Cmd will add runtime security capabilities to the Elastic Limitless extended detection and response (XDR) platform, Elastic stated. The potential result for MSSPs is a single search platform that spans unified security information and event management (SIEM), endpoint and cloud security capabilities, the buyer asserts.
Cmd offers an infrastructure detection and response (IDR) platform for Linux infrastructure in the cloud or a data center, the company indicated. The platform uses extended Berkeley Packet Filter (eBPF) technology to provide developers with visibility into cloud workloads; eBPF allows developers to run sandboxed programs within an operating system and add capabilities at runtime.
In addition, Cmd provides Elastic customers with visibility into cloud workloads and ensures they can identify and address threats across their cloud data, the companies noted. Elastic also will integrate Cmd’s capabilities into its Elastic Agent, allowing its customers to monitor logs, metrics and other cloud data sources.
Elastic’s customers will be able to use build.security’s technology with Limitless XDR to prevent, detect and respond to cloud threats and validate their security posture against Center for Internet Security (CIS) benchmarks and other standards. Also, Elastic will use build.security’s technology to build a Kubernetes integration that promotes cloud application security and compliance.