Attend ElasticON Comes to You in person or virtually to illuminate your search possibilities.
Find an event near you
Deploy everything Elastic has to offer across any cloud, in minutes.
Search and discovery experiences
Unified logs, metrics, and traces
SIEM, endpoint, cloud, and XDR
Deploy and scale in any cloud
Elasticsearch, Kibana, and integrations
Streamlined data integrations
Expert tips when upgrading
Read latest product guides
Join us in a city near you
Join a global, distributed team
Connecting people with content that matters
Building better applications efficiently and at scale
Limitless visibility, analytics, and response capabilities
Uncover top investment areas, common challenges, and emerging security strategies
Search applications of all kinds
Logs, metrics, APM, and more
Customer guidance and resources
Have questions? Get in touch
Secured billions in assets
Increased customer trust
View all case studies
Tech topics, innovation, news
Skill building and certification
ElasticON, meetups, virtual events
Groups, forums, code
View all resources
Our story and leadership
Peruse our opportunities
Find or become a partner
Results, filings, resources
See remarkable work
Already have an account?
Elastic Security Intelligence & Analytics Team
Share on Twitter
Share on LinkedIn
Share on Facebook
Share on Reddit
Share by email
We cover all the latest in security in our community, which is fully crowd sourced by folks like you!
See all top stories
This is the first in a series focused on the Time Travel Debugging (TTD) technology developed by Microsoft that was explored in detail during a recent independent research period.
This post includes a primer on kernel mode attacks, along with Elastic’s recommendations for securing users from kernel attacks leveraging vulnerable drivers.
Tools like the EQLPlaygound, RTAs, and detection-rules CLI are great resources for getting started with EQL, threat hunting, and detection engineering respectively.