One of the greatest challenges in security is providing universal access to the knowledge and resources necessary to protect against adversaries. Not every organization has a reverse engineer or intelligence analyst on the team, and this is especially true after macroeconomic conditions worsened earlier this year and resulted in waves of layoffs. Elastic Security Labs was founded to help address this knowledge gap by sharing threat and intelligence research along with tools and other software we use to impact threats.
To this effort, Elastic regularly publishes articles describing malware, threat intelligence, artificial intelligence, and detection engineering research along with tools and indicators. We have exposed more than a dozen previously unknown threats to the public and worked with our industry partners to develop new mitigations for them.
The 2023 Elastic Global Threat Report is a summary of more than a billion data points distilled down to a small number of distinct categories. We describe the tools, tactics, and procedures of threats from the perspective of endpoints and cloud infrastructure — the most common enterprise attack surfaces — so readers with varying priorities can determine the best course of action to take next.