Skip to content
At Elastic, we operate a large and diverse set of behavior detection rules across multiple datasets, environments, and severity levels. Most of these rules are atomic, each designed to detect a specific behavior, signal, or attack pattern. In addition, we ingest and promote external alerts from security integrations such as firewalls, EDR, WAF, and other security controls. The result is powerful v...