When even basic threats can be multi-staged and complex, limited visibility into your security data just doesn’t cut it. Whether you’re performing investigations or hunting for threats, you need all security-relevant context. Learn key practices in data collection and normalisation and see how you can use Elastic Security to quickly and accurately triage, verify, and scope issues.
Keynote: Elastic Security evolution and visionElasticsearch
SecOps teams are taking on more responsibility than ever as online activity increases from a newly remote workforce, accelerating the need for digital transformation. Learn how Elastic Security has evolved to help SecOps teams take a broader, more inclusive approach to security and set their organisations up for success. Plus, hear the vision for what’s next.
Keynote: Making search better, faster, easierElasticsearch
The way we work, shop, and consume content has shifted in 2020. Unsurprisingly, search has become the cornerstone of those activities. Get to know the team behind Elastic Enterprise Search and hear how we’ve taken a different approach to enabling you to deliver new search experiences for your customers and teams. We’ll also show how some of our customers have thrived during the Covid 19 pandemic by leveraging the scalability and flexibility of Enterprise Search on Elastic Cloud. Plus, we’ll take you on a guided tour of the latest innovations and what’s new in our latest releases.
Get full visibility and find hidden security issuesElasticsearch
Learn key practices in data collection and normalization to expand visibility into your environment. See how you can use Elastic Security to quickly and accurately triage, verify, and scope issues.
Building Elastic into security operationsElasticsearch
Learn how Optiv took foundational ideas around optimization of data ingestion, automation, and search to build world-class managed cybersecurity services with Elastic.
What's new at Elastic: Update on major initiatives and releasesElasticsearch
The first technical talk of the event will highlight the latest releases at Elastic with specific insight into how those changes impact public sector projects. See the inside view of the most important capabilities and hear predictions on the developments that will be most applicable in our industry.
Comment transformer vos données en informations exploitablesElasticsearch
Découvrez des fonctionnalités stratégiques de la Suite Elastic, notamment Elasticsearch, un moteur de données incomparable, et Kibana, véritable fenêtre ouverte sur la Suite Elastic.
Dans cette session, vous apprendrez à :
injecter des données dans la Suite Elastic ;
stocker des données ;
analyser des données ;
exploiter des données.
Elastic Stack: Using data for insight and actionElasticsearch
Learn about the latest innovations for managing data storage costs while balancing performance with Elasticsearch. See how to use new visualization and alerting capabilities to turn data insights into decisive action.
Elastic @ Adobe: Making Search Smarter with Machine Learning at ScaleElasticsearch
Hear how Adobe scales, manages multiple use cases, and puts machine learning features to work with Elastic and learn about extensions to Elasticsearch that allow them to search at scale natively.
Keynote: Elastic Security evolution and visionElasticsearch
SecOps teams are taking on more responsibility than ever as online activity increases from a newly remote workforce, accelerating the need for digital transformation. Learn how Elastic Security has evolved to help SecOps teams take a broader, more inclusive approach to security and set their organisations up for success. Plus, hear the vision for what’s next.
Keynote: Making search better, faster, easierElasticsearch
The way we work, shop, and consume content has shifted in 2020. Unsurprisingly, search has become the cornerstone of those activities. Get to know the team behind Elastic Enterprise Search and hear how we’ve taken a different approach to enabling you to deliver new search experiences for your customers and teams. We’ll also show how some of our customers have thrived during the Covid 19 pandemic by leveraging the scalability and flexibility of Enterprise Search on Elastic Cloud. Plus, we’ll take you on a guided tour of the latest innovations and what’s new in our latest releases.
Get full visibility and find hidden security issuesElasticsearch
Learn key practices in data collection and normalization to expand visibility into your environment. See how you can use Elastic Security to quickly and accurately triage, verify, and scope issues.
Building Elastic into security operationsElasticsearch
Learn how Optiv took foundational ideas around optimization of data ingestion, automation, and search to build world-class managed cybersecurity services with Elastic.
What's new at Elastic: Update on major initiatives and releasesElasticsearch
The first technical talk of the event will highlight the latest releases at Elastic with specific insight into how those changes impact public sector projects. See the inside view of the most important capabilities and hear predictions on the developments that will be most applicable in our industry.
Comment transformer vos données en informations exploitablesElasticsearch
Découvrez des fonctionnalités stratégiques de la Suite Elastic, notamment Elasticsearch, un moteur de données incomparable, et Kibana, véritable fenêtre ouverte sur la Suite Elastic.
Dans cette session, vous apprendrez à :
injecter des données dans la Suite Elastic ;
stocker des données ;
analyser des données ;
exploiter des données.
Elastic Stack: Using data for insight and actionElasticsearch
Learn about the latest innovations for managing data storage costs while balancing performance with Elasticsearch. See how to use new visualization and alerting capabilities to turn data insights into decisive action.
Elastic @ Adobe: Making Search Smarter with Machine Learning at ScaleElasticsearch
Hear how Adobe scales, manages multiple use cases, and puts machine learning features to work with Elastic and learn about extensions to Elasticsearch that allow them to search at scale natively.
Integrating advanced analytics with ElasticsearchElasticsearch
Learn how Deloitte is integrating machine learning with native Elasticsearch functionality to help a large federal agency expedite document review for a variety of eDiscovery use cases. This talk will focus on integrating machine learning (ML)/natural language processing (NLP) into ingest pipelines to add metadata to an index and how Deloitte uses Elasticsearch queries to dynamically sort documents based on an iterative user feedback loop.
Microsoft: Enterprise search for cloud native applicationsElasticsearch
Not everything should go into a container, and the heavy lifting of enterprise search is no exception to this. In this talk, we will explore Elastic Cloud on Azure, discussing its benefits and showing how Elastic fits within the cloud native ecosystem outside of the ELK Stack.
Full time PII data protection: How Randstad uses Elastic Security to keep cli...Elasticsearch
See how Randstad Netherlands uses all the features of the Elastic Stack to monitor their environments and put their analysts first. Randstad NL, an Elastic user since version 1.7, combines events from applications, systems and third party tooling into their Elastic Stack to detect and mitigate threats at scale — all from within Elastic Security.
Combining Logs, Metrics, and Traces for Unified ObservabilityElasticsearch
Learn how Elasticsearch efficiently combines data in a single store and how Kibana is used to analyze it. Plus, see how recent developments help identify, troubleshoot, and resolve operational issues faster.
Keynote: Elastic Observability evolution and visionElasticsearch
Elastic Observability helps drive mean time to resolution toward zero with end-to-end visibility in a single platform. Hear about the latest features and capabilities, and get a glimpse into the future.
Elastic and Google: Observability for multicloud and hybrid environmentsElasticsearch
Elastic and Google have built a partnership with business and technical integrations that make delivering observability for Google Cloud, hybrid and multicloud environments easy.
Automate threat detections and avoid false positivesElasticsearch
Detect threats and avoid the noise of false positives with the detection engine in Elastic Security. Automate threat detection via correlations and machine learning through real-world examples.
Tirez pleinement parti d'Elastic grâce à Elastic CloudElasticsearch
Découvrez pourquoi Elastic Cloud est la solution idéale pour exploiter toutes les offres d'Elastic. Bénéficiez d'une flexibilité d'achat et de déploiement au sein de Google Cloud, de Microsoft Azure, d'Amazon Web Services ou des trois à la fois. Apprenez quels avantages vous apporte une offre de service géré et déterminez la solution qui vous permet de la gérer par vous-même grâce à des outils intégrés d'automatisation et d'orchestration. Et ce n'est pas tout ! Familiarisez-vous avec les fonctionnalités qui peuvent vous aider à scaler vos opérations au fur et à mesure de l'évolution de votre déploiement, à stocker vos données d'une manière rentable et à optimiser vos recherches. Ainsi, vous n'aurez plus à abandonner de données et obtiendrez les informations exploitables dont vous avez besoin pour assurer le fonctionnement de votre entreprise.
