Planning for 2025: Detection Engineering with the Elastic Global Threat Report

Ruben Groenewoud

Research Engineer

Elastic

Jonhnathan Ribeiro

Senior Security Research Engineer

Elastic

The 2024 Elastic Global Threat Report provides a unique look at the threat landscape, but understanding leading threat trends is only the first step. Preparing your organization for what's coming can be a daunting task, but you can get ahead with effective detection engineering — and you don't need to be a mature SOC to achieve a robust detection engineering function…

That's where Elastic Security Labs' detection engineers help you succeed. Whether it's discussing specific threat mechanisms or demonstrating how you can automate detection and response workflows, achieve your security goals with insights from our seasoned detection engineers. Join our virtual event to explore some of the basics of detection engineering, our experts' thoughts on this year's top threat trends and forecasts, and the power of Elastic Security in action!

Highlights

• Explore major endpoint threat insights from the 2024 Elastic Global Threat Report per MITRE ATT&CK
• Explain the basics of the Elastic Detection Engineering Behavior Maturity Model
• Simulate attack response using Elastic Security, with the Common Unix Printing System (CUPS) vulnerability as an example
• Sync third party Endpoint Detection and Response (EDR) products into Elastic Security
• Highlight detection engineering best practices like detections-as-code (DaC)

Additional resources

• 2024 Elastic Global Threat Report
• Elastic Security Labs
• The Detection Engineering Behavior Maturity Model (DEBMM)
• CUPS Overflow: When your printer spills more than ink
• Now in beta: Detections-as-code