Articles by Ross Wolf

Senior Security Research Engineer, Elastic


Elastic Security opens public detection rules repo

Elastic Security has opened its detection rules repository to the world. We will develop rules in the open alongside the community, and we’re welcoming your community-driven detections. This is an opportunity to share collective security knowledge.


EQL’s highway to shell

We’re excited to announce the new release of more EQL analytics and tooling, including an interactive shell, to make EQL even more usable and powerful.


Introducing Event Query Language


Getting started with EQL

EQL is a language to express relationships between events and has the power to normalize your data regardless of data source and not constrained by platform.


EQL for the masses

Event Query Language is an extensible, powerful language built in-house at Endgame to express relationships between security-relevant events.