The Elastic Security Research team pairs research on emerging threats with analysis of strategic, operational, and tactical adversary objectives.
The team produces public-facing content, in the way of summary blogs, detailed releases, and artifacts; articulating both adversary campaign activities and threat detection steps that can be leveraged to frustrate adversary goals.
The team observes the efficacy of Malware Signatures, Behavior Protections, and Detection Rules against real-world malware and adversary techniques.
Research priorities are chosen through open-source research vehicles, inputs from high-confidence third parties, and data collected from Elastic's evolving telemetry.
The published version of the site is generated using a customized MkDocs Material theme that uses the Insiders features.
When a commit is made to the main
branch, the custom container is used to render the Markdown content files into web
content that is then pushed to the gh-pages
branch. Once that succeeds, GitHub Actions kicks off the action that
publishes the content to the website.
Contact: threat-notification //@// elastic.co
Elastic Community Slack