Centralized logging in a changing environment at the UK’s DVLAElasticsearch
This presentation discusses logging strategies for a centralized logging environment at the DVLA as their applications move to cloud platforms and new technologies. Initially, application teams were isolated and responsible for their own stacks. The DVLA standardized on Elastic Stack for logging and adopted a shared "Open Services Landscape" platform. They worked with application teams to establish logging standards and libraries. For Kubernetes, they deployed Filebeat on each node and sent logs to Logstash. For serverless applications on AWS, they configured CloudWatch Logs to send to Kinesis and then to Logstash. Elastic tools like curated indices, rollover indices, and index lifecycle management help manage large and changing volumes of log data in the cloud.
Countering Threats with the Elastic Stack at CERDEC/ARLElasticsearch
See how the CERDEC/ARL leverages the Elastic Stack to gain critical insights into activities and trends among the networks they cover and enables research into new methods of protecting our nation’s defenses.
Elastic Security : Protéger son entreprise avec la Suite ElasticElasticsearch
Elastic Security provides unified protection built on the Elastic Stack. It aims to stop threats at scale, eliminate blind spots, and arm every analyst. Features include new modules for collecting data from Office 365 and Okta, CEF module support for Check Point, streaming logs to Logstash, and direct ML integration. Elastic Security is intended to be an out-of-the-box solution that provides prevention, detection, and response capabilities for security analysts everywhere using free and open source tools.
ECS: Delivering Better Cyber Intelligence and ComplianceElasticsearch
Learn the ECS approach to cyber intelligence, why they migrated from legacy government risk and compliance systems to Elastic, and what they learned about enterprise application development and deployment.
See the video: https://www.elastic.co/elasticon/tour/2019/washington-dc/ecs-delivering-better-cyber-intelligence-and-compliance
Keynote: Elastic Security evolution and visionElasticsearch
Learn how Elastic Security has evolved to help SecOps teams take a broader, more inclusive approach to security and set their organizations up for success.
Advanced correlations for threat detection and moreElasticsearch
Learn how to perform correlations and create rules to detect malicious activity and identify and correlate behaviors. Event Query Language (EQL) provides robust data processing and analysis capabilities that are ideal for hunting threats, investigating suspicious activity, and scoping incidents.
Automate threat detections and avoid false positivesElasticsearch
Eliminating blind spots means you now have enough context. But can you get important insights from that context when you need it? Learn how to detect threats — while avoiding the noise of false positives — with the detection engine in Elastic Security. You’ll see how to automate threat detection via correlations and machine learning, with real-world examples of each.
Automate Your Container Deployments SecurelyDevOps.com
Operations seeking to make their apps and APIs both performant and available to their users must bake effective application security tooling into their processes and infrastructure configurations. How can development and operations teams release at increasing velocity with app protection built into their CI/CD pipeline?
A true next-generation, holistic web application and API protection platform does just that: operations teams can integrate security into their workflows and ensure new infrastructure and app code released to production is both effective and secure in any environment from cloud using containers to datacenters to a hybrid of these.
Join application security expert Aneel Dadani from Signal Sciences to learn how your team can automate, deploy at scale safely while gaining layer 7 visibility in production environments.
Attendees will learn:
What constitutes effective application security within the context of cloud adoption and an ever expanding threat landscape
How development teams can gain visibility into how their apps and APIs are being used in production and what vulnerabilities may exist that they overlooked
How DevOps teams can scale their application footprint to meet demand while securing your codebase in production
How to inspect request traffic at the API gateway or the ingress
Infrastructure monitoring made easy, from ingest to insightElasticsearch
Elastic Observability provides a full-stack monitoring solution with features including:
- Support for ingesting metrics, logs and traces from applications, services, databases and infrastructure across hosts, VMs and containers.
- Easy addition of new data sources through built-in integrations and support for multiple ingest methods and protocols.
- Capabilities for interacting with and visualizing metrics and log data through dashboards, visualizations and flexible alerting.
- Long term, reliable storage of observability data through Elasticsearch and capabilities like index lifecycle management and data rollups.
Keynote: Elastic Observability evolution and visionElasticsearch
Elastic Observability is helping organisations drive their mean time to resolution toward zero with end-to-end visibility in a single platform. Hear about the latest features and capabilities at all layers — from ingest to insight — and get a glimpse into the future straight from the product leaders who are building it.
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic StackElasticsearch
This document discusses how Siscale provides AIOps adoption partner services including automated root cause analysis using the Elastic Stack. They offer full visibility and automation on customer infrastructure, combining data science, cybersecurity, and other areas. Siscale certifies engineers in Elastic solutions to provide consulting expertise in areas like devops, infrastructure, and security. They help customers address challenges like reducing response times through automation and algorithms while unifying teams through shared data.
Obtén visibilidad completa y encuentra problemas de seguridad ocultosElasticsearch
Aun las amenazas básicas pueden ser múltiples y complejas, y la visibilidad limitada de tus datos de seguridad simplemente no es suficiente. Ya sea que realices investigaciones o busques amenazas, necesitas todo el contexto relevante para la seguridad. Aprende las prácticas clave en la recopilación y normalización de datos y ve cómo puedes usar Elastic Security para clasificar, verificar y abordar problemas de forma rápida y precisa.
Integrating advanced analytics with ElasticsearchElasticsearch
Learn how Deloitte is integrating machine learning with native Elasticsearch functionality to help a large federal agency expedite document review for a variety of eDiscovery use cases. This talk will focus on integrating machine learning (ML)/natural language processing (NLP) into ingest pipelines to add metadata to an index and how Deloitte uses Elasticsearch queries to dynamically sort documents based on an iterative user feedback loop.
Microsoft: Enterprise search for cloud native applicationsElasticsearch
Not everything should go into a container, and the heavy lifting of enterprise search is no exception to this. In this talk, we will explore Elastic Cloud on Azure, discussing its benefits and showing how Elastic fits within the cloud native ecosystem outside of the ELK Stack.
Full time PII data protection: How Randstad uses Elastic Security to keep cli...Elasticsearch
See how Randstad Netherlands uses all the features of the Elastic Stack to monitor their environments and put their analysts first. Randstad NL, an Elastic user since version 1.7, combines events from applications, systems and third party tooling into their Elastic Stack to detect and mitigate threats at scale — all from within Elastic Security.
Combining Logs, Metrics, and Traces for Unified ObservabilityElasticsearch
Learn how Elasticsearch efficiently combines data in a single store and how Kibana is used to analyze it. Plus, see how recent developments help identify, troubleshoot, and resolve operational issues faster.
Keynote: Elastic Observability evolution and visionElasticsearch
Elastic Observability helps drive mean time to resolution toward zero with end-to-end visibility in a single platform. Hear about the latest features and capabilities, and get a glimpse into the future.
Elastic and Google: Observability for multicloud and hybrid environmentsElasticsearch
Elastic and Google have built a partnership with business and technical integrations that make delivering observability for Google Cloud, hybrid and multicloud environments easy.
Automate threat detections and avoid false positivesElasticsearch
Detect threats and avoid the noise of false positives with the detection engine in Elastic Security. Automate threat detection via correlations and machine learning through real-world examples.
Tirez pleinement parti d'Elastic grâce à Elastic CloudElasticsearch
Découvrez pourquoi Elastic Cloud est la solution idéale pour exploiter toutes les offres d'Elastic. Bénéficiez d'une flexibilité d'achat et de déploiement au sein de Google Cloud, de Microsoft Azure, d'Amazon Web Services ou des trois à la fois. Apprenez quels avantages vous apporte une offre de service géré et déterminez la solution qui vous permet de la gérer par vous-même grâce à des outils intégrés d'automatisation et d'orchestration. Et ce n'est pas tout ! Familiarisez-vous avec les fonctionnalités qui peuvent vous aider à scaler vos opérations au fur et à mesure de l'évolution de votre déploiement, à stocker vos données d'une manière rentable et à optimiser vos recherches. Ainsi, vous n'aurez plus à abandonner de données et obtiendrez les informations exploitables dont vous avez besoin pour assurer le fonctionnement de votre entreprise.
