Subscribe To Our Daily Enewsletter:

Elastic Blends SIEM, Endpoint Security Services

Elastic N.V., a Dutch company that offers open source search and analytics tools, has launched the Elastic Endpoint Security solution based on the MITRE ATT&CK matrix.

The announcement comes after Elastic in July 2019 unveiled Elastic SIEM, a free and open security information and event management (SIEM) offering. Then, Elastic acquired Endgame endpoint security in June 2019 for $234 million.

Fast forward to present day. The blended SIEM-EDR capabilities enable organizations to automatically respond to cyber threats in real-time across cloud, on-premises and hybrid environments, Elastic asserts.

Furthermore, Elastic Endpoint Security can be used in conjunction with the Elastic Stack for logging, security, application performance monitoring and infrastructure event collection, the company says.

Ahead of the M&A deal, Endgame was working with such Top 200 MSSPs, strategic partners and technology partners as AccentureCritical StartDXC TechnologyOptiv and Red Canary (among many others).

SIEM-EDR Managed Security Service: Netsurion for MSPs

Still, Elastic isn’t alone in the blended SIEM-EDR market. Netsurion earlier this year announced EventTracker EDR, which features both SIEM and EDR capabilities.

EventTracker EDR protects organizations against both known malware and unknown and zero-day attacks, Netsurion stated. It also provides file integrity monitoring, threat remediation reporting and other cybersecurity capabilities.

Netsurion essentially is a Master MSSP that’s committed to supporting peer MSSPs and MSPs. The company’s blended SIEM-EDR offering has SOC (Security Operations Center) as a Service capabilities for MSSP and MSP partners.

Additional insights from Joe Panettieri.

Return Home

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *