In this blog, we will walk through backing up our committed cluster data via Elasticsearch’s snapshots into an AWS S3 bucket. In Elastic Cloud (Enterprise), Elastic provides a built-in backup service under its found-snapshots repository. Elasticsearch also supports custom repositories for both Cloud and on-prem setups, connecting to data stores like AWS S3, GCP, and Azure for … [Read more...] about Connect a custom AWS S3 snapshot repository to Elastic Cloud
Custom
Build Custom Apps to Solve Tough Security Challenges
Security teams can easily build custom applications with a unified homepage experience, intuitive visual builder and access to modern low-code and no-code tools. This builder guides them through the building blocks necessary to develop an application before it is released and installed. A new learn page allows app developers to easily access guided documentation and … [Read more...] about Build Custom Apps to Solve Tough Security Challenges
CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. "CosmicBeetle replaced its previously deployed ransomware, Scarab, with ScRansom, which is continually improved," ESET … [Read more...] about CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub
Operationalizing our custom “SOC in a Box” at the RSA Conference 2024
Ever had to stand up a Security Operations Center (SOC) in two days? This is the monumental challenge faced by Cisco engineers at various events and conferences around the globe throughout the year. You may ask, “How is it possible to deploy a full-fledged SOC with just two days of preparation?” The key to being able to make the nearly impossible happen is our custom “SOC in a … [Read more...] about Operationalizing our custom “SOC in a Box” at the RSA Conference 2024
Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign
May 15, 2023Ravie LakshmananCyber Threat / Malware Government, aviation, education, and telecom sectors located in South and Southeast Asia have come under the radar of a new hacking group as part of a highly-targeted campaign that commenced in mid-2022 and continued into the first quarter of 2023. Symantec, by Broadcom Software, is tracking the activity under its … [Read more...] about Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign
Introduction to custom machine learning models and maps
Introduction to custom machine learning models and mapsHow to use text-based datasets to build beautiful dashboards leveraging mapsEnglish简体中文한국어日本語FrançaisDeutschEspañolPortuguêsIn Elasticsearch 8.0, we introduced the ability to run custom machine learning models, such as the ones based on BERT (Bidirectional Encoder Representations from Transformers), to perform natural … [Read more...] about Introduction to custom machine learning models and maps
How Falcon OverWatch Detected SILENT CHOLLIMA’s Custom Tooling
CrowdStrike Falcon OverWatch™ recently released its annual threat hunting report, detailing the interactive intrusion activity observed by hunters over the course of the past year. The tactics, techniques and procedures (TTPs) an adversary uses serve as key indicators to threat hunters of who might be behind an intrusion. OverWatch threat hunters uncovered an intrusion against … [Read more...] about How Falcon OverWatch Detected SILENT CHOLLIMA’s Custom Tooling
Building a Custom SecureX Orchestration Workflow for Umbrella
Improving efficiency for the Cisco team in the Black Hat USA NOC As a proud partner of the Black Hat USA NOC, Cisco deployed multiple technologies along with the other Black Hat NOC partners to build a stable and secure network for the conference. We used Cisco Secure Malware Analytics to analyze files and monitor any potential PII leaks. We also used Meraki SM to manage over … [Read more...] about Building a Custom SecureX Orchestration Workflow for Umbrella
Crafting a Custom Dictionary for Your Password Policy
Modern password policies are comprised of many different elements that contribute to its effectiveness. One of the components of an effective current password policy makes use of what is known as a custom dictionary that filters out certain words that are not allowed as passwords in the environment. Using custom dictionaries, organizations can significantly improve their … [Read more...] about Crafting a Custom Dictionary for Your Password Policy
Reducing the Attack Surface with Custom Indicators of Attack
Introduction As many organizations around the globe are settling into longer-term remote working situations for their employees, IT Hygiene should be at the forefront of preventative security protocol. Adversaries are getting increasingly savvy, taking advantage of changes in work environments. Since IT hygiene requires even more oversight than before, how can security teams … [Read more...] about Reducing the Attack Surface with Custom Indicators of Attack