ContatoLogin
Experimente grátis

Topics

Detection Science

avatar

Into The Weeds: How We Run Detonate

Por
Jessica David
Sergey Polzunov

Click, Click… Boom! Automating Protections Testing with Detonate

To automate this process and test our protections at scale, we built Detonate, a system that is used by security research engineers to measure the efficacy of our Elastic Security solution in an automated fashion.

Por
Jessica David
Hez Carty
...

Exploring the Future of Security with ChatGPT

Recently, OpenAI announced APIs for engineers to integrate ChatGPT and Whisper models into their apps and products. For some time, engineers could use the REST API calls for older models and otherwise use the ChatGPT interface through their website.

Por
Mika Ayenson

Hunting for Suspicious Windows Libraries for Execution and Defense Evasion

Learn more about discovering threats by hunting through DLL load events, one way to reveal the presence of known and unknown malware in noisy process event data.

Por
Samir Bousseaden

More on Detection Science

Videos

Stopping Vulnerable Driver Attacks

This post includes a primer on kernel mode attacks, along with Elastic’s recommendations for securing users from kernel attacks leveraging vulnerable drivers.

Por
Joe Desimone
Videos

The Elastic Container Project for Security Research

The Elastic Container Project provides a single shell script that will allow you to stand up and manage an entire Elastic Stack using Docker. This open source project enables rapid deployment for testing use cases.

Por
Andrew Pease
Colson Wilhoit
...
Videos

Automating the Security Protections rapid response to malware

See how we’ve been improving the processes that allow us to make updates quickly in response to new information and propagate those protections to our users, with the help of machine learning models.

Por
Samantha Zeitlin
Videos

Detect domain generation algorithm (DGA) activity with new Kibana integration

We have added a DGA detection package to the Integrations app in Kibana. In a single click, you can install and start using the DGA model and associated assets, including ingest pipeline configurations, anomaly detection jobs, and detection rules.

Por
Melissa Alvarez
Videos

Detecting Living-off-the-land attacks with new Elastic Integration

We added a Living off the land (LotL) detection package to the Integrations app in Kibana. In a single click, you can install and start using the ProblemChild model and associated assets including anomaly detection configurations and detection rules.

Por
Melissa Alvarez
Videos

Detect Credential Access with Elastic Security

Elastic Endpoint Security provides events that enable defenders with visibility on techniques and procedures which are commonly leveraged to access sensitive files and registry objects.

Por
Samir Bousseaden
Videos

Exploring Windows UAC Bypasses: Techniques and Detection Strategies

In this research article, we will take a look at a collection of UAC bypasses, investigate some of the key primitives they depend on, and explore detection opportunities.

Por
Samir Bousseaden
Videos

Identifying beaconing malware using Elastic

In this blog, we walk users through identifying beaconing malware in their environment using our beaconing identification framework.

Por
Apoorva Joshi
Thomas Veasey
...
Videos

Ingesting threat data with the Threat Intel Filebeat module

Tutorial that walks through setting up Filebeat to push threat intelligence feeds into your Elastic Stack.

Por
Andrew Pease
Marius Iversen
Ver mais postagens