Hunting (and stopping!) threats with Elastic Security

A presentation at TheDevConf 2021 by David Pilato

You are a security analyst for your company. The IT Team has deployed Elastic agents on your infrastructure, including endpoints, firewalls… those agents are collecting logs, metrics and security related data for months.

One morning, you open Kibana and discover that some alerts have been thrown. Is that a real threat?

In this 100% live session, we will discover, step by step, with the free and open Elastic Security solution:

  • how to check if it’s a real threat,
  • how to block it and stop its propagation,
  • how the intrusion has been made possible,
  • what techniques have been used,
  • have data been exfiltrated.

Resources

The following resources were mentioned during the presentation or are useful additional information.

Buzz and feedback

Here’s what was said about this presentation on social media.