Centralized logging in a changing environment at the UK’s DVLAElasticsearch
This presentation discusses logging strategies for a centralized logging environment at the DVLA as their applications move to cloud platforms and new technologies. Initially, application teams were isolated and responsible for their own stacks. The DVLA standardized on Elastic Stack for logging and adopted a shared "Open Services Landscape" platform. They worked with application teams to establish logging standards and libraries. For Kubernetes, they deployed Filebeat on each node and sent logs to Logstash. For serverless applications on AWS, they configured CloudWatch Logs to send to Kinesis and then to Logstash. Elastic tools like curated indices, rollover indices, and index lifecycle management help manage large and changing volumes of log data in the cloud.
Countering Threats with the Elastic Stack at CERDEC/ARLElasticsearch
See how the CERDEC/ARL leverages the Elastic Stack to gain critical insights into activities and trends among the networks they cover and enables research into new methods of protecting our nation’s defenses.
Elastic Security : Protéger son entreprise avec la Suite ElasticElasticsearch
Elastic Security provides unified protection built on the Elastic Stack. It aims to stop threats at scale, eliminate blind spots, and arm every analyst. Features include new modules for collecting data from Office 365 and Okta, CEF module support for Check Point, streaming logs to Logstash, and direct ML integration. Elastic Security is intended to be an out-of-the-box solution that provides prevention, detection, and response capabilities for security analysts everywhere using free and open source tools.
ECS: Delivering Better Cyber Intelligence and ComplianceElasticsearch
Learn the ECS approach to cyber intelligence, why they migrated from legacy government risk and compliance systems to Elastic, and what they learned about enterprise application development and deployment.
See the video: https://www.elastic.co/elasticon/tour/2019/washington-dc/ecs-delivering-better-cyber-intelligence-and-compliance
Keynote: Elastic Security evolution and visionElasticsearch
Learn how Elastic Security has evolved to help SecOps teams take a broader, more inclusive approach to security and set their organizations up for success.
Advanced correlations for threat detection and moreElasticsearch
Learn how to perform correlations and create rules to detect malicious activity and identify and correlate behaviors. Event Query Language (EQL) provides robust data processing and analysis capabilities that are ideal for hunting threats, investigating suspicious activity, and scoping incidents.
Automate threat detections and avoid false positivesElasticsearch
Eliminating blind spots means you now have enough context. But can you get important insights from that context when you need it? Learn how to detect threats — while avoiding the noise of false positives — with the detection engine in Elastic Security. You’ll see how to automate threat detection via correlations and machine learning, with real-world examples of each.
Automate Your Container Deployments SecurelyDevOps.com
Operations seeking to make their apps and APIs both performant and available to their users must bake effective application security tooling into their processes and infrastructure configurations. How can development and operations teams release at increasing velocity with app protection built into their CI/CD pipeline?
A true next-generation, holistic web application and API protection platform does just that: operations teams can integrate security into their workflows and ensure new infrastructure and app code released to production is both effective and secure in any environment from cloud using containers to datacenters to a hybrid of these.
Join application security expert Aneel Dadani from Signal Sciences to learn how your team can automate, deploy at scale safely while gaining layer 7 visibility in production environments.
Attendees will learn:
What constitutes effective application security within the context of cloud adoption and an ever expanding threat landscape
How development teams can gain visibility into how their apps and APIs are being used in production and what vulnerabilities may exist that they overlooked
How DevOps teams can scale their application footprint to meet demand while securing your codebase in production
How to inspect request traffic at the API gateway or the ingress
Infrastructure monitoring made easy, from ingest to insightElasticsearch
Elastic Observability provides a full-stack monitoring solution with features including:
- Support for ingesting metrics, logs and traces from applications, services, databases and infrastructure across hosts, VMs and containers.
- Easy addition of new data sources through built-in integrations and support for multiple ingest methods and protocols.
- Capabilities for interacting with and visualizing metrics and log data through dashboards, visualizations and flexible alerting.
- Long term, reliable storage of observability data through Elasticsearch and capabilities like index lifecycle management and data rollups.
Keynote: Elastic Observability evolution and visionElasticsearch
Elastic Observability is helping organisations drive their mean time to resolution toward zero with end-to-end visibility in a single platform. Hear about the latest features and capabilities at all layers — from ingest to insight — and get a glimpse into the future straight from the product leaders who are building it.
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic StackElasticsearch
This document discusses how Siscale provides AIOps adoption partner services including automated root cause analysis using the Elastic Stack. They offer full visibility and automation on customer infrastructure, combining data science, cybersecurity, and other areas. Siscale certifies engineers in Elastic solutions to provide consulting expertise in areas like devops, infrastructure, and security. They help customers address challenges like reducing response times through automation and algorithms while unifying teams through shared data.
Obtén visibilidad completa y encuentra problemas de seguridad ocultosElasticsearch
Aun las amenazas básicas pueden ser múltiples y complejas, y la visibilidad limitada de tus datos de seguridad simplemente no es suficiente. Ya sea que realices investigaciones o busques amenazas, necesitas todo el contexto relevante para la seguridad. Aprende las prácticas clave en la recopilación y normalización de datos y ve cómo puedes usar Elastic Security para clasificar, verificar y abordar problemas de forma rápida y precisa.
TeelTech - Advancing Mobile Device Forensics (online version)Mike Felch
This document provides an overview of a training on advancing mobile device forensics through reverse engineering and programming techniques. It discusses how traditional forensic tools are becoming less effective at recovering data from newer devices and applications that are designed for privacy. The training will demonstrate extracting artifacts from a raw device image using a hex editor and Python scripts. It also outlines a simulated criminal investigation involving the murder of a victim, and how analyzing the digital evidence from the victim and suspect's mobile phones through these new techniques revealed deleted messages that are relevant to the case.
Amundsen: From discovering to security datamarkgrover
Hear about how Lyft and Square are solving data discovery and data security challenges using a shared open source project - Amundsen.
Talk details and abstract:
https://www.datacouncil.ai/talks/amundsen-from-discovering-data-to-securing-data
Séminaire Big Data Alter Way - Elasticsearch - octobre 2014ALTER WAY
This document discusses Elasticsearch and how it can be used to search, analyze, and make sense of large amounts of data. It provides examples of how Elasticsearch is being used by large companies to handle petabytes of data and gain insights. Implementations in France are highlighted. The document concludes by demonstrating how easily Elasticsearch can be deployed and used to ingest and search sample data.
As You Seek – How Search Enables Big Data AnalyticsInside Analysis
The Briefing Room with Robin Bloor and MarkLogic
Live Webcast on June 18, 2013
http://www.insideanalysis.com
The heart and soul of Big Data Analytics revolves around search. That's why we keep hearing about NoSQL database vendors aligning themselves with third-party search engines. Because these purpose-built database engines do not leverage the Structured Query Language, search is the means by which valuable insights are gleaned from them. But bolted-on search engines typically don't offer the kind of deep functionality that built-in engines can.
Register for this episode of The Briefing Room to hear veteran Analyst Dr. Robin Bloor explain how search functionality provides a window into the possibilities for Big Data Analytics. He'll be briefed by David Gorbet of MarkLogic who will tout his company's object database offering, which boasts more than 10 years of use in production. He'll discuss how search can be used to expose relationships in Big Data and thus help generate insights. He'll also provide details on MarkLogic's enterprise-caliber capabilities, such as ACID compliance, its SQL interface, and where semantics fit in the roadmap.
1. Create a diagram of the relevant processes, data stores, data flows, and external entities.
2. Apply the STRIDE methodology to systematically identify potential threats to each element in the diagram.
3. Mitigate the identified threats through techniques like redesigning to eliminate threats, applying standard security controls, or inventing new controls.
4. Validate that the threat modeling process was comprehensive by ensuring all elements and potential threats were considered, and that the proposed mitigations adequately address the threats.
