Elastic, the company behind Elasticsearch and the Elastic Stack, announced Expanded Limitless Extended Detection and Response (XDR) capabilities across the Elastic Security solution in its 7.15 release. It comes with new prevention layers for Windows, macOS, and Linux and host isolation for cloud-native Linux environments.
To prevent before damage
Powered by analytics that prevents attack techniques leveraged by known threat actors, malicious behavior protection is now generally available. It stops advanced threats at the endpoint for Windows, macOS, and Linux hosts by pairing post-execution analytics with response actions.
Additionally, Elastic Security now provides memory threat protection for Windows endpoints, preventing memory manipulation via shellcode. Memory threat protection prevents attacks engineered to evade less sophisticated security technologies.
Elastic 7.15 also includes host isolation for cloud-native Linux environments in Kibana by extended Berkeley Packet Filter (eBPF) technology. It isolates the host from the network, containing the attack, and preventing lateral movement.