As the volume and complexity of cyber threats continue to increase, security analysts face mounting pressure to protect their organizations from attack with maximum efficiency. Elastic Security 8.8 introduces features designed to help analysts digest, prioritize, and quickly respond to security incidents. These features include the following:
- The improved alert triage experience, with customizable controls and multi-field grouping, allows security analysts to sort and organize their alerts to ensure they are able to quickly address the most critical issues.
- The new Execute command feature empowers analysts to flexibly diagnose and remediate security issues on hosts remotely and efficiently, without having to physically access the devices.
- Quickly identify and resolve data quality issues with the new Data Quality dashboard, ensuring that data is accurate, complete, and up-to-date.
- Releasing in beta in 8.8, we have Cloud Native Vulnerability Management where quick visibility to cloud vulnerabilities can be identified and corrected, as well as Container Workload Protection (CWP) to provide application and data safety for containerized environments.
Elastic Security 8.8 is available on Elastic Cloud — the only hosted Elasticsearch offering to include all of the new features in this latest release. You can also download the Elastic Stack and our cloud orchestration products, Elastic Cloud Enterprise and Elastic Cloud for Kubernetes, for a self-managed experience.
What else is new in Elastic 8.8? Check out the 8.8 announcement post to learn more.
Streamline alert triage
After introducing alert grouping in 8.7, Elastic Security continues to improve the alert triage experience by adding customizable controls to enable enhanced filtering as well as multi-field grouping to further organize alerts.
Security analysts face alert fatigue due to the high volume of alerts faced each day. Grouping and prioritizing information is critical to lessen the burden of frequent alerts. By adding multi-field grouping to the 8.7 alert grouping feature, users can further group information into manageable buckets of information. Additionally, the alert page controls allow for quick filtering for priority information. Whether using the default controls, customizing your own, or following prebuilt controls from dashboards, users can quickly narrow their vision to the most important alerts.
Leave a Reply