Replicate Elasticsearch Data with Cross-Cluster Replication (CCR)Elasticsearch
Launched in Elasticsearch version 6.5, cross-cluster replication (CCR) allows you to replicate an index from one Elasticsearch cluster to another. CCR is perfect for a number of use cases including cross data center replication, data locality (multiple copies of data closer to users), and creating a dedicated, centralized analytics cluster populated by multiple source clusters.
With the rise of IoT and the increasing complexity of applications, clouds, networks and infrastructure, the battle to keep your data and your infrastructure safe from attackers is getting harder. As groups of bad actors collaborate, sharing information and offering illegal access, and botnets as a service, terabits of attack can be launched cheaply. Meanwhile, it’s hard to find enough security analysts to catch and prevent these attacks.
This is where community collaboration and open source efforts like Apache Metron come in. Metron presents a comprehensive framework for application and network, security built on Apache Hadoop and open source Streaming Analytics(ie Apache Nifi, Apache Kafka) tool’s highly scalable data management and processing stacks. Advanced features like profiling, machine learning, and visualization work with real-time streaming detection to make your SOC analysts more efficient, while the intrinsic extensibility of open source helps your data scientists get security insights out of the lab and into production fast.
We will discuss and demonstrate how some real-world businesses and managed service providers are using Apache Metron to identify and solve security threats at scale, and some approaches and ideas for how the platform can fit into your security architecture.
Speaker: Laurence Da Luz, Senior Solutions Architect, Hortonworks
The document discusses big data and machine learning solutions on AWS. It covers why organizations use big data, challenges they face, and how AWS solutions like S3 data lakes, Glue, Athena, Redshift, Kinesis, Elasticsearch, SageMaker, and QuickSight can help overcome these challenges. It also discusses how big data drives machine learning and how AWS machine learning services work. Core tenets discussed include building decoupled systems, using the right tool for the job, and leveraging serverless services.
Declarative Multilingual Information Extraction with SystemTLaura Chiticariu
Information extraction (IE), the task of extracting structured information from unstructured or semi-structured data, is increasingly important to a wide array of enterprise applications, ranging from Business Intelligence to Data-as-a-Service.
In the first part of the talk, we give an overview of SystemT, a declarative IE system designed and developed to address the requirements driven by modern applications: scalability, expressivity, and transparency. SystemT is based on the basic principle underlying relational database technology: complete separation of specification from execution. SystemT uses a declarative language for expressing NLP algorithms called AQL, and an optimizer that generates high-performance algebraic execution plans for AQL rules. It makes IE orders of magnitude more scalable and easy to use, maintain and customize. Today, SystemT ships with multiple products across 4 IBM Software Brands and it being taught in universities. Our ongoing research and development efforts focus on making SystemT more usable for both technical and business users, and continuing enhancing its core functionalities based on natural language processing, machine learning, and database technology.
In the second part of the talk we present POLYGLOT, a multilingual semantic role labeling system capable of semantically parsing sentences in 9 different languages from 4 different language groups. The key feature of the system is that it treats the semantic labels of the English Proposition Bank as “universal semantic labels”: Given a sentence in any of the supported languages, POLYGLOT will predict appropriate English PropBank frame and role annotation. We illustrate how these universal semantic labels can be used within SystemT to create information extractors that immediately work across different languages. In addition, we illustrate how we automatically generate Proposition Banks for new languages in order to enable multilingual SRL and discuss some challenges of crosslingual semantics.
This document discusses big data analytics tools and technologies. It begins with an overview of big data challenges and available tools. It then discusses Packetloop, a company that provides big data security analytics using tools like Amazon EMR, Cassandra, and PostgreSQL on AWS. Next, it discusses how EMR and Redshift from AWS can be used as big data tools for tasks like batch processing, data warehousing, and live analytics. It concludes by discussing how Intel technologies can help power big data platforms by providing optimized processors, networking, and storage to enable analytics at scale.
Anzo Smart Data Lake 4.0 - a Data Lake Platform for the Enterprise Informatio...Cambridge Semantics
Only with a rich and interactive semantic layer can your data and analytics stack deliver true on-demand access to data, answers and insights - weaving data together from across the enterprise into an information fabric. In this webinar we introduce Anzo Smart Data Lake 4.0, which provides that rich and interactive semantic layer to your data.
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...SaraPia5
Threat Management, what it means, how Customers struggle with it, and your entry point for the discussion to be your Customer’s hero in solving their Threat Management problems. Even if you think you know what SIEM means, and especially if you don’t, this Webinar will educate you on the real world problem every Organization faces around Threat Management and the challenges with solutions. Esteemed experts from Cybraics, an industry leader in advanced Threat analytics, will walk us through the problem space, and clearly help you understand how they are differentiated in, and a disruption to, the Threat Management marketplace. Please have your questions ready for this dedicated time with Telarus VP of Biz DEV-Cybersecurity, Dominique Singer and Pete Nicoletti and Nate Grinnell of Cybraics, Inc
The document discusses Netflix's use of Elasticsearch for querying log events. It describes how Netflix evolved from storing logs in files to using Elasticsearch to enable interactive exploration of billions of log events. It also summarizes some of Netflix's best practices for running Elasticsearch at scale, such as automatic sharding and replication, flexible schemas, and extensive monitoring.
This document discusses technologies for analyzing large amounts of data from various sources on the internet and social media. It introduces Info Arab's Significs technology, which can analyze text streams and social media interactions to extract structured and meaningful data. Significs converts unstructured data into structured data and identifies indicators of content across many dimensions of analysis. It also discusses Fetch Technologies for gathering data from various online sources and providing APIs and platforms for accessing the analyzed information.
It is a fascinating, explosive time for enterprise analytics.
It is from the position of analytics leadership that the mission will be executed and company leadership will emerge. The data professional is absolutely sitting on the performance of the company in this information economy and has an obligation to demonstrate the possibilities and originate the architecture, data, and projects that will deliver analytics. After all, no matter what business you’re in, you’re in the business of analytics.
The coming years will be full of big changes in enterprise analytics and Data Architecture. William will kick off the fourth year of the Advanced Analytics series with a discussion of the trends winning organizations should build into their plans, expectations, vision, and awareness now.
Similar to Get full visibility and find hidden security issues (20)
An introduction to Elasticsearch's advanced relevance ranking toolboxElasticsearch
The hallmark of a great search experience is always delivering the most relevant results, quickly, to every user. The difficulty lies behind the scenes in making that happen elegantly and at a scale. From App Search’s intuitive drag and drop interface to the advanced relevance capabilities built into the core of Elasticsearch — Elastic offers a range of tools for developers to tune relevance ranking and create incredible search experiences. In this session, we’ll explore some of Elasticsearch’s advanced relevance ranking features, such as dense vector fields, BM25F, ranking evaluation, and more. Plus we’ll give you some ideas for how these features are being used by other Elastic users to create world-class, category defining search experiences.
Eze Castle Integration is a managed service provider (MSP), cloud service provider (CSP), and internet service provider (ISP) that delivers services to more than 1,000 clients around the world. Different departments within Eze Castle have devised their own log aggregation solutions in order to provide visibility, meet regulatory compliance requirements, conduct cybersecurity investigations, and help engineers with troubleshooting infrastructure issues. In 2019, they partnered with Elastic to consolidate the data generated from different systems into a single pane of glass. And thanks to the ease of deployment on Elastic Cloud, professional consultation services from Elastic engineers, and on-demand training courses available on Elastic Learning, Eze Castle was able to go from proof-of-concept to a fully functioning ""Eze Managed SIEM"" product within a month!
Learn about Eze Castle's journey with Elastic and how they grew Eze Managed SIEM from zero to 100 customers In less than 14 months.
