Elastic{ON} 2018 - Sipping from the Firehose: Scalable Endpoint Data for Incident Response

Dd9d954997353b37b4c2684f478192d3?s=47 Elastic Co
March 01, 2018

Elastic{ON} 2018 - Sipping from the Firehose: Scalable Endpoint Data for Incident Response

Enterprises have better sources of endpoint telemetry to respond to intrusions than ever before, yet attackers continue to slip through the cracks, often with surprising ease. And security teams still struggle to fully scope or remediate compromises, even after they’ve been detected.

This presentation will examine why it's so difficult to gather and maintain the right mix of endpoint data for effective incident response. It will then demonstrate how a blended approach — combining technologies like Elasticsearch with distributed, on-endpoint analysis — can offer comprehensive, high-speed, and efficient visibility at any scale. Examples from real-world breaches (including a few that inspired hacks in the latest season of Mr. Robot) will illustrate lessons learned from the field.

Ryan Kazanciyan| Chief Security Architect | Tanium

Dd9d954997353b37b4c2684f478192d3?s=128

Elastic Co

March 01, 2018
Tweet