Elastic Agent: A quick overviewLet’s start with Elastic Agent and some of the additional terminology that comes with it.Elastic Agent provides a unified way to enable host monitoring of various data types such as logs, metrics, and other data. Additionally, it offers protection from security threats, operating system data querying, remote service or hardware data forwarding, … [Read more...] about Getting started with the Elastic Stack and Docker Compose: Part 2
Part
Elastic and Google Cloud collaborate on generative AI and security as a part of an expanded partnership
The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.In this blog post, we may have used or referred to third party generative AI tools, which are owned and operated by their respective owners. Elastic does not have any … [Read more...] about Elastic and Google Cloud collaborate on generative AI and security as a part of an expanded partnership
Adding free and open Elastic APM as part of your Elastic Observability deployment
In a recent post, we showed you how to get started with the free and open tier of Elastic Observability. Below, we'll walk through what you need to do to expand your deployment so you can start gathering metrics from application performance monitoring (APM) or "tracing" data in your observability cluster, for free.What is APM?Application performance monitoring lets you see … [Read more...] about Adding free and open Elastic APM as part of your Elastic Observability deployment
The Upcoming UK Telecoms Security Act Part Two: Changing Mindset from Stick to Carrot
In our last blog, we gave a rundown of what the Telecommunications (Security) Act (TSA) is, why it’s been introduced, who it affects, when it starts, and how firms can prepare. Here, we take a closer look into the themes introduced by the Act, explore how the telecoms industry can explore zero trust to further improve its security posture, and outline the benefits that can be … [Read more...] about The Upcoming UK Telecoms Security Act Part Two: Changing Mindset from Stick to Carrot
The Anatomy of Wiper Malware, Part 4: Helper Techniques
This is the fourth blog post in a four-part series. Read Part 1 | Part 2 | Part 3. In Part 3, CrowdStrike’s Endpoint Protection Content Research Team covered the finer points of Input/Output Control (IOCTL) usage by various wipers. The fourth and final part of the wiper series covers some of the rarely used “helper” techniques implemented by wipers, which achieve secondary … [Read more...] about The Anatomy of Wiper Malware, Part 4: Helper Techniques
Playing Hide-and-Seek with Ransomware, Part 2
In Part 1, we explained what Intel SGX enclaves are and how they benefit ransomware authors. In Part 2, we explore a hypothetical step-by-step implementation and outline the limitations of this method. Watch this live attack demo to see how the CrowdStrike Falcon® platform and the CrowdStrike Falcon Complete™ managed detection and response team protect against … [Read more...] about Playing Hide-and-Seek with Ransomware, Part 2
Tips and Tricks for the Small SOC: Part II
It’s Cybersecurity Awareness Month, and in that spirit, we’re offering a number of tips and tricks small security operations center (SOC) teams can use. I started my career working as part of a small SOC team, and working with other security experts here at Logz.io, we’re happy to offer these to small SOC teams who can often use all the help they can get!In the last post, we … [Read more...] about Tips and Tricks for the Small SOC: Part II
Tips and Tricks for the Small SOC: Part I
Every security operations center (SOC) team is different, and for smaller teams, even small challenges can seem big.I started my career in cybersecurity as part of a smaller team, and eventually grew into a SOC role. During that time, I gained a good deal of knowledge about the dos and don’ts of what a small SOC team needs to do in order to be successful.October is … [Read more...] about Tips and Tricks for the Small SOC: Part I
The Upcoming UK Telecoms (Security) Act Part One: What, Why, Who, When and How
In November 2020, the Telecommunications (Security) Bill was formally introduced to the UK’s House of Commons by the department for Digital, Culture, Media & Sport. Now, after several readings, debates, committee hearings, and periods of consultation, the Telecommunications (Security) Act is quickly becoming reality for providers of public telecoms networks and services in … [Read more...] about The Upcoming UK Telecoms (Security) Act Part One: What, Why, Who, When and How
Key Observability Scaling Requirements for Your Next Game Launch: Part III
So far in our series on scaling observability for game launches, we’ve discussed ways to 1) quickly analyze large volumes of telemetry data and, 2) ensure high-quality telemetry data for more effective analysis at lower costs.The best practices in these blogs outline best practices for scaling observability during game launch day – which is necessary to ensure high performance … [Read more...] about Key Observability Scaling Requirements for Your Next Game Launch: Part III