WE CARE ABOUT YOUR PRIVACY
We use our own and third party cookies for analytical purpose and to show you personalized advertising based on an analysis of your browsing habits (for example, visited pages). Click HERE for more information.
You can accept all cookies clicking the “ACCEPT” button or configure/reject them clicking HERE.
ACCEPT Configure/Reject

Elastic: Your Logs Deserve Better Than a CSV Dump

05/09/2025

14

0 (0%)

Report Like Favorite

Link

Embed

Transcript

Mike Matchett with Small World Big Data and we are here at Rsac 2025. Lots and lots of people. Lots and lots of cybersecurity to talk about. I'm in the Elastic booth, and we're going to find out a little bit more from Sneha about Elastic storage and why they're here at Rsac. So let's start with that. Well, first of all, how did you get to Elastic? What's your back story? All right. Thank you for talking to me. So my backstory is I've been working in the security industry for some time now. My story way back starts as a software engineer. And then from there, I worked in another company before this and as a product manager doing mobile security. And then Elastic is doing a lot more in SIM as well as cloud security and endpoint security. And so this was an interesting area for me to be in, so that that's what got me to Elastic and I do product management here. So I have done some app development in my in my lifetime, and I remember Elastic as this great search engine you could roll into your stack and stuff like that. I'm a little curious to find out though. The story about how Elastic comes to be at RSA. Rsa. How does it turn into a security company? Yeah, that's a great question. So many of you are probably familiar with Elastic and probably know it as the Elk stack. And so that's probably what you're talking about as well, where you can use Elastic as your search solution. Now, a few years ago, Elastic was also many developers as well as just, you know, people who were using Elastic started building out of the box solutions from it for specifically use cases like security. So sending in the security logs, for example, and then sending in their IT logs to do monitoring of their infrastructure. How do I protect my infrastructure? And so from there the product sort of evolved, and now we have an out of the box solution that is built on top of the Elk stack itself. And that's what we're doing here at RSA, is talking about that out of the box solution, which is primarily our Elastic SIM. So that's what we're doing. All right. So this is something that came out of the way. People were using it over time layered up. And you got to a set of value propositions. That was enough to box up and then propagate and get to other people looking at RSA. The crowd that's here, RSA conference, there's a lot of themes going on. What what are some of the themes you've noticed and how would Elastic security perhaps help them with those? Yeah, I mean, it's no doubt that everybody is talking about AI and everybody is talking about how, you know, I can come in in the intersection of security as well as data. And that's exactly the place where Elastic adds a lot of value. So we have integrations with so many different companies, which are all over the show floor here. So you can essentially bring that data to Elastic. And because you can search for it in seconds across so many of your different clusters that are present, that's really like interesting trend that we are seeing. Right. So with AI kind of being in the mix of all of that, we have integrated so many of those different AI capabilities into our security solution. We also have our search solution where we are complementing and offering that with our security solution. So for example, we have a vector database that you can use in our search solution. And that is something that is integrated into our security platform. So let's say I'm looking at a specific attack. And I can go into the assistant and start asking natural language questions. Hey, help me with this attack. What is my next step? How do I investigate. And you can just kind of go from there. So we're kind of cross-pollinating our own solution. So we're building upon the power that we have with surge. And then, you know, taking all the benefits that AI brings to the table and almost reimagining the way Elastic now works while just, you can, you know, make use of that power and start to ask all that questions in natural language. Yeah. I mean, we could probably have a whole nother show in another discussion on rag and vector embeddings and databases, because that's another hot topic we're covering at Small World Big Data recently. But it's interesting to see that intersection across domains, right? I think the most interesting things happen when you have expertise and skill sets and capabilities from multiple things come together, right? So this is really interesting to me to see Elastic get into the security space. If you wanted to tell one thing to everybody here about Elastic and what it can do for them, what would you tell them? It's simple right? Search is really important, especially now with AI kind of coming in everywhere. Search is important, data is important. And Elastic comes exactly at the intersection of that and helps you with the use case that you care about. And in this case, in this particular show floor, it's about protecting your data across the different domains. So that's what I would say to people is come check out how that very unique intersection happens. And that's where Elastic brings to the table. If someone wants to learn now more about what Elastic is doing in the security space in addition to the vector databases, what would you recommend they start with? I mean, it's probably a kind of big website on there. Where where would you say if someone here is in the security role and wants to start learning more about what you were just talking about, where should they start? Yeah, that's a great question. So actually more recently and you also mentioned to me that, you know, you're familiar with the Elk stack. We recently released, uh, a new offering where you can go in without any kind of management. We have a way for you to start your Elastic trial with Elastic serverless. And so now that is something where you can just without any management, without having to figure out your clusters or without having to figure out anything. You can get straight into the security project, you can get straight into the observability project or straight into search, and start using the benefits of Elastic that offers. So that's what I would tell people. Go to Elastic, go check out our serverless offering that just came out. And you can just start a free trial and you can use all the features that we have that come with it right away in the free trial. That's probably the best offer we've had all day so far on security has come, come to free to. Trial, and then if you like it, you can definitely convert over. And that's what we hope you'll do. All right. Thank you so much for being here and talking to us today. Thank you. Take care folks. Check out Elastic.

Mike Matchett meets with Sneha Sachidananda of Elastic to discuss how the company has evolved beyond the ELK stack into full-stack security. Elastic’s SIEM solution is built on their high-speed search foundation and now includes AI-driven threat hunting and natural language investigation via vector databases. With out-of-the-box integrations and Elastic’s new serverless offerings, security teams can trial and deploy powerful analytics without infrastructure overhead— making it easier to detect and respond to threats across their environment.

Categories:

» Small World Big Data
» Cybersecurity

Channels:

Mike Matchett: Small World Big Data

Tags:

Show more Show less

Recommended For You