AUTHOR

Articles By Elastic Security Intelligence & Analytics Team

Videos

从一端到另一端 - 使用 Deimos 植入程序攀登金字塔

Deimos 植入程序于 2020 年首次被报告,并且一直在积极开发中;该恶意软件采用先进的分析对策来阻止分析。这篇博文通过恶意软件指标详细介绍了攻击活动的 TTP。

Videos

使用 Dorothy 和 Elastic 安全测试您的 Okta 可见性和检测能力

Dorothy 是一款工具,安全团队可用它来测试他们在 Okta 环境中的可见性和检测能力。IAM 解决方案经常成为敌手的攻击目标,尽管如此,它们在监测方面却十分欠缺。请阅读本博文,了解如何开始使用 Dorothy。

Videos

Security operations: Cloud monitoring and detection with Elastic Security

As companies migrate to cloud, so too do opportunist adversaries. That's why our Elastic Security team members have created free detection rules for protecting users' cloud platforms like AWS and Okta. Learn more in this blog post.

Videos

Threat hunting capture the flag with Elastic Security: BSides 2020

In our last Elastic Security capture the flag event, participants hunted for suspicious behavior after a mock network compromise. See how contenders fared in this blog post.

Videos

Elastic 安全开放公共检测规则存储库

Elastic 安全现已向全球开放其检测规则存储库。我们将与社区共同开发开放规则,并欢迎您晒出自己的社区驱动型检测。这是一次相互分享安全知识的机会。

Videos

Elastic Security opens public detection rules repo

Elastic Security has opened its detection rules repository to the world. We will develop rules in the open alongside the community, and we’re welcoming your community-driven detections. This is an opportunity to share collective security knowledge.

Videos

A close look at the advanced techniques used in a Malaysian-focused APT campaign

Our Elastic Security research team has focused on advanced techniques used in a Malaysian-focused APT campaign. Learn who’s behind it, how the attack works, observed MITRE attack® techniques, and indicators of compromise.

Videos

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 2)

Learn how Elastic Endpoint Security and Elastic SIEM can be used to hunt for and detect malicious persistence techniques at scale.

Videos

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 1)

Learn how Elastic Endpoint Security and Elastic SIEM can be used to hunt for and detect malicious persistence techniques at scale.