News

Stay up to date with our latest news and industry insights.

empow Announces Partnership with Elastic

Integration of empow’s intent-based NG SIEM with the Elastic Stack will provide unprecedented, rules-free proactive security coverage

BOSTON, Nov. 19, 2018 – empow, whose next-gen SIEM enables companies to detect and respond to attacks automatically – without correlation rules, today announced that it has joined the Elastic OEM partner program.

Efficiently searching through cybersecurity data – which is notoriously dynamic – has long been a pain point that has rendered conventional SIEMs slow and often useless.  To be successful, security analysts must go beyond searching just known attack patterns and clues – they must also be able to search for the malicious motivation of the attacker. Currently, the tools to search for this malicious intent don’t exist.

This is what the industry desperately needs – a centralized log management and search solution, well integrated with a truly effective SIEM – and this is the enormous benefit that the Elastic and empow integration brings.  Elastic’s vast and rich unstructured search and analytics engine contains the vital information that security professionals need in the moment.  empow enables them to search and interpret information for intent, using its many attacker “mind-reading technology” patents.

According to Gregory Tademoto, Vice President of Business Development at Elastic, “We are excited to welcome empow, a Gartner Cool Vendor company who provides an orchestration platform that uses AI and machine learning analytics to classify threats and alerts based on intent, as an Elastic OEM partner. Through this partnership, empow and Elastic can help bring searchable malicious intent to the SIEM category.”

Avi Chesla, founder and CEO of empow, reinforced the power of the integration: “Humans can’t write security correlation rules that represent attack patterns as fast as machines can generate new attacks.  It’s playing Whack-a-Mole on steroids.   But this partnership will enable us to combine empow’s rule-free security analytics, and Elastic’s industry-leading search capabilities, bringing to market a SIEM like no other.”

The powerful partnership between empow and Elastic will have two phases. First, empow’s SIEM is already integrated with the Elastic Stack and available for immediate implementation across the full security market. Second, empow is also developing, and will soon announce the availability of, its open-source security plugin which will provide valuable functionality, including broad collection and classification of data, and its enrichment with proprietary security intent fields. “Contributing our open-source plug-in aligns with both Elastic’s mission of transparency and fairness, and with our own vision for empowering the needs of the cyber security community in today’s challenging world,” concluded Chesla.

For more information
Visit the Elastic blog
Read about Elastic’s partner program

 

Recent Posts

Preventing Misconfiguration in Logstash with empow’s Pipeline Viewer

By Dr. Rami Cohen Elastic’s Logstash multi-pipeline feature, introduced in Version 6.7, is a cool feature, that enables us to easily and flexibly write, maintain, and manage our SIEM parsers. Nevertheless, the fact that it requires manual configuration may lead to serious misconfiguration problems which may be difficult to… Read More

Rami Cohen / October 1, 2019