Elastic Security protects against memory attacks in MITRE Engenuity ATT&CK Turla Evaluations

Elastic Security participated in the MITRE Engenuity ATT&CK Evaluations: Enterprise 2023, showcasing its capabilities in detecting and preventing memory-based and kernel-level attacks, particularly those associated with the Turla malware family, a sophisticated Russian advanced persistent threat group. The evaluations, which focus on real-world threat scenarios, allowed Elastic to demonstrate its detection and prevention technologies, including behavior-based alerts powered by machine learning and enhanced visibility across Windows, macOS, and Linux operating systems. Elastic's security solutions were evaluated for their effectiveness in both detection and prevention, with the latter allowing vendors to activate prevention technologies. Elastic effectively stopped attacks in most tests by preventing malware execution at the initial stages, highlighting its integration of core protection technology and pre-built security rules. Since the evaluation, Elastic Security has released new features, including enhanced attack prevention and detection capabilities, a generative AI assistant for investigations, and additional rules and protections to address a wider range of threats.