Elastic Security Serverless

Serverless Security

Elastic Security combines threat detection analytics, cloud native security, and endpoint protection in a single solution, so you can quickly detect, investigate, and respond to threats and vulnerabilities across your environment.

Serverless projects provide you with the existing Elastic Security on-premise and Elastic Cloud deployment functionality, and the following new features and capabilities:

• Continuous onboarding hub at the center of the Get started page
• Security-focused, single-level navigation
• Osquery availability within Investigations
• Assets management for Fleet, endpoints, and Cloud
• Security-specific roles
• Machine learning nodes included, by default
• Developer tools for interacting with your data

• Create a Security project: Create your first serverless Security project.
• Ingest data: Learn how to add your own data to Elastic Security.

• Enable detection rules: Activate prebuilt rules from Elastic, and create your own custom rules.
• Protect endpoints: Install and configure real-time endpoint protection with Elastic Defend.
• Secure your cloud: Improve cloud security posture, scan for vulnerabilities, and monitor workloads.
• Triage and respond to alerts: Analyze potential threats and launch investigations.
• Investigate security events: Query security event data and hunt for threats.
• Visualize security data: Use prebuilt dashboards and create your own visualizations.