kibanajoins forces
Beats to collectall the data
Prelert acquiredElastic Cloudlaunched
Elastic Security
Unified security
for all
![Page 8: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/8.jpg)
Monitoring and Compliance
Hunting and Incident Response
Threat Prevention and Detection
SIEM & Endpoint
Elastic Security
![Page 9: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/9.jpg)
Shay (Add slide picture)
If our mission is to protect the world’s data from attack,
the world needs access to our software.
![Page 10: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/10.jpg)
Democratizing SecurityElastic for everyone
Build on the free and open Elastic (ELK
Stack
1 2 3 4 5
![Page 11: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/11.jpg)
Democratizing SecurityElastic for everyone
Build on the free and open Elastic (ELK
Stack
Release a free and open SIEM
1 2 3 4 5
![Page 12: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/12.jpg)
Democratizing SecurityElastic for everyone
Build on the free and open Elastic (ELK
Stack
Release a free and open SIEM
Eliminate antiquated
pricing models
1 2 3 4 5
![Page 13: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/13.jpg)
Democratizing SecurityElastic for everyone
Build on the free and open Elastic (ELK
Stack
Release a free and open SIEM
Eliminate antiquated
pricing models
Develop protections in the open with
the community
1 2 3 4 5
![Page 14: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/14.jpg)
Democratizing SecurityElastic for everyone
Build on the free and open Elastic (ELK
Stack
Release a free and open SIEM
Eliminate antiquated
pricing models
Develop protections in the open with the community
Release free and open endpoint
protection
1 2 3 4 5
![Page 15: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/15.jpg)
Shay (Add slide picture)
It's dangerous to go alone! Take them.
![Page 16: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/16.jpg)
16
● Security orchestration, automation, response
● Security incident response
● General ticket & case management
These are just some of our partners and community members. The presence of a vendor logo doesn’t imply a business relationship with Elastic.
Elastic community – scale your security program
Kibana
Elasticsearch
● Host sources
● Network sources
● Cloud platforms & applications
● User activity sources
● SIEMs & centralized security data stores
● Internal context
● External context● Consulting
● Education & training
Solutions Integrators,
Value-added Resellers,
MSPs & MSSPs
LogstashBeatsAgent
![Page 17: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/17.jpg)
17
Demo
![Page 18: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/18.jpg)
● One Agent - One ClickOnly Elastic Security provides a free agent to instantly collect and protect
● Elastic SMEs + the Community Unparalleled protectionProtections are developed in the open with community engagement and contributions
● Action all data, for all timeOnly Elastic empowers seamless searching across data anywhere, including snapshots
Elastic SecurityThe foundation of modern security teams
SIEM, endpoint security,threat hunting, and more
![Page 19: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/19.jpg)
Register for our Global ElasticON eventhttps://www.elastic.co/elasticon/global
![Page 20: SANS Elastic Security · 2021. 1. 14. · Only Elastic Security provides a free agent to instantly collect and protect Elastic SMEs + the Community Unparalleled protection Protections](https://reader036.vdocuments.us/reader036/viewer/2022062510/6115ab056b2c7255a5336eb1/html5/thumbnails/20.jpg)
20
Try free on Cloud: ela.st/security-trial
Take a quick spin:demo.elastic.co
Connect on Slack: ela.st/slack
Join the Elastic Security community