Shield: Security in ELK

While it has always been possible to secure Elasticsearch clusters by deploying them within well-secured environments, we continuously received requests from customers and users to have a more integrated solution. In response, we created Shield, our first security plugin for Elasticsearch, which went GA in late January.

In this talk, we'll deep dive into this first release Shield. We went to great lengths preparing Elasticsearch itself for security, not just on its extensibility side, but also carefully rethinking how the data flows in it. We've built a foundation that not only delivers immediate tangible value when it comes to securing Elasticsearch clusters, but also enables us to extend its functionality incrementally and rapidly over time.

Among other topics, we'll cover:

  • *Authentication
  • *Authorization
  • *Encrypted Communication & Node Authentication
  • *IP Filtering
  • *Audit Trails

Attendees will leave this talk with a solid understanding of Shield's functionality, architecture and why it's the best possible tool to secure Elasticsearch and your ELK cluster.

Uri Boness

Founder and Engineer

Elastic