Webinar sob demanda

Enhancing security analyst workflow with the Elastic SIEM detection engine and unsupervised anomaly detection

Apresentado por

Headshot
James Spiteri

Product Marketing Director, Elastic Security

Elastic

Headshot
Haran Kumar

Senior Security Specialist

Elastic

Visão geral

With the release of the Elastic Stack 7.6, we saw the addition of a new detection engine to Elastic SIEM. The detection engine creates “signals” — based on built-in or user-created rules — to bring greater threat detection efficiency and effectiveness through automation. Users can create their own custom rules to automatically detect potentially malicious activity in their environment.

In addition to the detection engine, the SIEM app is also integrated with Elastic’s anomaly detection engine, which uses machine learning techniques to spot anomalies in Elasticsearch indices.

In this webinar, we’ll cover how you can combine both detection techniques to bolster your security operations workflow and detection strategy.

Highlights:

  • Get an overview of the detection engine and its pre-packaged rules
  • Learn how to easily create a new rule of your own
  • Discover how to create anomaly detection jobs in the Elastic Stack and combine them with the detection engine

Additional Resources:

Registre-se para assistir

Mais, enviaremos conteúdo relevante para você.