Elastic has added a new query language to the stack designed to make it easier to see the flow of events and provide detection. EQL was originally developed by Endgame and now is part of the Stack after joining forces with Elastic. EQL provides us with a unique ability to look across our data in both the context of its time series flow, and the relationship between the events that lead to a positive detection. Join us as we explore this new powerful tool and how it gives every user a new edge.
Infosec Consultant
Ivan Ninichuk is a freelance infosec consultant who is a frequent contributor to the Elastic community. Ivan’s main work is done with an organization he helped found called the Cyber Knights. Its purpose is to help train individuals wishing to enter the field of cybersecurity and perform research projects. He is also a freelanc…
Ivan Ninichuk is a freelance infosec consultant who is a frequent contributor to the Elastic community. Ivan’s main work is done with an organization he helped found called the Cyber Knights. Its purpose is to help train individuals wishing to enter the field of cybersecurity and perform research projects. He is also a freelance consultant on Upwork. Building out Elastic based monitoring platforms and technical writing are a few examples of preferred contracts.
