Implementation packages

We will guide you through the development and implementation of Elastic.

Elastic Endgame Implementation

Consultative and deployment services focused on your Elastic Endgame solution, including installation, protection policy design, sensor deployment, integration assistance (SSO, SIEM, LDAP), MITRE ATT&CK™ mapping, and knowledge transfer. Best practices for deploying endpoint security products usually require multiple soak periods, therefore we highly recommend remote delivery to maximize efficiency.

Duration

4 consulting days

Customer profile

Can be applied to the Elastic Security solution using the Elastic Stack or Elastic Cloud with Elastic Endgame

Common tasks

  • Setup
    • Installation
    • SAML SSO integration
    • LDAP/Active Directory integration
    • Elastic Stack integration
    • SIEM integration
  • Sensor deployment
    • Deployment best practice guidance to avoid operational impact
    • Protection policy design tailored to applications in your environment
    • Assistance deploying sensors using your existing deployment tools
    • Alert triage and whitelisting guidance
    • Assistance with custom detections
  • Knowledge transfer/engagement report

Security Implementation

Consultative and deployment services for Elastic Security. Includes design recommendations, data ingest and monitoring, patterns and the Elastic Common Schema ("ECS"), MITRE ATT&CK™ mapping, alerts, and visualizations for identifying security risks and cyber threat monitoring. May include all Elastic Stack or Elastic Cloud components including Elastic Security, machine learning, Beats, Logstash, and Elastic Endgame, and may also include data mapping from third-party security, network, and cloud products and services.

Duration

8 consulting days

Common tasks

  • Discovery and understanding of security objectives and requirements
  • Review of existing security monitoring, infrastructure, and tools
  • Recommendations on security strategy and implementation
  • Guidance on security techniques with the Elastic Stack or Elastic Cloud
  • Implementation assistance with data feeds, threat feeds, enrichment, and visualization

Development

Consultative and advisory services for your development project. This can include development areas such as client support using Elasticsearch APIs and Query DSL, Elastic Stack plugins, Logstash plugins, Beats, Elastic Enterprise Search, or Elasticsearch client libraries.

Duration

8 consulting days

Customer profile

  • Can be applied to any solution: Enterprise Search, Observability, Security, or other use cases on the Elastic Stack or Elastic Cloud
  • Applicable to new or existing Elastic Stack or Elastic Cloud environments where the customer requires general best practices and guidance

Common tasks

  • Discovery and understanding of business objectives and development needs
  • Review of requirements: functionality, results, development language and dependencies, testing, integration
  • Recommendations on development methods and implementation
  • Assistance with development APIs and coding, if time remaining within the engagement

Flex Services

Flex Services let you focus on the tasks within a package that are most important to you. Note that no custom deliverables are allowed with Flex consulting.

Duration

Flex Services require a minimum of 4 consulting days


Custom Services

Not seeing the package that's right for you? Tailored Elasticsearch and Elastic Stack solutions are available upon request. This option requires a custom scope of work to be evaluated for your use case.

Duration

Custom Services require a minimum of 20 consulting days


Contact Elastic Consulting

Contact us with your questions about our services or to initiate an engagement with Elastic Consulting.