CIO Influence
CIO Influence News Machine Learning SaaS

Elastic Announces New Cloud Application and Host Protections and Streamlined Security Operations Workflows

Elastic Announces New Cloud Application and Host Protections and Streamlined Security Operations Workflows
Bringing Speed, Scale and Efficiency to Security Teams With Automated Detections and Operationalized Analytics
  • Introducing prebuilt machine learning jobs and detection rules supporting MITRE sub-techniques
  • Streamlining security operations center (SOC) workflows and accelerating response times with improved alert management
  • Providing a deeper understanding of how attacks are unfolding to drive efficient threat hunting

Elastic, the company behind Elasticsearch and the Elastic Stack, recently announced new prebuilt machine learning jobs and detection rules to protect cloud applications and hosts, and improved usability and accessibility to streamline security operations workflows in Elastic Security.

Recommended ITech News: Veytec Uses Netformx LifecycleXpert to Automate Lifecycle Incentive Management Processes

Elastic Security 7.11 helps secure the modern enterprise by automating detections and operationalizing analytics with prebuilt machine learning jobs and detection rules supporting MITRE sub-techniques. Prebuilt detections for cloud applications automatically spot techniques and behaviors associated with attacks against SaaS technologies such as Google Workspace, Microsoft 365 and Okta, and complements existing Elastic protections for IaaS technologies. Prebuilt security analytics content for Windows and Linux environments centrally detect a wide range of attacker activity, with a focus on addressing persistence, privilege escalation and lateral movement.

Elastic Security 7.11 streamlines alert management, enabling analysts to maintain velocity when addressing threats. Customizable alert notifications deliver key context to third-party workflow tools including Slack and ServiceNow, reducing swivel-chair analysis and accelerating triage. Security analysts can now attach alerts directly to cases to align responders and centralize relevant information. An expanded set of rule actions tighten integrations with Jira, ServiceNow and IBM Resilient, driving SOC efficiency.

Recommended ITech News: Tricentis Extends Public Sector Program and Executive Leadership to Support Growing Demand in Government

A refreshed Timeline workspace drives efficient threat hunting, alert triage and investigation. Users can see key information on dedicated tabs, view events in a full-screen view and access event details without losing sight of surrounding events.

Related posts

Insurity Completed 52 Customer Go-Lives On Its Configurable Cloud-Native Platform in 2021

CIO Influence News Desk

Resiliency Lies in More Adaptive, Innovative Workflows According to ServiceNow/Deloitte Clients in 2023 Trends Report

PR Newswire

Invoca Announces AI-Powered Conversation Intelligence for Healthcare Providers