Elastic Security Research
The Elastic Security Research team pairs research on emerging threats with analysis of strategic, operational, and tactical adversary objectives.
The team produces public-facing content, in the way of summary blogs, detailed releases, and artifacts; articulating both adversary campaign activities and threat detection steps that can be leveraged to frustrate adversary goals.
The team publishes a variety of content:
- Analysis of malware signatures, behavior protections, and detection rules assessed against real-world malware and adversary techniques;
- Whitepapers focused on vulnerabilities, exploits, and other research relevant to the security community at-large; and
- Tools created to aid in the collection and analysis of threat data
Research priorities are chosen through open-source research vehicles, inputs from high-confidence third parties, and data collected from Elastic’s evolving telemetry.
|Intelligence Analysis||Long-form threat research and analysis focused on campaigns and specific intrusions.|
|Malware Analysis||Malware research, analysis, and reverse engineering.|
|Whitepapers||Whitepapers around the topic of protections, defensive countermeasures, and security operations.|
|Tools||Tools created and released by the Elastic Security Research team to aid in data collection, parsing, and analysis.|
threat-notification //@// elastic.co Elastic Community Slack
Created: January 19, 2022