AUTHOR

Articles by Aaron Jewitt

Videos

Detection engineering — Maximizing analyst efficiency using Cardinality Threshold rules on your alerts

Using Threshold rules to create alerts on your alerts is a great way to maximize your analyst effectiveness without sacrificing visibility. By using these rules, security analysts spend less time investigating false positives.

By
Aaron Jewitt
Videos

Elastic on Elastic: Configuring the Security app to use Cross Cluster Search

This blog is a guide to configuring Elastic’s Security App to work with Cross Cluster Search

By
Aaron Jewitt
Videos

Elastic on Elastic Series: Data collected to the Infosec SIEM

In this series of blogs we will provide an overview of our architecture, what data we send to our clusters, how and why we use Cross Cluster Search with the Security and Machine Learning (ML) applications, and how we tune, manage and notify.

By
Aaron Jewitt
Videos

Elastic on Elastic: Deep dive into our SIEM architecture

Take a deep dive into Elastic Infosec team’s architecture, the many sources of data collected for security uses, how and why cross-cluster search is used, and how to configure Elastic Security and machine learning to work with cross-cluster search.

By
Aaron Jewitt
Videos

How to build a malware analysis sandbox with Elastic Security

In this blog post, we will demonstrate how the Elastic Infosec team uses the Elastic Stack with Elastic Endpoint Security to build a fully instrumented malware analysis sandbox using free software.

By
Aaron Jewitt

Sign up for Elastic Cloud free trial

Spin up a fully loaded deployment on the cloud provider you choose. As the company behind Elasticsearch, we bring our features and support to your Elastic clusters in the cloud.

Start free trial