Elastic Security has opened its detection rules repository to the world. We will develop rules in the open alongside the community, and we’re welcoming your community-driven detections. This is an opportunity to share collective security knowledge.

Event Query Language is an extensible, powerful language built in-house at Endgame to express relationships between security-relevant events.