In this blog post, we walk through our release of a fully trained detection model, anomaly detection configurations, and detection rules that you can use to get your ProblemChild framework up and running in your environment in minutes.

In this blog, we announce our first-ever supervised ML and security integration. This offers users a supervised ML solution package to detect domain generation algorithm (DGA) activity in your network data.

The SIGRed vulnerability impacts all systems leveraging the Windows DNS server service (Windows 2003+). To defend your environment, we recommend implementing the detection logic included in this blog post using technology like Elastic Security.

EQL is a language to express relationships between events and has the power to normalize your data regardless of data source and not constrained by platform.