Nov 03, 2023NewsroomCloud Security / Linux The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a "new experimental campaign" designed to breach cloud environments. "Intriguingly, the attacker is also broadening the horizons of their cloud-native attacks by … [Read more...] about Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments
cloud
How to get the most from your Elastic Cloud trial
Elastic Cloud is a cloud-based managed service offering provided by Elastic®. Elastic Cloud allows customers to deploy, manage, and scale their Elasticsearch® clusters and other components of the Elastic Stack in Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure without the need to manage the underlying infrastructure, enabling users to focus on … [Read more...] about How to get the most from your Elastic Cloud trial
Take control of your Elastic Cloud spend with data-driven insights
As we continue to expand our product offerings, new products, and services will be integrated into the usage page. The latest addition to this offering is Synthetic Monitoring. This feature offers insights into the utilization and expenses associated with synthetics products, making it easier to manage and optimize your overall spending.We encourage you to explore the enriched … [Read more...] about Take control of your Elastic Cloud spend with data-driven insights
Elastic wins CyberSecurity Breakthrough Award for Cloud Platform of the Year 2023
Elastic Security for Cloud also includes cloud-native vulnerability management capabilities. This continuously uncovers vulnerabilities in AWS EC2 with zero resource utilization on workloads. Elastic identifies, reports, and guides remediation of these vulnerabilities to help you identify and respond to potential risk.Elastic Security for Cloud is also supported by Elastic … [Read more...] about Elastic wins CyberSecurity Breakthrough Award for Cloud Platform of the Year 2023
Scattered Spider Getting SaaS-y in the Cloud
LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for extortion. LUCR-3 targets Fortune 2000 companies across various sectors, including but not limited to Software, … [Read more...] about Scattered Spider Getting SaaS-y in the Cloud
Secure your Elastic Cloud deployment with AWS PrivateLink traffic filter
Traffic filters consist of rule(s) that specify the source of traffic, such as IP/CIDR or AWS VPC endpoint, and rule sets, which are a set of traffic filter rules. Rule sets are then associated with the deployment and can restrict access to the deployment based on those rules.By default, customers connect to deployment over the public internet. Customers can assign multiple … [Read more...] about Secure your Elastic Cloud deployment with AWS PrivateLink traffic filter
Elastic and Google Cloud collaborate on generative AI and security as a part of an expanded partnership
The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.In this blog post, we may have used or referred to third party generative AI tools, which are owned and operated by their respective owners. Elastic does not have any … [Read more...] about Elastic and Google Cloud collaborate on generative AI and security as a part of an expanded partnership
3 Ways to Enhance Cloud Security with EASM
The IT future is a cloudy one. Organizations are increasingly relying on cloud servers, as today’s IT environments use a combination of public and private clouds alongside on-premise infrastructure. Gartner® estimates that by 2026, 75% of organizations will adopt a digital transformation model predicated on the cloud as the fundamental underlying platform. Moreover, global … [Read more...] about 3 Ways to Enhance Cloud Security with EASM
Optimizing cloud resources and cost with APM metadata in Elastic Observability
From left to right, we want to focus on the very first chart. We have the bars representing the CPU as average in green and 95th percentile in blue on top. It goes from 0 to 100% and is normalized, meaning that even with 8 CPU cores, it will still read 100% usage and not 800%. The line graph represents the transaction duration, the average being in red, and the 95th percentile … [Read more...] about Optimizing cloud resources and cost with APM metadata in Elastic Observability
The 4 Keys to Building Cloud Security Programs That Can Actually Shift Left
As cloud applications are built, tested and updated, they wind their way through an ever-complex series of different tools and teams. Across hundreds or even thousands of technologies that make up the patchwork quilt of development and cloud environments, security processes are all too often applied in only the final phases of software development. Placing security at the very … [Read more...] about The 4 Keys to Building Cloud Security Programs That Can Actually Shift Left