Elastic Security Research
The Elastic Security Research team pairs research on emerging threats with analysis of strategic, operational, and tactical adversary objectives.
The team produces public-facing content, in the way of summary blogs, detailed releases, and artifacts; articulating both adversary campaign activities and threat detection steps that can be leveraged to frustrate adversary goals.
The team publishes a variety of content:
- Analysis of malware signatures, behavior protections, and detection rules assessed against real-world malware and adversary techniques;
- Whitepapers focused on vulnerabilities, exploits, and other research relevant to the security community at-large; and
- Tools created to aid in the collection and analysis of threat data
Research priorities are chosen through open-source research vehicles, inputs from high-confidence third parties, and data collected from Elastic’s evolving telemetry.
Contents¶
| Topic | Description |
|---|---|
| Intelligence Analysis | Long-form threat research and analysis focused on campaigns and specific intrusions. |
| Malware Analysis | Malware research, analysis, and reverse engineering. |
| Whitepapers | Whitepapers around the topic of protections, defensive countermeasures, and security operations. |
| Tools | Tools created and released by the Elastic Security Research team to aid in data collection, parsing, and analysis. |
Contact¶
threat-notification //@// elastic.co Elastic Community Slack
Last update:
January 31, 2022
Created: January 19, 2022
Created: January 19, 2022