Listen to this news article

The company behind Elasticsearch and the Elastic Stack, Elastic, has announced the launch and general availability of its free and open Limitless Extended Detection and Response (XDR). Next to that, it has announced new capabilities and enhancements across its Elastic Enterprise Search, Observability, and Security solutions, which are built in a single platform – the Elastic Stack.

Part of Elastic Security, Elastic Limitless XDR would modernize security operations by unifying the capabilities of security information and event management (SIEM), security analytics, and endpoint security.

Elastic Limitless XDR is anchored in SIEM and enriched by a single agent for endpoint security to eliminate data silos, reduce alert fatigue, and arm practitioners to stop threats at cloud scale. Built into a single platform, Elastic Limitless XDR would extend visibility across any environment to prevent, detect, and respond to threats and eliminate blind spots, everywhere.

Elastic Limitless XDR would power centralized analytics on years’ worth of data, automate key processes, and bring native endpoint security to every host.

To sum up, Elastic Limitless XDR stops threats at cloud scale on a single platform by:

Extending visibility across any environment to eliminate security blind spots

  • Block malware and ransomware, perform collection and inspection, detect and take responsive actions on the endpoint, and support DevSecOps and observability use cases by collecting application traces through a single agent
  • Accelerate security operations with automated hunting and investigation workflows, built-in case management, and hundreds of one-click integrations created by Elastic and its global user community
  • Deploy on premises, in the cloud, or hybrid

Providing fast, cost-effective search to meet the evolving needs of security teams

  • Ingest and prepare data from across any environment and search it in milliseconds to seconds with the frozen data tier, powered by searchable snapshots, on low-cost object stores such as Amazon S3, Google Cloud Storage, and Microsoft Azure Storage
  • Efficiently retain years of actionable telemetry to uncover long-dwelling threats and markers of newly discovered exploits
  • Uniformly analyze information stored across multiple clouds without the delay and expense of backhauling data

Automating threat detection to reduce alert fatigue

  • Automate threat detection with rules built by Elastic and community security researchers and shared on a public detection rules repository
  • Uncover security-relevant anomalies with prebuilt machine learning jobs
  • Aggregate results, prioritize, and investigate across multi-cloud environments

“Between today’s advanced attack techniques and complicated IT environments, it is more difficult than ever for organizations to stop threats before damage is done,” said Nate Fick, General Manager, Security at Elastic. “Adding to this challenge, security teams have to pivot between multiple tools to investigate and respond fully to attacks. By combining SIEM and endpoint security, Elastic Limitless XDR provides fast detection and response capabilities with cloud, user, endpoint, and network telemetry to simplify investigation and response on a single platform.”

About the Elastic Stack Upgrades

Photo Nate Fick, General Manager, Security at Elastic
“By combining SIEM and endpoint security, Elastic Limitless XDR provides fast detection and response capabilities with cloud, user, endpoint, and network telemetry,” said Nate Fick, General Manager, Security at Elastic.

New capabilities and enhancements across version 7.14 of the company’s Elastic Stack include the general availability of Elastic Agent, a single, unified agent that would simplify the management and monitoring of data from a growing volume of diverse sources, centrally managed in Fleet to give users broad visibility and control over their environments.

With Elastic Agent, Elastic Security users would benefit from integrated ransomware and malware prevention, as well as remediation capabilities directly from the endpoint. Elastic Observability users may gain better visibility across their applications and infrastructure, as well as more secure, centralized agent management.

Additionally, Elastic Enterprise Search can now be centrally managed in Kibana, the single management interface across all Elastic solutions.

Other key updates across the Elastic Stack, Elastic Cloud, and solutions include:

Elastic Stack and Elastic Cloud

Elastic has announced the general availability of Elastic Agent with centralized management in Elastic Fleet. First released in beta in 7.9 and now generally available in 7.14, Elastic Agent serves as a single unified agent to make it simple for customers and users to onboard and manage new data sources fast, while also protecting their endpoints from cyber security threats. Elastic Agent is an Elastic Stack capability that delivers value to users across Elastic Security and Elastic Observability solutions.

Elastic has also announced that support for Microsoft Azure Private Link is now generally available. Customers can now privately and securely connect their Elastic Cloud deployments to their Azure cloud environments using Private Link endpoints, ensuring their data is not exposed on the open Internet.

Elastic Security

Elastic has announced the launch and general availability of the industry’s first free and open Limitless Extended Detection and Response (XDR) in Elastic Security. Enabled by the general availability of Elastic Agent, Limitless XDR unifies SIEM, security analytics, and endpoint security capabilities on one platform to extend visibility across any environment while eliminating data silos, reducing alert fatigue, and arming practitioners to stop threats quickly and at cloud scale.

Additionally, Elastic Security 7.14 would deepen the visibility and response actions delivered with Elastic Agent. Users can quickly quarantine compromised endpoints to mitigate risk and make rich endpoint data available for threat investigations through a curated library of osquery searches. Enhancements to the malware prevention capabilities of Elastic Agent delivers advanced protections across Windows, macOS, and Linux systems against ransomware attacks such as DarkSide and REvil.

Elastic Observability

Furthermore, Elastic has announced secured, centralized Elastic Agent management with Elastic Fleet to optimize telemetry collection, reduce security risks, and accelerate application root cause analysis. Additionally, Fleet enables users to integrate security into release processes by deploying endpoint security across their organization’s infrastructure without slowing down application development.

Elastic Enterprise Search

To conclude, Elastic has announced a single management interface for App Search and Workplace Search in Kibana. With this integration, users can create new engines, tune query relevance, manage user access, and customize visualizations from within the same management interface used by Elastic Observability and Elastic Security.

“Elastic is committed to helping organizations build, run, and protect their organizations at speed and scale on a single platform,” said Ash Kulkarni, Chief Product Officer, Elastic. “The critical new capabilities introduced across Elastic solutions give customers unprecedented visibility and control over their organization’s data, enabling them to continue innovating, improving customer experiences, and driving growth while retaining confidence in the security of their environment.”