AUTHOR

Articles by Paul Ewing

Videos

Elastic Protects Against Ransomware and Linux Threats in MITRE Engenuity Round 4 Eval

Elastic protects against ransomware and Linux threats in MITRE Engenuity Round 4 Eval — the solution thrived due to its new advanced ransomware protection, memory threat protection, and malicious behavior detection.

Videos

MITRE Engenuity ATT&CK® Round 3: Carbanak + FIN7 vs. the free and open capabilities in Elastic Security

Check out the evolution of Elastic Security, free and open, and evaluated by MITRE.

Videos

Easily visualizing MITRE ATT&CK® round 2 evaluation results in Kibana

MITRE ATT&CK® round 2 evaluations have been released. Make sense of how each security vendor performed with these easy Kibana dashboards.

Videos

EQL’s highway to shell

We’re excited to announce the new release of more EQL analytics and tooling, including an interactive shell, to make EQL even more usable and powerful.

Videos

Getting started with EQL

EQL is a language to express relationships between events and has the power to normalize your data regardless of data source and not constrained by platform.

Videos

EQL for the masses

Event Query Language is an extensible, powerful language built in-house at Endgame to express relationships between security-relevant events.

Videos

How to hunt: The masquerade ball

Today, we see digital masquerading used by the most sophisticated as well as less skilled adversaries to hide in the noise while conducting operations.

Videos

How to hunt: Detecting persistence and evasion with the COM

After adversaries breach a system, they usually consider how they will maintain uninterrupted access through events such as system restarts.