Security
Creating detection rules
Security 101: Lesson 3 of 4 — Within this 15-minute hands-on learning for Elastic Security, you’ll discover how to create alerts, as well as how to annotate all of the steps to maximize alert fidelity and align to the MITRE ATT&CK framework.
Try Elastic Security free for 14 days to go deeper and test these capabilities.
Explore similar demos
Security
Analyst workflow
Security 101: Lesson 1 of 4 — With security information and event management (SIEM) from Elastic Security, you can centralize log data, correlate events, and use advanced analytics for real-time threat detection. Explore this 15-minute lab to get an overview of how to investigate alerts, administer your investigations, and track cases.
Security
Ad-hoc investigation with ES|QL
Security 101: Lesson 2 of 4 — Try this 15-minute Elastic Security hands-on learning to understand the basics of ES|QL to enhance your experience. You’ll explore several approaches you can use within an investigation to expedite the adoption of this query language.
Security
Attack Discovery and AI Assistant
Security 101: Lesson 4 of 4 — See how Attack Discovery allows you to summarize many alerts, understand the current state of your attack surface, and create cases to easily keep track as you and your team triage threats across your environment. In addition, you’ll explore how to use the AI Assistant to resolve threats quickly, all within this 15-minute hands-on learning.