Elastic, makers of Elasticsearch and the Elastic Stack (which includes Beats, Kibana and Logstash as well as Elasticsearch) has announced a new offering - the Elastic Endpoint Security solution.
The new offering is based on Elastic's recent acquisition of Endgame, an industry-recognised leader in endpoint threat prevention, detection, and response. Endgame is based on the MITRE ATT&CK™ matrix.
“Users deserve more from the tools they deploy. That’s why we are providing immediate value today through the simplicity of a single stack to search, store, analyse, and secure your data,” said Shay Banon, founder and chief executive officer of Elastic.
“This is an exciting step toward realising our vision for applying search to multiple use cases, as we are now able to offer users the best threat hunting solution with the best endpoint protection.”
Elastic is combining SIEM and endpoint security into a single solution to enable organisations to automatically and flexibly respond to threats in real time, whether in the cloud, on-premises, or in hybrid environments. Also announced at the same time, Elastic is eliminating per-endpoint pricing.
Additionally, Elastic Endpoint Security brings one of the strongest sources of endpoint security data, raw endpoint event data, and alerts to the Elastic Stack, joining the existing logging, security, APM, and infrastructure event collection.
With the average threat dwell time exceeding 100 days, shipping, scaling, and storing data efficiently in Elasticsearch makes searching through all of this disparate security-related data practical, easy, and fast. Accordingly, endpoint security is a natural fit for the Elastic Stack to provide prevention against threats and the fastest detection and response to stop attacks at the earliest stages possible.