Implementation packages
We will guide you through the development and implementation of Elastic.
Consultative and deployment services focused on your Elastic Endgame solution, including installation, protection policy design, sensor deployment, integration assistance (SSO, SIEM, LDAP), MITRE ATT&CK™ mapping, and knowledge transfer. Best practices for deploying endpoint security products usually require multiple soak periods, therefore we highly recommend remote delivery to maximize efficiency.
- Setup
- Installation
- SAML SSO integration
- LDAP/Active Directory integration
- Elastic Stack integration
- SIEM integration
- Sensor deployment
- Deployment best practice guidance to avoid operational impact
- Protection policy design tailored to applications in your environment
- Assistance deploying sensors using your existing deployment tools
- Alert triage and whitelisting guidance
- Assistance with custom detections
- Knowledge transfer/engagement report
- ½ consulting day for project kickoff and discovery sessions
- ½ consulting day for initial installation and configuration
- 2 hours of customer application review and baseline policy design
- 2½ consulting days application review, baseline policy design, alert triage, and whitelisting, and knowledge transfer
- ½ consulting day for document preparation
Note: Consulting days within the engagement may be allocated to allow consulting services within this scope according to customer need.
Consultative and deployment services for Elastic Security. Includes design recommendations, data ingest and monitoring, patterns and the Elastic Common Schema ("ECS"), MITRE ATT&CK™ mapping, alerts, and visualizations for identifying security risks and cyber threat monitoring. May include all Elastic Stack or Elastic Cloud components including Elastic Security, machine learning, Beats, Logstash, and Elastic Endgame, and may also include data mapping from third-party security, network, and cloud products and services.
- Discovery and understanding of security objectives and requirements
- Review of existing security monitoring, infrastructure, and tools
- Recommendations on security strategy and implementation
- Guidance on security techniques with the Elastic Stack or Elastic Cloud
- Implementation assistance with data feeds, threat feeds, enrichment, and visualization
Consultative and advisory services for your development project. This can include development areas such as client support using Elasticsearch APIs and Query DSL, Elastic Stack plugins, Logstash plugins, Beats, Elastic Enterprise Search, or Elasticsearch client libraries.
- Discovery and understanding of business objectives and development needs
- Review of requirements: functionality, results, development language and dependencies, testing, integration
- Recommendations on development methods and implementation
- Assistance with development APIs and coding, if time remaining within the engagement
- 2 consulting days for project kickoff and discovery sessions with customer
- 5 consulting days for detailed assistance on API use or coding recommendations with the customer development team
- 1 consulting day for document preparation
Note: Consulting days within the engagement may be allocated to allow consulting services within this scope according to customer need.
Flex Services let you focus on the tasks within a package that are most important to you. Note that no custom deliverables are allowed with Flex consulting.
Not seeing the package that's right for you? Tailored Elasticsearch and Elastic Stack solutions are available upon request. This option requires a custom scope of work to be evaluated for your use case.
Contact us with your questions about our services or to initiate an engagement with Elastic Consulting.