Elastic

Elastic Refutes Claims of Zero-Day in EDR Product

Elastic Refutes Claims of Zero-Day in EDR Product 2025-08-20 at 17:08 By Ionut Arghire Elastic has found no evidence of a vulnerability leading to RCE after details and PoC of a Defend EDR bypass were published online. The post Elastic Refutes Claims of Zero-Day in EDR Product appeared first on SecurityWeek. This article is an […]

React to this headline:

Loading spinner

Elastic Refutes Claims of Zero-Day in EDR Product Read More »

New infosec products of the week: August 8, 2025

New infosec products of the week: August 8, 2025 2025-08-08 at 07:02 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from Black Kite, Descope, Elastic, ExtraHop, LastPass, and Riverbed. Elastic AI SOC Engine helps SOC teams expose hidden threats Elastic AI SOC Engine (EASE) is a

React to this headline:

Loading spinner

New infosec products of the week: August 8, 2025 Read More »

Photos: Black Hat USA 2025

Photos: Black Hat USA 2025 2025-08-07 at 11:38 By Help Net Security Here’s a look inside Black Hat USA 2025. The featured vendors are: Stellar Cyber, Vonahi Security, Gurucul, Check Point, HackerOne, EasyDMARC, Elastic, Google, Tines, Veracode, VioletX, Pentera, Keep Aware, Oleria, SpyCloud, Trend Micro and Picus Security. The post Photos: Black Hat USA 2025

React to this headline:

Loading spinner

Photos: Black Hat USA 2025 Read More »

Elastic AI SOC Engine helps SOC teams expose hidden threats

Elastic AI SOC Engine helps SOC teams expose hidden threats 2025-08-07 at 09:15 By Industry News Elastic AI SOC Engine (EASE) is a new serverless, easy-to-deploy security package that brings AI-driven context-aware detection and triage into existing SIEM and EDR tools, without the need for an immediate migration or replacement. EASE delivers agentless integrations, AI-driven

React to this headline:

Loading spinner

Elastic AI SOC Engine helps SOC teams expose hidden threats Read More »

Elastic expands partnership with Tines to scale security operations

Elastic expands partnership with Tines to scale security operations 2025-03-19 at 15:27 By Industry News Elastic announced an expanded partnership with an integrated offering that includes Tines Workflow Automation and the Elastic Search AI Platform to simplify security and observability workflow automation. The partnership equips security teams with security orchestration, automation and response (SOAR) and

React to this headline:

Loading spinner

Elastic expands partnership with Tines to scale security operations Read More »

Cybercriminals tighten their grip on organizations

Cybercriminals tighten their grip on organizations 2024-12-30 at 06:06 By Help Net Security Cybercriminals are using a variety of new methods to target organizations across industries. In this article, we examine the most pressing trends and findings from the 2024 surveys on the growing threat of cybercrime. Social engineering scams sweep through financial institutions North

React to this headline:

Loading spinner

Cybercriminals tighten their grip on organizations Read More »

Elastic expands cloud detection and response capabilities from a single SIEM

Elastic expands cloud detection and response capabilities from a single SIEM 2024-12-04 at 10:54 By Industry News Elastic announced Elastic Security now offers expanded cloud detection and response (CDR) capabilities from a single SIEM to reduce tool fragmentation and streamline cloud security. The additional features include agentless ingestion, cloud asset inventory, extended protections, and graph

React to this headline:

Loading spinner

Elastic expands cloud detection and response capabilities from a single SIEM Read More »

Adversarial groups adapt to exploit systems in new ways

Adversarial groups adapt to exploit systems in new ways 2024-10-28 at 06:36 By Help Net Security In this Help Net Security video, Jake King, Head of Threat & Security Intelligence at Elastic, discusses the key findings from the 2024 Elastic Global Threat Report. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt Strike

React to this headline:

Loading spinner

Adversarial groups adapt to exploit systems in new ways Read More »

Cybercriminals capitalize on poorly configured cloud environments

Cybercriminals capitalize on poorly configured cloud environments 2024-10-04 at 06:31 By Help Net Security Off-the-shelf offensive security tools and poorly configured cloud environments create openings in the attack surface, according to Elastic. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt Strike and Metasploit, made up ~54% of observed malware alerts. The most

React to this headline:

Loading spinner

Cybercriminals capitalize on poorly configured cloud environments Read More »

