january

The Elastic Security team has found an unpatched Windows flaw that allows malware to disable security products. Here’s how to fix it using Elastic.

The Elastic Stack Terraform provider allows operations and SRE teams to safely manage their production-related infrastructure and fully control the configuration of Elasticsearch, Kibana, Fleet, and any other component within the Elastic Stack.

We expect several trends from 2021 to continue as firms look to build on their digital transformation objectives.

Explore the MSHTML exploitation chain from phishing through the loading of a popular information stealer, FORMBOOK. Additionally, we’ll uncover campaign testing infrastructure through a tradecraft oversight.

Elasticsearch now delivers geo data in the mapbox vector tile format, greatly improving the speed at which you can display geo-data on a map with Elastic Maps or third party apps. This post walks you through the API and includes a demo.

We explore using Elastic to extract Cobalt Strike beacon payloads from memory and use open source tools to analyze and group threat activity clusters.

Scale to new heights with Elasticsearch! In 7.16, we made several improvements for faster search, more stable clusters, and a reduced heap footprint.

Elasticsearch 7.16 introduced a new enrich policy: range. We’ll showcase a fictional example matching incidents with on-call schedules using the date_range type.

Elastic Security has verified a multi-stage malware attack targeting the Ukraine government: Operation Bleeding Bear. Learn more.