Elastic Security: Detect and respond to threats with SIEM
Introduction to Elastic Security
Learn how Elastic Security helps you protect your organization by unifying SIEM, container, and cloud security.
Get your hands on Elastic Security
Experience Elastic Security for yourself with this interactive demo.
Onboard your data
Create an Elastic Cloud account
Get started with a 14-day trial. Create an account on cloud.elastic.co and then follow this video to deploy Elastic.
Once your deployment is ready, select Detect threats in my data with SIEM and then Start.
If this is your first time using Elastic Security, you’ll be prompted to install Elastic Defend, which will enable you to protect your endpoints, as well as gather data with hundreds of Elastic Agent integrations.
Upon selecting Add Elastic Defend, you’ll be prompted to install Elastic Agent on a host.
Simply follow the instructions to install Elastic Agent, add the integrations, and start sending security data into Elastic.
Working with Elastic Security
Analyze your data
Let’s start exploring what’s happening in your environment. See a holistic overview of security-relevant data, quickly investigate events, and more. The documentation below shows you how to explore your environment using interactive dashboards and analytics tools.
Investigate and hunt
Elastic is the platform of choice for threat hunting and incident investigation. Let’s put it to the test with your data. Use the following resources to perform your own investigations — from initial triage to closing a case.
Congrats on beginning your Elastic Security journey. As you get started, be sure to review key operational, security, and data considerations for your deployment to make sure you get the most out of Elastic.