Elastic Security: Detect and respond to threats with SIEM

Overview

Introduction to Elastic Security

Learn how Elastic Security helps you protect your organization by unifying SIEM, container, and cloud security.

Get your hands on Elastic Security

Experience Elastic Security for yourself with this interactive demo.


Onboard your data

Create an Elastic Cloud account

Get started with a 14-day trial. Create an account on cloud.elastic.co and then follow this video to deploy Elastic.

Once your deployment is ready, select Detect threats in my data with SIEM and then Start.

Screenshot of Elastic Security and options for next steps

Screenshot of Elastic Security and option to detect threats in data with SIEM

If this is your first time using Elastic Security, you’ll be prompted to install Elastic Defend, which will enable you to protect your endpoints, as well as gather data with hundreds of Elastic Agent integrations.

Screenshot of Elastic Security and integrations

Screenshot of Elastic Security and Elastic Defend

Upon selecting Add Elastic Defend, you’ll be prompted to install Elastic Agent on a host.

Screenshot of Elastic Security and prompt to install Elastic Agent

Simply follow the instructions to install Elastic Agent, add the integrations, and start sending security data into Elastic.


Working with Elastic Security

Analyze your data

Let’s start exploring what’s happening in your environment. See a holistic overview of security-relevant data, quickly investigate events, and more. The documentation below shows you how to explore your environment using interactive dashboards and analytics tools.

Automate prevention and detection

Next, activate out-of-the-box detection rules by following the webinar below.

Go further with prebuilt machine learning jobs to uncover unknown threats.
Plus, to protect your hosts, implement automated ransomware and malware prevention with Elastic Defend.

Investigate and hunt

Elastic is the platform of choice for threat hunting and incident investigation. Let’s put it to the test with your data. Use the following resources to perform your own investigations — from initial triage to closing a case.


Next steps

Congrats on beginning your Elastic Security journey. As you get started, be sure to review key operational, security, and data considerations for your deployment to make sure you get the most out of Elastic.