Elastic Security
Defensive siem
Open Source
SIEM based on the Elastic stack
Platforms:
linux windows cloud
Prerequisites:
elasticsearch kibana
Pros and Cons
Ventajas
- + Based on Elastic Stack
- + Integrated ML detection
- + Horizontally scalable
- + Free basic version
- + Good visualization
Desventajas
- - Requires Elastic knowledge
- - Significant resources for production
- - Advanced features require license
Casos de Uso
- Security monitoring
- Threat detection
- On-prem or cloud SIEM
- Log analysis