Countering Threats with the Elastic Stack at CERDEC/ARL

The CERDEC/ARL CSSP (Cyber Security Service Provider) performs network and system monitoring for DoD entities. We leverage the Elastic Stack to efficiently navigate our data and gain critical insights into activities and trends among the networks we cover. The open nature of the APIs in the Elastic Stack gives us easy access to our data so that we can perform analysis and enable research into new methods of protecting our nation's defenses. The intuitive and extendable interfaces allow our analysts to visualize and share data supporting better collaboration and investigative capabilities.