Free and open hunting and protection with Elastic Endpoint

  • Wednesday, 07 Oct 2020 3:30PM EDT (07 Oct 2020 19:30 UTC)
  • Speakers: Dave Shackleford, Phil Roth, Mark Dufresne

Jamie and Phil will talk about the Elastic Endpoint. Jamie will show the possibilities for hunting that are enabled by the data collected. He'll demonstrate how to use community and custom rules to detect malicious activity in your environment. Phil will speak about the protections included in the Elastic Endpoint and specifically the malware model. Using Elastic's free and open rules and machine learning together can provide a layered and effective approach to security.


  • What is the Elastic Endpoint?
  • What data can you collect with it?
  • How to use community detections or write your own
  • The ML-powered protections it contains