GovLoop

Free and Open Platform Powers Search for Better Security

Photo by Shahadat Rahman on Unsplash

A free and open platform that many agencies already use for search and logging can also serve as the foundation for a data-driven approach to observability and cybersecurity, especially when deployed in the cloud.

Grounded in a robust search engine capability, Elastic is deployed across much of the federal space, from civilian agencies to high-security defense and intel offices. Elastic makes it possible for users to search across IT logs, mission data and any other data agencies need to analyze.

But the capabilities of the underlying platform go beyond search. The ability to gather, analyze and interpret large volumes of data at speed is also a game-changer when it comes to security, said John Harmon, regional vice president of federal cyber solutions at Elastic.

“Federal government is collecting lots of logs and other kinds of telemetry from its websites and other IT assets,” said Harmon. With the vast compute power and scalability of a cloud-native solution, “they are able to collect all security data cost-effectively, and to alert on it in a timely fashion.”

The Cloud Advantage

“Cloud-native” is a key point.

Historically, many agencies got started running Elastic on premises, and that has served them well. By leveraging these same capabilities in cloud-native form, agencies can elevate their security posture, unifying diverse datasets to get mission-critical insights and drive informed decision-making.

Key advantages include:

At a time when IT teams are stretched to the breaking point, a cloud-native managed service frees technology professionals to focus their efforts on high-value mission needs, rather than tending to the care and feeding of an on-prem solution.

“The cloud offering enables agencies to keep that security telemetry in a way that’s both actionable and affordable,” Harmon said.

Going Forward

To take full advantage of a cloud-native data platform, agencies can begin by tending to their data.

“You want to identify those workloads that are ready to move to the cloud, versus certain high-security or high-impact processes that you might have to keep on-prem. Understand your regulatory environment, and identify those data sets that you can move to the cloud,” Harmon said. “And for data that does need to stay on-prem, you can run Elastic in a hybrid environment.”

It makes sense, too, to get the bureaucratic wheels turning. By lining up authority-to-operate for a FedRAMP Moderate observability platform, agencies will enable themselves to pivot smoothly and easily to a cloud-based deployment of Elastic’s already familiar tools and processes.

When they’re ready to make the leap, that prior familiarity with Elastic will make for an easy transition. “These are the same tools that they’re already using, whether that’s Beats for data shippers or Kibana for dashboarding and data analysis. Everything is the same in our cloud offering,” Harmon said.

For those who aren’t yet using Elastic tools, cloud availability offers a reason to shift to a next-gen cybersecurity platform. “We were just named a visionary in the latest Gartner Magic Quadrant for SEIM: These are some of the best technologies for running those capabilities,” Harmon said.

Those interested can try Elastic’s cloud offering for free for 30 days.

“In cybersecurity we’re constantly asking questions and having to search for answers: What alerts am I getting? What does this alert mean?” Harmon said. In this light, “a scalable cyber solution grounded in search just makes sense.”

Sponsored by:

Exit mobile version