Cómo crear excelentes experiencias de búsqueda en sitios webElasticsearch
Descubre lo fácil que es crear búsquedas relevantes y enriquecidas en sitios web de cara al público para impulsar las conversiones, incrementar el consumo de contenido y ayudar a los visitantes a encontrar lo que necesitan. Realiza un recorrido por las herramientas de Elastic a las que puedes sacar partido para transformar con facilidad tu sitio web, lo que incluye nuestro nuevo y potente rastreador web.
Te damos la bienvenida a una nueva forma de realizar búsquedas Elasticsearch
1) The document introduces ElasticON Solution Series, which provides out-of-the-box personalized, centralized, and secure organizational search across internal and external sources.
2) It discusses how Elastic Enterprise Search can improve productivity, satisfaction, collaboration, and decision making by connecting all applications and content with a single scalable search platform.
3) The solution achieves this through intuitive search features, powerful analytics and visualization tools, simplified administration, and security certifications to ensure data protection.
Plongez au cœur de la recherche dans tous ses états.Elasticsearch
À l'instar de la plupart des entreprises modernes, vos équipes utilisent probablement plus de 10 applications hébergées dans le cloud chaque jour, mais passent aussi bien trop de temps à chercher les informations dont elles ont besoin dans ces outils. Grâce aux fonctionnalités prêtes à l'emploi d'Elastic Workplace Search, découvrez combien il est facile de mettre le contenu pertinent à portée de la main de vos équipes grâce à une recherche unifiée sur l'ensemble des applications qu'elles utilisent pour faire leur travail.
Modernising One Legal Se@rch with Elastic Enterprise Search [Customer Story]Elasticsearch
Knowledge management needs in the legal sector, why Linklaters decided to move away from its legacy KM search engine, Kin+Carta's management of the migration process, and how the switch revitalised a well-established system and opened up new possibilities for its future development.
An introduction to Elasticsearch's advanced relevance ranking toolboxElasticsearch
The hallmark of a great search experience is always delivering the most relevant results, quickly, to every user. The difficulty lies behind the scenes in making that happen elegantly and at a scale. From App Search’s intuitive drag and drop interface to the advanced relevance capabilities built into the core of Elasticsearch — Elastic offers a range of tools for developers to tune relevance ranking and create incredible search experiences. In this session, we’ll explore some of Elasticsearch’s advanced relevance ranking features, such as dense vector fields, BM25F, ranking evaluation, and more. Plus we’ll give you some ideas for how these features are being used by other Elastic users to create world-class, category defining search experiences.
Like most modern organizations, your teams are likely using upwards of 10 cloud-based applications on a daily basis, but spending far too many hours a day searching for the information they need across all of them. With the out-of-the-box capabilities of Elastic Workplace Search, see how easy it is to put relevant content right at your teams’ fingertips with unified search across all the apps they rely on to get work done.
Building great website search experiencesElasticsearch
Discover how easy it is to create rich, relevant search on public facing websites that drives conversion, increases content consumption, and helps visitors find what they need. Get a tour of the Elastic tools you can leverage to easily transform your website, including our powerful new web crawler.
Keynote: Harnessing the power of Elasticsearch for simplified searchElasticsearch
Get an overview of the innovation Elastic is bringing to the Enterprise Search landscape, and learn how you can harness these capabilities across your technology landscape to make the power of search work for you.
Cómo transformar los datos en análisis con los que tomar decisionesElasticsearch
Descubre las áreas de características estratégicas de Elastic Stack: Elasticsearch, un motor de datos inigualable y Kibana, la ventana que da acceso a Elastic Stack.
En la sesión hablaremos sobre:
Cómo incorporar datos a Elastic Stack
Almacenamiento de datos
Análisis de los datos
Actuar en función de los datos
Explore relève les défis Big Data avec Elastic Cloud Elasticsearch
Spécialisée dans le développement et la gestion de solutions de veille documentaire et commerciale, Explore offre à ses clients une lecture précise et organisée de l’actualités des marchés et projets sur leurs territoires d'intervention. Afin de rendre leur offre plus agile et performante, Explore a choisi l’offre Elastic Cloud hébergée sur Microsoft Azure. Découvrez comment les équipes de production et de développement sont désormais en mesure de mieux exploiter les données pour les clients d’Explore et gagnent du temps sur la gestion de leur infrastructure.
Comment transformer vos données en informations exploitablesElasticsearch
Découvrez des fonctionnalités stratégiques de la Suite Elastic, notamment Elasticsearch, un moteur de données incomparable, et Kibana, véritable fenêtre ouverte sur la Suite Elastic.
Dans cette session, vous apprendrez à :
injecter des données dans la Suite Elastic ;
stocker des données ;
analyser des données ;
exploiter des données.
Transforming data into actionable insightsElasticsearch
Learn about the strategic feature areas of the Elastic Stack—Elasticsearch, a data engine like no other, and Kibana, the window into the Elastic Stack.
The session will cover:
Bringing data into the Elastic Stack
Storing data
Analyzing data
Acting on data
"Elastic enables the world’s leading organization to exceed their business objectives and power their mission-critical systems by eliminating data silos, connecting the dots, and transforming data of all types into actionable insights.
Come learn how the power of search can help you quickly surface relevant insights at scale. Whether you are an executive looking to reduce operational costs, a department head striving to do more with fewer tools, or engineer monitoring and protecting your IT environment, this session is for you. "
Empowering agencies using Elastic as a Service inside GovernmentElasticsearch
It has now been four years since the beta release of Elastic Cloud Enterprise which kicked off a wave of the Elastic public sector community running Elastic as a service within Government rather than utilizing purely hosted solutions. Fast forward to 2021 and we have multiple options for multiple mission needs. Learn top tips from Elastic architects and their experience enabling their teams with the automation and provisioning of Elastic tech to change the game in how government delivers solutions.
The opportunities and challenges of data for public goodElasticsearch
The document discusses data for public good and the opportunities and challenges involved. It notes that data infrastructure is needed to deliver public good through data. There are almost endless opportunities to use data for public services, policy, and citizen benefits. However, challenges include legacy systems, data silos, unclear governance, and risk aversion. As a case study, it outlines how the UK Census 2021 addressed index faced challenges but showed progress on using data better, with lessons for continued public sector transformation.
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframePrecisely
Inconsistent user experience and siloed data, high costs, and changing customer expectations – Citizens Bank was experiencing these challenges while it was attempting to deliver a superior digital banking experience for its clients. Its core banking applications run on the mainframe and Citizens was using legacy utilities to get the critical mainframe data to feed customer-facing channels, like call centers, web, and mobile. Ultimately, this led to higher operating costs (MIPS), delayed response times, and longer time to market.
Ever-changing customer expectations demand more modern digital experiences, and the bank needed to find a solution that could provide real-time data to its customer channels with low latency and operating costs. Join this session to learn how Citizens is leveraging Precisely to replicate mainframe data to its customer channels and deliver on their “modern digital bank” experiences.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
The Microsoft 365 Migration Tutorial For Beginner.pptxoperationspcvita
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
2. 2
Thorben Jändling
Senior Solutions Architect
in the
Global Security Specialist Group
@ Elastic.co
Career as a Security Engineer for various national CSIRTs
https://www.linkedin.com/in/thorbenj/
thorbenj@elastic.co
eMail
@thorbenj on elasticstack.slack.com
5. 5 1B 5
Data Domains
Practitioners analyze
endpoint, cloud,
network, application,
user, and more!
Events Per Day
Most organizations
average 1 billion
events per day
SOC Analysts
Security Operation
Centers vary in size,
but most have less
than 5 analysts
THE DATA DILEMMA
6. 5 1B 5
Data Domains
Practitioners analyze
endpoint, cloud,
network, application,
user, and more!
Events Per Day
Most organizations
average 1 billion
events per day
SOC Analysts
Security Operation
Centers vary in size,
but most have less
than 5 analysts
THE DATA DILEMMA
7. 5 1B 5
Data Domains
Practitioners analyze
endpoint, cloud,
network, application,
user, and more!
Events Per Day
Most organizations
average 1 billion
events per day
SOC Analysts
Security Operation
Centers vary in size,
but most have less
than 5 analysts
THE DATA DILEMMA
8. Solve the dilemma by answering 4 key questions
What data do I need to collect?
