Elastic announced the launch and general availability of the industry's first free and
open Limitless Extended Detection and Response (XDR).
Part of Elastic Security, Elastic Limitless XDR modernizes
security operations by unifying the capabilities of security information and
event management (SIEM), security analytics, and endpoint security.
"Organizations have been spending regularly on threat
detection and response but still can't detect sophisticated threats," says Jon
Oltsik, Senior Principal Analyst at ESG. "By aggregating threat detection and
response across multiple controls, XDR promises to improve threat detection and
response, correlating endpoint detections with telemetry from other sources to
simplify investigation and streamline operations."
Elastic Limitless XDR is anchored in SIEM and enriched by a single
agent for endpoint security to eliminate data silos, reduce alert fatigue, and
arm practitioners to stop threats at cloud scale. Built into a single platform,
Elastic Limitless XDR extends visibility across any environment to prevent,
detect, and respond to threats and eliminate blind spots, everywhere.
According to the IDC EDR and XDR 2020 Survey, 55% of organizations
currently use up to six endpoint security technologies. "While EDR technologies
remain a popular choice for helping organizations strengthen their security
posture, XDR is gaining in popularity as security teams require telemetry from
many sources beyond the endpoint," says Chris Kissel, Research Director
Security & Trust Products IDC.
Elastic Limitless XDR powers centralized
analytics on years' worth of data, automates key processes, and brings native
endpoint security to every host.
Elastic Limitless XDR stops
threats at cloud scale on a single platform by:
Extending visibility across any environment to eliminate security
blind spots
- Block malware and ransomware, perform collection and
inspection, detect and take responsive actions on the endpoint, and
support DevSecOps and observability use cases by collecting application
traces through a single agent.
- Accelerate security operations with automated hunting
and investigation workflows, built-in case management, and hundreds of
one-click integrations created by Elastic and its global user
community.
- Deploy on premises, in the cloud, or hybrid.
Providing fast, cost-effective search to meet the evolving needs
of security teams
- Ingest and prepare data from across any
environment and search it in milliseconds to seconds with the frozen
data tier, powered by searchable snapshots, on low-cost object stores such
as Amazon S3, Google Cloud Storage, and Microsoft Azure Storage.
- Efficiently retain years of actionable telemetry to
uncover long-dwelling threats and markers of newly discovered exploits.
- Uniformly analyze information stored across multiple
clouds without the delay and expense of backhauling data.
Automating threat detection to reduce alert fatigue
- Automate threat detection with rules built by Elastic
and community security researchers and shared on a public detection rules
repository.
- Uncover security-relevant anomalies with prebuilt
machine learning jobs.
- Aggregate results, prioritize, and investigate across
multi-cloud environments.
"Between today's advanced attack techniques and
complicated IT environments, it is more difficult than ever for
organizations to stop threats before damage is done. Adding to this
challenge, security teams have to pivot between multiple tools to investigate
and respond fully to attacks. By combining SIEM and endpoint security,
Elastic Limitless XDR provides fast detection and response capabilities
with cloud, user, endpoint, and network telemetry to simplify
investigation and response on a single platform." -
Nate Fick, General
Manager, Security at Elastic