Elastic Common Schema for Cyber Threat Hunting

The Elastic Common Schema (ECS) defines a common set of fields and field naming guidelines to enable cross-source analysis of diverse data for more effective threat hunting. See how ECS works and get real-world examples of using Elastic Common Schema to hunt threats in real time. This talk was delivered at ElasticGov Summit in April 2019.

Download presentation slides.

Mike Paquette

Director of Product, Security Market