Elastic has released a free and open Limitless Extended Detection and Response (XDR) solution.
Tony Katsabaris, AVP, Australia & New Zealand at Elastic (pictured), notes that, “The launch of Elastic Limitless XDR comes at a time when cyber security is high on the agenda for the Australian government and businesses. Sophisticated adversaries are multiplying and the attack surface for businesses is changing rapidly as they become digitalised, enabling adversaries to infiltrate, test and target weak points more easily.
Businesses need a different approach to protect themselves from cyber threats. Security is fundamentally a data and search problem and by providing limitless ingestion of all types of data from all types of sources to enable limitless security analysis at manageable costs, Elastic is equipping practitioners at businesses of all sizes to prevent, detect, and respond to sophisticated attacks before damage is done.”
Elastic Limitless XDR stops threats at cloud scale on a single platform by:
Extending visibility across any environment to eliminate security blind spots
- Block malware and ransomware, perform collection and inspection, detect and take responsive actions on the endpoint, and support DevSecOps and observability use cases by collecting application traces through a single agent.
- Accelerate security operations with automated hunting and investigation workflows, built-in case management, and hundreds of one-click integrations created by Elastic and its global user community.
- Deploy on premises, in the cloud, or hybrid.
Providing fast, cost-effective search to meet the evolving needs of security teams
- Ingest and prepare data from across any environment and search it in milliseconds to seconds with the frozen data tier, powered by searchable snapshots, on low-cost object stores such as Amazon S3, Google Cloud Storage, and Microsoft Azure Storage.
- Efficiently retain years of actionable telemetry to uncover long-dwelling threats and markers of newly discovered exploits.
- Uniformly analyse information stored across multiple clouds without the delay and expense of backhauling data.
Automating threat detection to reduce alert fatigue
- Automate threat detection with rules built by Elastic and community security researchers and shared on a public detection rules repository.
- Uncover security-relevant anomalies with prebuilt machine learning jobs.
- Aggregate results, prioritise, and investigate across multi-cloud environments.
