Elastic Announces Osquery Management Integration for Unified Data Analysis to Address Cyber Threats
Elastic, the company behind Elasticsearch and the Elastic Stack, announces new updates across the Elastic Security solution in its 7.13 release to broaden support for osquery, the open source host instrumentation framework, with a new host management integration for Elastic Agent and unified analysis of osquery host data.
The osquery host management integration, now in beta, enables security teams to use osquery results to address cyber threats without the complexity or cost of a separate management layer. With one click, users can install and orchestrate osquery across their Windows, macOS, and Linux hosts.
Recommended AI News: Udacity And AWS Collaborate To Offer More Free Courses In Machine Learning
Osquery data is ingested in Elasticsearch and shown in Kibana where users can run live queries with one or more agents, and define scheduled queries to capture changes to an organization’s security state. From a single pane of glass, users can centralize security analytics and contextualize osquery results against other event data, anomalies, and threats, and leverage that context to improve host visibility, analytical power, and monitoring.
Enhanced capabilities also include prebuilt and custom SQL queries, as well as Kibana query guidance to support users with code completion, code hinting, and content assistance.
Recommended AI News: Toyota Research Institute Shares Design to Help Advance the Field of Soft Robotics