Announcing Certificate Profile Selection
We are excited to announce a new extension to Let’s Encrypt’s implementation of the ACME protocol that we are calling “profile selection.” This new...
Ending OCSP Support in 2025
Earlier this year we announced our intent to provide certificate revocation information exclusively via Certificate Revocation Lists (CRLs), ending support for providing certificate revocation...
Finally, a SIEM that gets cloud detection and response
Elastic Security combines CDR with SIEM to deliver crucial context, prioritized threat detection, and rapid response for a more efficient security posture. - Read...
Black Friday Versus The Bots
What can last year’s Black Friday shopping trends teach us about expected attacker behavior during the 2024 holiday shopping season? - Read more
Elastic 8.16: BBQ, LLM observability, protect your cloud assets
Elastic 8.16 includes many high-impact capabilities, including Elastic being the first vector database with BBQ (Better Binary Quantization), LLM observability for Amazon Bedrock, extended...
Herding Llama 3.1 with Elastic and LM Studio
Learn how to set up Elastic AI Assistant with a locally hosted Meta Llama 3.1 model with LM Studio. - Read more
How to turn data into actionable insights
Turning data into actionable insights allows a company to understand what drives its business and scale more efficiently. Here's how to do that. -...
The Cybersecurity Brew Episode 9
Join Jake Haldeman & Gabrielle Hempel for episode 9 of “The Cybersecurity Brew,” a podcast-style webinar series providing expert advice on navigating the ever-changing...
Elastic AI Assistant and Attack Discovery integrate with Google Vertex AI to help drive...
Google Vertex AI works with Elastic AI Assistant and Attack Discovery features to provide security analysts with more choices for sophisticated LLMs and allows...
How we built Automatic Import, Attack Discovery, and Elastic AI Assistant using LangChain
Elastic Security is building innovative generative AI features using Elastic's Search AI Platform and partnering with LangChain. This technical blog shares the engineering underpinnings...
Latest article
Chromium: CVE-2026-13027 Use after free in FileSystem
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2025) for more information. - Read...
Weekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more
Help shape the future of Metasploit FrameworkWe are planning future work in relation to the evasion capabilities present in Metasploit Framework, and how they...
New DirtyClone Linux Vulnerability Allows Attackers to Gain Root Access Via Cloned Packets
A new Linux kernel local privilege escalation vulnerability, dubbed “DirtyClone” (CVE-2026-43503), that allows unprivileged local users to gain full root access by manipulating cloned...
Hackers Claim French Employment Leak Exposes Over 1M Records, Health Data
Hackers claim 1M+ records tied to French employment apps were exposed, including HR files, health data, worker details, and plaintext passwords.
The post Hackers Claim...
