Elastic Blends SIEM, Endpoint Security Services
Elastic N.V., a Dutch company that offers open source search and analytics tools, has launched the Elastic Endpoint Security solution based on the MITRE ATT&CK matrix.
The announcement comes after Elastic in July 2019 unveiled Elastic SIEM, a free and open security information and event management (SIEM) offering. Then, Elastic acquired Endgame endpoint security in June 2019 for $234 million.
Fast forward to present day. The blended SIEM-EDR capabilities enable organizations to automatically respond to cyber threats in real-time across cloud, on-premises and hybrid environments, Elastic asserts.
Furthermore, Elastic Endpoint Security can be used in conjunction with the Elastic Stack for logging, security, application performance monitoring and infrastructure event collection, the company says.
SIEM-EDR Managed Security Service: Netsurion for MSPs
EventTracker EDR protects organizations against both known malware and unknown and zero-day attacks, Netsurion stated. It also provides file integrity monitoring, threat remediation reporting and other cybersecurity capabilities.
Netsurion essentially is a Master MSSP that’s committed to supporting peer MSSPs and MSPs. The company’s blended SIEM-EDR offering has SOC (Security Operations Center) as a Service capabilities for MSSP and MSP partners.
Additional insights from Joe Panettieri.