1
Now that I have it, how do I manage the data?
3
How do I make it actionable?
4
How do I get that data?
2
9. 9
9
Elastic Solutions built on the Elastic Stack
• App Search
• Site Search
• Workplace Search
Enterprise Search
• Logs
• Metrics
• Service Monitoring
• Application Performance
Observability
• SIEM
• Endpoint Security
Security
Elastic Stack
Kibana
Beats Logstash
Elasticsearch
EPP
10. Development
Team
Ops: Log
Monitoring
Availability
Response Time
Uptime Tool
Ops: Infra
Monitoring
Web Logs
App Logs
Database Logs
Container Logs
Log Tool
Real User Mon.
Txn Perf Mon.
Dist. Tracing
APM Tool
Ops: Service
Monitoring
Container Metrics
Host Metrics
Database Metics
Network Metrics
Storage Metrics
Metrics Tool
Business KPIs
Business Tool
Business
Team
Typical observability stack
11. Dev, Ops, Sec and Business Teams
Elastic approach to observability
APM Data Uptime Data
Metrics Data
Log Data Business Data
All your operational data in a single powerful datastore — Elasticsearch
Kibana
Elasticsearch
12. What data do I need
to collect?
• MITRE ATT&CK™ provides the
data sources required to detect
250 adversary techniques
• There are 50 unique data
sources
• Examples include, “Process
Monitoring”, “DNS Records”,
“Authentication Logs”, and more!
13. What data do I need
to collect?
• MITRE ATT&CK™ provides the
data sources required to detect
250 adversary techniques
• There are 50 unique data
sources
• Examples include, “Process
Monitoring”, “DNS Records”,
“Authentication Logs”, and more!
14. Solve the dilemma by answering 4 key questions
What data do I need to collect?
1
Now that I have it, how do I manage the data?
3
How do I make it actionable?
4
How do I get that data?
2
16. Endpoint Security with Elastic Agent
Unified agent for logs, metrics, security and more
BEFORE five+ agents
on every host
Filebeat for logs
Metricbeat for metrics
Winlogbeat for Windows events
plus sysmon
Heartbeat for uptime
APM agent for app traces
NOW one agent
on every host
Elastic Agent for logs, metrics,
and security; including:
Endpoint Security for EPP
and kernel level event collection
(no sysmon needed)
21. Solve the dilemma by answering 4 key questions
What data do I need to collect?
1
Now that I have it, how do I manage the data?
3
How do I make it actionable?
4
How do I get that data?
2
22. Elastic Security
• A single application
for data analysis
across all data
domains and
sources
27. Elastic Common Schema (ECS)
How data is normalized inside Elastic
Defines a common set of fields and
objects to ingest data into
Elasticsearch
Enables cross-source analysis of
diverse data
Designed to be extensible
ECS is adopted throughout the
Elastic Stack
Contributions & feedback welcome
at https://github.com/elastic/ecs
Searching without ECS
src:10.42.42.42
OR client_ip:10.42.42.42
OR apache2.access.remote_ip:
10.42.42.42
OR context.user.ip:10.42.42.42
OR src_ip:10.42.42.42
Searching with ECS
source.ip:10.42.42.42
28. Solve the dilemma by answering 4 key questions
What data do I need to collect?
1
Now that I have it, how do I manage the data?
3
How do I make it actionable?
4
How do I get that data?
2
39. Data Dilemma Solved by Elastic Security
Common framework for data collection
1
Configurable data management with an open standard for
analysis
3
Actionable Data - Threat Hunting, Automated Detection, Threat
Prevention
4
Single agent for data collection and endpoint protection
2
40. Try free on Cloud:
ela.st/security-trial
Take a quick spin:
demo.elastic.co
Connect on Slack:
ela.st/slack
Join the Elastic Security community
41. Thank You
Search. Observe. Protect.
Safe Harbor Statement
This presentation includes forward-looking statements that are subject to
risks and uncertainties. Actual results may differ materially as a result of
various risk factors included in the reports on the Forms 10K, 10Q, and
8K, and in other filings we make with the SEC from time to time. Elastic
undertakes no obligation to update any of these forward-looking
statements.
44. 44
Closing slide
This presentation includes forward-looking
statements that are subject to risks and
uncertainties. Actual results may differ materially
as a result of various risk factors included in the
reports on the Forms 10-K, 10-Q, and 8-K, and in
other filings we make with the SEC from time to
time. Elastic undertakes no obligation to update
any of these forward-looking statements.
45. Elastic Security
• A single application for data
analysis across all data domains
and sources
• Configurable data lifecycle
management
• Elastic Common Schema
• No penalties for adding data
sources, endpoints or ingesting
data
• Flexible Storage Tiers
46. Bullet title (Inter 24 pt)
• Try to keep your use of bullet slides to a minimum
• Be creative and think visually
• If you need to source something copy and paste the text box at the
bottom left onto your page
Subtitle sentence case (Inter 18pt)
47. Bullet slide title treatment can be up to two lines in
length (Inter bold 24 pt)
Subtitle sentence case (Inter 18pt)
Bullet slide title treatment can be up to two lines in
length (Inter bold 24 pt)
• Bullets are sentence case (Inter 18pt)
– Second-line bullets are Inter 14pt
• Third-line bullets are Inter 12pt
• Limit the number of bullets on a slide
• Text highlights are orange, but not underlined
• Try not to go below the recommended font sizes
48. Bullet title (Inter 24 pt)
• Try to keep your use of bullet slides to a minimum
• Be creative and think visually
• If you need to source something copy and paste the text box at the
bottom left onto your page
Subtitle sentence case (Inter 18pt)
49. Bullet slide title treatment can be up to two lines in
length (Inter bold 24 pt)
• Bullets are sentence case (Inter 18pt)
‒ Second-line bullets are Inter 14pt
‒ Third-line bullets are Inter 12pt
• Limit the number of bullets on a slide
• Text highlights are orange, but not underlined
• Try not to go below the recommended font sizes
Subtitle sentence case (Inter 18pt)
50. Place a quote from someone
really, really important and it will
shrink to fit this space…
Author Name Here
51. Author Name Here
Place a quote from someone
really, really important and it will
shrink to fit this space…
52. Chart Slide With Multiple Colors
Sub-title or chart title here in sentence case
53. Chart Slide With Multiple Colors
Sub-title or chart title here in sentence case
54. Pie Chart Slide With Multiple Colors
Sub-title or chart title here in sentence case
62%
Supporting text
goes here under
the number
62%
Supporting text
goes here under
the number
55. Pie Chart Slide With Multiple Colors
Sub-title or chart title here in sentence case
56. Transition Slide Title Goes
Here and Can Be a Few
Lines Long
Subtitle goes here in sentence
case
57. Transition Slide Title Goes
Here and Can Be a Few
Lines Long
Subtitle goes here in sentence
case
58. Transition Slide Title Goes
Here and Can Be a Few
Lines Long
Subtitle goes here in sentence
case
60. 1M 1M 1M
HEADER HERE
Supporting text
goes here under
the number
HEADER HERE
Supporting text
goes here under
the number
HEADER HERE
Supporting text
goes here under
the number
Big Number Treatment
61. 1M 1M 1M
HEADER HERE
Supporting text
goes here under
the number
HEADER HERE
Supporting text
goes here under
the number
HEADER HERE
Supporting text
goes here under
the number
Big Number Treatment (Dark Mode)
62. Table Layout Treatment
Subtitle text placeholder sentence case
HEADER HEADER HEADER HEADER
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Option 1
63. Table Layout Treatment
Subtitle text placeholder sentence case
HEADER HEADER HEADER HEADER
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Option 2
64. Table Layout Treatment
Subtitle text placeholder sentence case
HEADER HEADER HEADER HEADER
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Option 3
65. Table Layout Treatment
Subtitle text placeholder sentence case
HEADER HEADER HEADER HEADER
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Information Information Information Information
Option 4
66.
67. Please use this area
for content, screen
shot, or quote; the
next few slide show
examples
68. Please use this area
for content, screen
shot, or quote; the
next few slide show
examples
69. We mine and analyze
4 billion events every
day to detect security
hacks and threats.
70. We mine and analyze
4 billion events every
day to detect security
hacks and threats.
73. 73
With organic logging growing 50%
year over year, and monitoring
infrastructure spend at nearly 10%,
one rogue log can ruin the platform.
The checks and balances necessary
to make sure we don’t hit that
roadblock are built with the Elastic
Stack and Beats.
TEXT GOES HERE IN ALL CAPS
Additional text goes here to support the content and can
be a couple lines in length and sits bottom left aligned
74. 74
With organic logging growing 50%
year over year, and monitoring
infrastructure spend at nearly 10%,
one rogue log can ruin the
platform. The checks and balances
necessary to make sure we don’t
hit that roadblock are built with the
Elastic Stack and Beats.
TEXT GOES HERE IN ALL CAPS
Additional text goes here to support the content and can
be a couple lines in length and sits bottom left aligned
75. ”
The Elastic Stack is critical to us. Every day
millions of users and customers worldwide
trust Box to execute mission-critical
business functions.
“
77. You can use
this area for a
text treatment
that supports
your chosen
imagery
78. You can use
this area for a
text treatment
that supports
your chosen
imagery
79. Slide Title Here With
a Few Bullets
Subtitle goes here
• Bullet one goes here in
sentence case and no period
• Bullets should be kept short
and sweet; stay focused
• Use bullets to help break up
content that you need to
have on the screen
80. Slide Title Here With
a Few Bullets
Subtitle goes here
● Bullet one goes here in
sentence case and no
period
● Bullets should be kept short
and sweet; stay focused
● Use bullets to help break up
content that you need to
have on the screen
81. Slide Title Here
With Key Points
Subtitle goes here
Header Here
Body copy goes here and just increase the
indent level to get to the proper formatting
Header Here
Body copy goes here and just increase the
indent level to get to the proper formatting
Header Here
Body copy goes here and just increase the
indent level to get to the proper formatting
Header Here
Body copy goes here and just increase the
indent level to get to the proper formatting
LOGGING METRICS APM
ADVANCED
SEARCH
SECURITY
ANALYTICS
DATA
SCIENCE
FOUNDATION
SPECIALIZATIONS
82. Slide Title Here
With Key Points
Subtitle goes here
Header Here
Body copy goes here and just increase the
indent level to get to the proper formatting
Header Here
Body copy goes here and just increase the
indent level to get to the proper formatting
Header Here
Body copy goes here and just increase the
indent level to get to the proper formatting
Header Here
Body copy goes here and just increase the
indent level to get to the proper formatting
83. Image Treatment With Caption Layout
How to add your own photos and crop properly…
Your image will populate the
container but you will likely need
to adjust the crop. Double click
on the image to adjust. Use the
blue dots to adjust the size.
Click on the grayed out portion
of the image and drag to the
left or right until you are happy
with the crop.
1 2 3
Right click on the image and go
to replace image. Select a new
image from your machine.
84. You can use
this area for a
text treatment
that supports
your chosen
imagery
85. Agenda Slide
Use color to highlight
Enter title for section one here and use sentence case
1
Enter title for section three here and use sentence case
3
Enter title for section four here and use sentence case
4
Enter title for section five here and use sentence case
5
Enter title for section two here and use sentence case
2
Option 1A
NOTE THIS SLIDE IS NOT IN THE LAYOUT OPTIONS.
ALWAYS START A NEW PRESENTATION USING THE
CORPORATE TEMPLATE AND ADD YOUR CONTENT
TO THIS SLIDE.
86. Bullet slide title treatment can be up to two lines in length (Inter bold 24 pt)
• Bullets are sentence case (Inter 18pt)
○ Second-line bullets are Inter 14pt
■ Third-line bullets are Inter 12pt
• Limit the number of bullets on a slide
• Text highlights are orange, but not underlined
• Try not to go below the recommended font sizes
Subtitle sentence case (Inter 18pt)
Agenda Slide
Use color to highlight
Enter title for section one here and use sentence case
1
Enter title for section three here and use sentence case
Enter title for section four here and use sentence case
Enter title for section five here and use sentence case
Enter title for section two here and use sentence case
2
Option 1B
NOTE THIS SLIDE IS NOT IN THE LAYOUT OPTIONS.
ALWAYS START A NEW PRESENTATION USING THE
CORPORATE TEMPLATE AND ADD YOUR CONTENT
TO THIS SLIDE.
3
4
5
87. Agenda Slide
Use color to highlight
Enter title for section one here and use sentence case
Enter title for section two here and use sentence case
Enter title for section three here and use sentence case
Enter title for section four here and use sentence case
Enter title for section five here and use sentence case
1
2
3
4
5
Option 2
NOTE THIS SLIDE IS NOT IN THE LAYOUT OPTIONS.
ALWAYS START A NEW PRESENTATION USING THE
CORPORATE TEMPLATE AND ADD YOUR CONTENT
TO THIS SLIDE.
88. Agenda Slide
Use color to highlight
Enter title for section one here and use sentence case
Enter title for section two here and use sentence case
Enter title for section three here and use sentence case
Enter title for section four here and use sentence case
Enter title for section five here and use sentence case
1
2
3
4
5
Option 3
NOTE THIS SLIDE IS NOT IN THE LAYOUT OPTIONS.
ALWAYS START A NEW PRESENTATION USING THE
CORPORATE TEMPLATE AND ADD YOUR CONTENT
TO THIS SLIDE.
89. Agenda Slide
Use color to highlight
Enter title for section one here and use sentence case
Enter title for section two here and use sentence case
Enter title for section three here and use sentence case
Enter title for section four here and use sentence case
Enter title for section five here and use sentence case
1
2
3
4
5
Option 4
NOTE THIS SLIDE IS NOT IN THE LAYOUT OPTIONS.
ALWAYS START A NEW PRESENTATION USING THE
CORPORATE TEMPLATE AND ADD YOUR CONTENT
TO THIS SLIDE.
90. Process Diagram Treatment, 5 Ideas
See style page for more color options
1 2 3 4 5
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
91. Process Diagram Treatment, 5 Ideas + Highlight
See style page for more color options
1 2 3 4 5
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
92. Process Diagram Treatment, 4 Ideas
See style page for more color options
Supporting text
goes here under
the number
1 2 3 4
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
93. Process Diagram Treatment, 4 Ideas
See style page for more color options
Supporting text
goes here under
the number
1 2 3 4
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
94. Process Diagram Treatment, 3 Ideas
See style page for more color options
Supporting text
goes here under
the number
1 2 3
Supporting text
goes here under
the number
Supporting text
goes here under
the number
95. Process Diagram Treatment, 3 Ideas
See style page for more color options
Supporting text
goes here under
the number
1 2 3
Supporting text
goes here under
the number
Supporting text
goes here under
the number
96. Process Diagram Treatment, 5 Ideas
See style page for more color options
1 2 3 4
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
5
Supporting text
goes here under
the number
97. Process Diagram Treatment, 5 Ideas + Highlight
See style page for more color options
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
1 2 3 4 5
98. Process Diagram Treatment, 4 Ideas
See style page for more color options
1 2 3 4
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
99. Process Diagram Treatment, 3 Ideas
See style page for more color options
1 2 3
Supporting text
goes here under
the number
Supporting text
goes here under
the number
Supporting text
goes here under
the number
100. Title Here Title Here Title Here
• One bullet here
• Two bullet here
• Three bullet here
• One bullet here
• Two bullet here
• Three bullet here
• One bullet here
• Two bullet here
• Three bullet here
Box With Bullet Treatment
101. Title Here Title Here Title Here
• One bullet here
• Two bullet here
• Three bullet here
• One bullet here
• Two bullet here
• Three bullet here
• One bullet here
• Two bullet here
• Three bullet here
Box With Bullet Treatment with Color Choice
102. • One bullet here
• Two bullet here
• Three bullet here
Title Here
• One bullet here
• Two bullet here
• Three bullet here
Title Here
• One bullet here
• Two bullet here
• Three bullet here
Title Here
Box Bullet Treatment
103. • One bullet here
• Two bullet here
• Three bullet here
• One bullet here
• Two bullet here
• Three bullet here
• One bullet here
• Two bullet here
• Three bullet here
Title Here Title Here Title Here
Box Bullet Treatment with Color Scheme
105. Screenshot Treatment With Browser Window
How to drop in your screen shot…
The browser window is like a
frame so anything you drop
behind it will show through.
