Using the Elastic free SIEM technology is great to protect your applications and your company against any kind of cybercrime. You can detect, investigate and respond to any evolving threats. Its a useful foundation for every Security operations centre (SOC). The following downloads offering powerful extensions to the Elastic free SIEM technology.    


SIEM examples

Logstash Parsing Configurations for Elastic SIEM parses many different sources into ECS

A collection of Kibana dashboards to provide a holistic view of Microsoft Office 365 environments

Cloudflare dashboards and ingest pipelines to visualize cloudflare logs

ACSC Advisory IOCs detection rules for Elastic SIEM

A Kibana Canvas dashboard example that visualizes suricata logs collected with Filebeat.

A collection of rules based on the Sigma detection rules for web server looks, e.g. apache, nginx or IIS.

A collection of rules based on the Sigma detection rules for proxy server and web server looks, e.g. zeek or suricata.

A collection of rules based on the Sigma detection rules for Windows Sysmon events based on Winlogbeat data.

A collection of rules based on the Sigma rules for Windows (process creation folder) based on Winlogbeat data .


More about SIEM

The heart of Elastic SIEM is the an interactive Kibana app. That workspace allowing teams to detect anomalous behaviour, to sort out events and start investigations. Using the Elastic agent the user has limitless possibilities to ingest from OOTB integrations.

In combination with Elastic Machine Learning you have everything in place you need to protect your company. Improve your threat detection capabilities by using threat intelligence in combination with other security rules.

Continuously protect your environment using behaviour-based rules that detect potential risks through behaviours and tools. Analyse and prioritize potential threats based on enemy behaviour. With risk and severity scores, you can go right to the point. Detections are linked with MITRE ATT&CK®, are updated on a regular basis, and are openly provided for instant use.