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes 2024-09-10 at 22:46 By Zeljka Zorz September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect

React to this headline:

Loading spinner

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes Read More »

Infosec products of the month: August 2024

Infosec products of the month: August 2024 2024-09-02 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortanix, Fortinet, Guardio, HYCU, Ivanti, McAfee, Nucleus Security, Own,

React to this headline:

Loading spinner

Infosec products of the month: August 2024 Read More »

New infosec products of the week: August 9, 2024

New infosec products of the week: August 9, 2024 2024-08-09 at 06:01 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from: Rapid7, AppOmni, Contrast Security, Elastic, Cequence Security, Veza, ArmorCode, and EndorLabs. Rapid7 releases Command Platform, unified attack defense and response Rapid7 launched its Command Platform,

React to this headline:

Loading spinner

New infosec products of the week: August 9, 2024 Read More »

Elastic automates SIEM data onboarding with Automatic Import

Elastic automates SIEM data onboarding with Automatic Import 2024-08-07 at 11:46 By Industry News Elastic is accelerating the adoption of AI-driven security analytics by automating SIEM data onboarding with Automatic Import. This new feature — the only one of its kind for a security analytics or SIEM solution — automates the development of custom data

React to this headline:

Loading spinner

Elastic automates SIEM data onboarding with Automatic Import Read More »

Researchers unearth MotW bypass technique used by threat actors for years

Researchers unearth MotW bypass technique used by threat actors for years 2024-08-06 at 14:31 By Zeljka Zorz Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick users into running them. “We identified multiple samples

React to this headline:

Loading spinner

Researchers unearth MotW bypass technique used by threat actors for years Read More »

How companies increase risk exposure with rushed LLM deployments

How companies increase risk exposure with rushed LLM deployments 2024-07-10 at 07:31 By Mirko Zorz In this Help Net Security interview, Jake King, Head of Threat & Security Intelligence at Elastic, discusses companies’ exposure to new security risks and vulnerabilities as they rush to deploy LLMs. King explains how LLMs pose significant risks to data

React to this headline:

Loading spinner

How companies increase risk exposure with rushed LLM deployments Read More »

Elastic’s Search AI to transform SOCs with AI-driven SIEM solutions

Elastic’s Search AI to transform SOCs with AI-driven SIEM solutions 2024-05-07 at 10:31 By Industry News Elastic has announced that Search AI will replace the traditional SIEM with an AI-driven security analytics solution for the modern SOC. Powered by the Search AI platform, Elastic Security is replacing largely manual processes for configuration, investigation and response

React to this headline:

Loading spinner

Elastic’s Search AI to transform SOCs with AI-driven SIEM solutions Read More »

XZ Utils backdoor: Detection tools, scripts, rules

XZ Utils backdoor: Detection tools, scripts, rules 2024-04-08 at 16:31 By Zeljka Zorz As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? The open-source XZ Utils compression utility has been backdoored by a skilled threat

React to this headline:

Loading spinner

XZ Utils backdoor: Detection tools, scripts, rules Read More »

The most prevalent malware behaviors and techniques

The most prevalent malware behaviors and techniques 2024-03-20 at 12:46 By Zeljka Zorz An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence. Malware tactics and techniques The analyzed malware samples were most often delivered

React to this headline:

Loading spinner

The most prevalent malware behaviors and techniques Read More »

Pikabot returns with new tricks up its sleeve

Pikabot returns with new tricks up its sleeve 2024-02-26 at 15:32 By Helga Labus After a short hiatus, Pikabot is back, with significant updates to its capabilities and components and a new delivery campaign. About the Pikabot loader Pikabot is a loader – a type of malware whose primary function is to serve as a

React to this headline:

Loading spinner

Pikabot returns with new tricks up its sleeve Read More »

15 open-source cybersecurity tools you’ll wish you’d known earlier

15 open-source cybersecurity tools you’ll wish you’d known earlier 2024-01-04 at 07:01 By Help Net Security Open-source tools represent a dynamic force in the technological landscape, embodying innovation, collaboration, and accessibility. These tools, developed with transparency and community-driven principles, empower users with the freedom to scrutinize, modify, and adapt solutions according to their unique needs.

React to this headline:

Loading spinner

15 open-source cybersecurity tools you’ll wish you’d known earlier Read More »

Scroll to Top