What is better: 99.999% uptime, continuous delivery, or a secure environment? Yeah, we had the same reaction: “Why do I need to pick one?” With Elastic, your operations and security teams can work together on a single platform, and help drive mean time to detect/resolve to zero for both operational and security issues. Hear how we are helping customers break down artificial silos between teams and use cases, and move towards a DevSecOps culture.
2. 2
This presentation and the accompanying oral presentation contain forward-looking statements, including statements
concerning plans for future offerings; the expected strength, performance or benefits of our offerings; and our future
operations and expected performance. These forward-looking statements are subject to the safe harbor provisions
under the Private Securities Litigation Reform Act of 1995. Our expectations and beliefs in light of currently
available information regarding these matters may not materialize. Actual outcomes and results may differ materially
from those contemplated by these forward-looking statements due to uncertainties, risks, and changes in
circumstances, including, but not limited to those related to: the impact of the COVID-19 pandemic on our business
and our customers and partners; our ability to continue to deliver and improve our offerings and successfully
develop new offerings, including security-related product offerings and SaaS offerings; customer acceptance and
purchase of our existing offerings and new offerings, including the expansion and adoption of our SaaS offerings;
our ability to realize value from investments in the business, including R&D investments; our ability to maintain and
expand our user and customer base; our international expansion strategy; our ability to successfully execute our
go-to-market strategy and expand in our existing markets and into new markets, and our ability to forecast customer
retention and expansion; and general market, political, economic and business conditions.
Additional risks and uncertainties that could cause actual outcomes and results to differ materially are included in
our filings with the Securities and Exchange Commission (the “SEC”), including our Annual Report on Form 10-K for
the most recent fiscal year, our quarterly report on Form 10-Q for the most recent fiscal quarter, and any
subsequent reports filed with the SEC. SEC filings are available on the Investor Relations section of Elastic’s
website at ir.elastic.co and the SEC’s website at www.sec.gov.
Any features or functions of services or products referenced in this presentation, or in any presentations, press
releases or public statements, which are not currently available or not currently available as a general availability
release, may not be delivered on time or at all. The development, release, and timing of any features or functionality
described for our products remains at our sole discretion. Customers who purchase our products and services
should make the purchase decisions based upon services and product features and functions that are currently
available.
All statements are made only as of the date of the presentation, and Elastic assumes no obligation to, and does not
currently intend to, update any forward-looking statements or statements relating to features or functions of services
or products, except as required by law.
Forward-Looking Statements
3. Apps Deployed
Within organizations
to run everyday
operations
IT Spending
In cloud Infrastructure
Hybrid is the new
normal
129 45% 247
Global Operations
Pushing continuous
delivery and higher
agility
IT/Ops and Security shared challenges
4. Red = Security (Enforcing)
Green = IT Enabling)
IT/Ops & Security everyday Interactions
Devices
Mobile
Work-
stations
Desktop
PCs
Terminal
AD
Users
Office
Badge
AV/EDR
Firewall
AD, NAC
WAF
Apps
Servers
Database
Email
IT Services
Cloud Apps
Cloud Inf
IT Services
Internet
Data Center
Collab
Regional
Hub
AV/EDR
Firewall
Login
IPS
Proxy /
DLP
IoT
OT
Industrial
Critical Infra
Connected Campus
AV/EDR
Firewall
Login
IPS
Proxy
7. - Avoid data duplication
- Improve shared
communication
- Reduce operating frictions
- Reduce costs while keeping
services up and our
organizations secured
Benefits
9. Unified Issue Detection
One pricing model
Deploy Anywhere
Free and open detection engine, ML, and Alerting
One powerful datastore — Elasticsearch.
Unified User Interface Eliminate swivel chair analysis
Simplify and control spend
Achieve “data gravity” in hybrid environments
Observability Security
Unified Schema Speed up analysis with cross-source correlation
Unified Data Collection Deploy a single agent for observability and security
Unified RBAC Secure data based on “need to know” policies
Observability + Security in Elastic Stack
10. 10
Deploy your way, anywhere
Select a deployment model for your unique needs
Deploy instantly on AWS,
Azure or Google Cloud
Install a single package
Elastic CloudElastic Cloud on
Kubernetes
Elastic Cloud
Enterprise
Centrally manage multiple
deployments on your infra
Self-Managed
11. 11
Deploy your way, anywhere
Select a deployment model for your unique needs
Deploy instantly on AWS,
Azure or Google Cloud
Install a single package
Elastic CloudElastic Cloud on
Kubernetes
Elastic Cloud
Enterprise
Centrally manage multiple
deployments on your infra
Self-Managed
Federate across these deployments with cross-cluster search
12. Screenshot of integrations tiles (breadth)
Show the data boarding GIF (ease)
Final dashboard (value)
Unified Data Collection
Single Agent
100s of integrations
Go from data to dashboard in minutes
Central ingest management
Monitor and manage all your agents, at scale,
from a single place
Across observability and security
Collect events across data sources to enable
both use cases
13. Searching without ECS
src:10.42.42.42
OR client_ip:10.42.42.42
OR apache2.access.remote_ip:
10.42.42.42
OR context.user.ip:10.42.42.42
OR src_ip:10.42.42.42
Searching with ECS
source.ip:10.42.42.42
Unified Schema
Elastic Common Schema (ECS
• Defines a common set of fields
and objects to ingest data into
Elasticsearch
• Enables cross-source analysis
of diverse data
• Designed to be extensible
• ECS is adopted throughout the
Elastic Stack
• Contributions & feedback
welcome at
https://github.com/elastic/ecs
14. Security Controls
Powerful RBAC, ABAC
Document level security
Field level security
Encryption at rest/transit
Audit logging
SSO (SAML, OIDC)
CIS hardening
Vulnerability Scanning
Screenshot of integrations tiles (breadth)
Show the data boarding GIF (ease)
Final dashboard (value)
Unified RBAC
Advanced data-level security
Platform Compliance
HIPAA
CSA Star Level 2
SOC 2 Type I, II, SOC 3
ISO 27001/27107/27018
FedRAMP
GDPR compliant ops
15. Unified Issue Detection
Free and Open Detection Engine
Speed and Scale
Powered by the Elastic stack
Cover all your needs
Build-your-own or leverage free and open
prebuilt detections
Built-in anomaly detection & alerting
Detect known and unknown threats with
detection rules and machine learning
16. Unified Issue Detection
SecOps prebuilt rules
Cloud and SaaS
Covering main vendors and remote workforce
use cases
SecOps main use cases
Leveraging infrastructure and access events
for: Access Management, Configuration
validations and Network and log activity
auditing
APM events
Leveraging APM data for security detection
rules, such as SQL injection attacks
Threat Detection
and Prevention
Global actors
and threats
Tactics and
Techniques
… more
Monitoring and
Compliance
Build-your-own Free and Open Repository
Detect any issues in your environment
Anomaly detection via
Machine Learning
Advanced Correlation
via detection rules
17. Unified Issue Detection
elastic/detection-rules
Community-driven
Building shared knowledge across Security and
Operations communities
Always growing
Elastic experts and millions of members
actively developing new rules in the open
Always available
Detections are free and under Elastic License