Elastic Security

Elastic Security combines threat detection analytics, cloud native security, and endpoint protection in a single solution, so you can quickly detect, investigate, and respond to threats and vulnerabilities across your environment.

Serverless projects provide you with the existing Elastic Security on-premise and Elastic Cloud deployment functionality, and the following new features and capabilities:

Continuous onboarding hub at the center of the Get started page
Security-focused, single-level navigation
Osquery availability within Investigations
Assets management for Fleet, endpoints, and Cloud
Security-specific roles
Machine learning nodes included, by default
Developer tools for interacting with your data

Get started

Create a Security project

Create your first serverless Security project.

Ingest data

Learn how to add your own data to Elastic Security.

How to

Enable detection rules

Activate prebuilt rules from Elastic, and create your own custom rules.

Protect endpoints

Install and configure real-time endpoint protection with Elastic Defend.

Secure your cloud

Improve cloud security posture, scan for vulnerabilities, and monitor workloads.

Triage and respond to alerts

Analyze potential threats and launch investigations.

Investigate security events

Query security event data and hunt for threats.

Visualize security data

Use prebuilt dashboards and create your own visualizations.

Article navigation

Elastic Security

Get started

How to