Implementation packages
We will guide you through the development and implementation of Elastic.
Elastic Endgame Implementation
Consultative and deployment services focused on your Elastic Endgame solution, including installation, protection policy design, sensor deployment, integration assistance (SSO, SIEM, LDAP), MITRE ATT&CK™ mapping, and knowledge transfer. Best practices for deploying endpoint security products usually require multiple soak periods, therefore we highly recommend remote delivery to maximize efficiency.
Duration
4 consulting days
Customer profile
Can be applied to the Elastic Security solution using the Elastic Stack or Elastic Cloud with Elastic Endgame
Common tasks
- Setup
- Installation
- SAML SSO integration
- LDAP/Active Directory integration
- Elastic Stack integration
- SIEM integration
- Sensor deployment
- Deployment best practice guidance to avoid operational impact
- Protection policy design tailored to applications in your environment
- Assistance deploying sensors using your existing deployment tools
- Alert triage and whitelisting guidance
- Assistance with custom detections
- Knowledge transfer/engagement report
Recommended time allocation
- ½ consulting day for project kickoff and discovery sessions
- ½ consulting day for initial installation and configuration
- 2 hours of customer application review and baseline policy design
- 2½ consulting days application review, baseline policy design, alert triage, and whitelisting, and knowledge transfer
- ½ consulting day for document preparation
Note: Consulting days within the engagement may be allocated to allow consulting services within this scope according to customer need.
Security Implementation
Consultative and deployment services for Elastic Security. Includes design recommendations, data ingest and monitoring, patterns and the Elastic Common Schema ("ECS"), MITRE ATT&CK™ mapping, alerts, and visualizations for identifying security risks and cyber threat monitoring. May include all Elastic Stack or Elastic Cloud components including Elastic Security, machine learning, Beats, Logstash, and Elastic Endgame, and may also include data mapping from third-party security, network, and cloud products and services.
Duration
8 consulting days
Common tasks
- Discovery and understanding of security objectives and requirements
- Review of existing security monitoring, infrastructure, and tools
- Recommendations on security strategy and implementation
- Guidance on security techniques with the Elastic Stack or Elastic Cloud
- Implementation assistance with data feeds, threat feeds, enrichment, and visualization
Recommended time allocation
- 1 consulting day for discovery and sessions with customer and Elastic
- 1 consulting day for security implementation planning and prioritization
- 5 consulting days for implementation services
- 1 consulting day for document preparation
Development
Consultative and advisory services for your development project. This can include development areas such as client support using Elasticsearch APIs and Query DSL, Elastic Stack plugins, Logstash plugins, Beats, Elastic Enterprise Search, or Elasticsearch client libraries.
Duration
8 consulting days
Customer profile
- Can be applied to any solution: Enterprise Search, Observability, Security, or other use cases on the Elastic Stack or Elastic Cloud
- Applicable to new or existing Elastic Stack or Elastic Cloud environments where the customer requires general best practices and guidance
Common tasks
- Discovery and understanding of business objectives and development needs
- Review of requirements: functionality, results, development language and dependencies, testing, integration
- Recommendations on development methods and implementation
- Assistance with development APIs and coding, if time remaining within the engagement
Recommended time allocation
- 2 consulting days for project kickoff and discovery sessions with customer
- 5 consulting days for detailed assistance on API use or coding recommendations with the customer development team
- 1 consulting day for document preparation
Note: Consulting days within the engagement may be allocated to allow consulting services within this scope according to customer need.
Flex Services
Flex Services let you focus on the tasks within a package that are most important to you. Note that no custom deliverables are allowed with Flex consulting.
Duration
Flex Services require a minimum of 4 consulting days
Custom Services
Not seeing the package that's right for you? Tailored Elasticsearch and Elastic Stack solutions are available upon request. This option requires a custom scope of work to be evaluated for your use case.
Duration
Custom Services require a minimum of 20 consulting days
Contact Elastic Consulting
Contact us with your questions about our services or to initiate an engagement with Elastic Consulting.