Drop in your screen shot, go
to the format menu and crop
it to show only what you
want.
2
Last, be sure to right click on
your screen shot, go to order
and send to back.
3
1
108. NOTE USE THIS LAYOUT
FOR PLACING ONE FULL
BLEED SCREENSHOT
109. Use This Slide for Code, Light Version
Use template colors to highlight
curl –XPUT localhost:9200/
_template/twitter –d ‘
{
“template” : “twitter_*”,
“setting” : {
“number_of_shards” : 4,
“number_of_replicas” : 1
}
}’
110. Use This Slide for Code, Dark Version
Use template colors to highlight
curl –XPUT localhost:9200/
_template/twitter –d ‘
{
“template” : “twitter_*”,
“setting” : {
“number_of_shards” : 4,
“number_of_replicas” : 1
}
}’
112. Styles and Treatments
SHAPES
LOGOS
Please use logos according
to brand guidelines. These
logos can be sized up and
down without losing quality.
Please press shift before
sizing to keep proper
proportions.
Various template colors can
be used for shapes. Shapes
should have a 3pt line stroke.
124. Subscription Options
ELASTIC CLOUD
FREE PAID
Open Source
Features
Free Proprietary
Features
Paid Proprietary Features
+
Elastic Support
PAID
OPEN SOURCE BASIC GOLD PLATINUM ENTERPRISE
SELFMANAGED
SaaS
125. Resource-based Pricing
Endpoint Security
No endpoint-based pricing
SIEM
No seat/ingest-based pricing
APM
No agent-based pricing
Metrics
No host-based pricing
Logs
No ingest-based pricing
App Search
No docs-based pricing
Site Search
No query-based pricing
Workplace Search
No user-based pricing
Elastic Enterprise Search Elastic Security
Elastic Observability
137. Iconography Usage
Product Feature Icons
Do not use these icons for
anything other than what
they are created for.
Product Feature Icons are created
to correlate with a specific feature
within the product and are not
flexible in use. Please see labels as
a guide.
Generic Icons
These icons are made to fit across
multiple concepts within reason.
See labels as a general guide.
Please use discretion.
Training Icons
Do not use these icons for
anything other than what
they are created for.
Training Icons are created to
correlate with a specific feature
within the training relm and are not
flexible in use. Please see labels as
a guide.
138. Feature Icons
winlogbeat heartbeat packetbeat metricbeat functionbeat filebeat auditbeat index patterns Index
management
Life cycle
management
create single job create advanced
job
create multi
metric job
create population
job
machine
learning
advanced
settings
apm sql visualize dashboards
canvas upgrade assistant management security analytics add data search
profiler
users and
roles
saved objects reporting security settings
grok debugger language clients infra console discover dev tools watcher rollups cross cluster
replication
data visualizer
metrics monitoring notebook logging spaces logstash pipeline gis application timelion graph --
139. Training Icons
apm metrics Security analytics logging
specialization
Engineering 1 Engineering 2 certification Advanced search Data science
subscription on-demand Instructor led
stack
140. Generic Icons
training support subscription
customers
structured schema schemaless rapid query
execution
sql No sql Horizontal scale
flexible data
model
downloads custom consulting community community
members
Sophisticated query
language
node idea chart
news user reliable extensible upgrade IoT plugin scale real-time high-five
location distributed visibility plan E commerce family vacation presentation education guide book
benefits certificate video contribution target Health monitor overlap conversation speaker government
141. Generic Icons
To do Source code Color outside
of the lines
blog Send
message
docs mobile browser Love
letter
connection
142. Feature Icons
winlogbeat heartbeat packetbeat metricbeat functionbeat filebeat auditbeat index patterns Index
management
Life cycle
management
create single job create advanced
job
create multi
metric job
create population
job
machine
learning
advanced
settings
apm sql visualize dashboards
canvas upgrade assistant management security analytics add data search
profiler
users and
roles
saved objects reporting security settings
grok debugger language clients infra console discover dev tools watcher rollups cross cluster
replication
data visualizer
metrics monitoring notebook logging spaces logstash pipeline gis application timelion graph --
143. Training Icons
apm metrics Security analytics logging
specialization
Engineering 1 Engineering 2 certification Advanced search Data science
subscription on-demand Instructor led
stack
144. Generic Icons
training support subscription
customers
structured schema schemaless rapid query
execution
sql No sql Horizontal scale
flexible data
model
downloads custom consulting community community
members
Sophisticated query
language
node idea chart
news user reliable extensible upgrade IoT plugin scale real-time high-five
location distributed visibility plan E commerce family vacation presentation education guide book
benefits certificate video contribution target Health monitor overlap conversation speaker government
145. Generic Icons
To do Source code Color outside
of the lines
blog Send
message
docs mobile browser Love
letter
connection
146. Feature Icons
winlogbeat heartbeat packetbeat metricbeat functionbeat filebeat auditbeat index patterns Index
management
Life cycle
management
create single job create advanced
job
create multi
metric job
create population
job
machine
learning
advanced
settings
apm sql visualize dashboards
canvas upgrade assistant management security analytics add data search
profiler
users and
roles
saved objects reporting security settings
grok debugger language clients infra console discover dev tools watcher rollups cross cluster
replication
data visualizer
metrics monitoring notebook logging spaces logstash pipeline gis application timelion graph --
147. Training Icons
apm metrics Security analytics logging
specialization
Engineering 1 Engineering 2 certification Advanced search Data science
subscription on-demand Instructor led
stack
148. Generic Icons
training support subscription
customers
structured schema schemaless rapid query
execution
sql No sql Horizontal scale
flexible data
model
downloads custom consulting community community
members
Sophisticated query
language
node idea chart
news user reliable extensible upgrade IoT plugin scale real-time high-five
location distributed visibility plan E commerce family vacation presentation education guide book
benefits certificate video contribution target Health monitor overlap conversation speaker government
149. Generic Icons
To do Source code Color outside
of the lines
blog Send
message
docs mobile browser Love
letter
connection
150. Feature Icons
winlogbeat heartbeat packetbeat metricbeat functionbeat filebeat auditbeat index patterns Index
management
Life cycle
management
create single job create advanced
job
create multi
metric job
create population
job
machine
learning
advanced
settings
apm sql visualize dashboards
canvas upgrade assistant management security analytics add data search
profiler
users and
roles
saved objects reporting security settings
grok debugger language clients infra console discover dev tools watcher rollups cross cluster
replication
data visualizer
metrics monitoring notebook logging spaces logstash pipeline gis application timelion graph --
151. Training Icons
apm metrics Security analytics logging
specialization
Engineering 1 Engineering 2 certification Advanced search Data science
subscription on-demand Instructor led
stack
152. Generic Icons
training support subscription
customers
structured schema schemaless rapid query
execution
sql No sql Horizontal scale
flexible data
model
downloads custom consulting community community
members
Sophisticated query
language
node idea Light bulb
news user reliable extensible upgrade IoT plugin scale real-time high-five
location distributed visibility plan E commerce family vacation presentation education guide book
benefits certificate video contribution target Health monitor overlap conversation speaker government
153. Generic Icons
To do Source code Color outside
of the lines
blog Send
message
docs mobile browser Love
letter
connection