Security Review: Basic, Standard, and Advanced

Overview:

Evaluate your Elastic Security operations through analysis of performance, data quality, and cost efficiency to provide teams with findings on security posture and recommendations for consideration.

Scope:

• Conduct a technical discovery session to capture environment specifics and security objectives.
• Review platform infrastructure to ensure optimal deployment and scalability.
• Validate data ingestion pipelines and assess data quality for reliable security analytics.
• Analyze rule performance and provide targeted tuning recommendations for enhanced detection.
• Examine supporting components to ensure a robust and resilient security ecosystem.
• Deliver a knowledge transfer workshop and provide comprehensive documentation for continued success.

Engagement times:*

• Typically, a project commences between six and eight weeks after services are purchased and lasts between one and five weeks.
• The project will be delivered by an Elastic Consultant (or a certified partner resource with Elastic oversight).

Engagement structure:

• All engagements will be conducted over contiguous weeks.
• Breaks in the engagement may result in reassignment of the Elastic Consultant and require additional lead time prior to resuming. They can also impact the level-of-effort (LOE) and/or cost.
• Changes or additions to scope may impact LOE and/or cost; changes will require a mutually executed Order Form (change order).

Customer responsibilities:

• Provide all necessary resources, access, and personnel in a timely manner.
• Provide all requested prerequisite information and documentation prior to the project kick-off call.
• Confirm all onboarding and access requirements prior to purchasing services.
• Determine clear and concise requirements prior to engagement kick-off.

Total consulting days: 18

Overview:

Evaluate your Elastic Security operations through analysis of performance, data quality, and cost efficiency to provide teams with findings on security posture and recommendations for consideration.

Scope:

• Conduct a technical discovery session to capture environment specifics and security objectives.
• Review platform infrastructure to ensure optimal deployment and scalability.
• Validate data ingestion pipelines and assess data quality for reliable security analytics.
• Analyze rule performance and provide targeted tuning recommendations for enhanced detection.
• Evaluate Elastic Defend integration and review security policy configurations.
• Assess host inspection and response actions to strengthen incident response capabilities.
• Examine supporting components to ensure a robust and resilient security ecosystem.
• Deliver a knowledge transfer workshop and provide comprehensive documentation for continued success.

Engagement times:*

• Typically, a project commences between six and eight weeks after services are purchased and lasts between one and five weeks.
• The project will be delivered by an Elastic Consultant (or a certified partner resource with Elastic oversight).

Engagement structure:

• All engagements will be conducted over contiguous weeks.
• Breaks in the engagement may result in reassignment of the Elastic Consultant and require additional lead time prior to resuming. They can also impact the LOE and/or cost.
• Changes or additions to scope may impact LOE and/or cost; changes will require a mutually executed Order Form (change order).

Customer responsibilities:

• Provide all necessary resources, access, and personnel in a timely manner.
• Provide all requested prerequisite information and documentation prior to the project kick-off call.
• Confirm all onboarding and access requirements prior to purchasing services.
• Determine clear and concise requirements prior to engagement kick-off.

Total consulting days: 21

Overview:

Evaluate your Elastic Security operations through analysis of performance, data quality, and cost efficiency to provide teams with findings on security posture and recommendations for consideration.

Scope:

• Conduct a technical discovery session to capture environment specifics and security objectives.
• Review platform infrastructure to ensure optimal deployment and scalability.
• Validate data ingestion pipelines and assess data quality for reliable security analytics.
• Analyze rule performance and provide targeted tuning recommendations for enhanced detection.
• Evaluate Elastic Defend integration and review security policy configurations.
• Assess host inspection and response actions to strengthen incident response capabilities.
• Review and optimize machine learning job configurations for advanced threat detection.
• Validate risk scoring and AI Assistant functionality to support proactive security operations.
• Examine supporting components to ensure a robust and resilient security ecosystem.
• Deliver a knowledge transfer workshop and provide comprehensive documentation for continued success.

Engagement Times*:

• Typically, a project commences between six and eight weeks after services are purchased and lasts between one and five weeks.
• The project will be delivered by an Elastic Consultant (or a certified partner resource with Elastic oversight).

Engagement structure:

• All engagements will be conducted over contiguous weeks.
• Breaks in the engagement may result in reassignment of the Elastic Consultant and require additional lead time prior to resuming. They can also impact the LOE and/or cost.
• Changes or additions to scope may impact LOE and/or cost; changes will require a mutually executed Order Form (change order).

Customer responsibilities:

• Provide all necessary resources, access, and personnel in a timely manner.
• Provide all requested prerequisite information and documentation prior to the project kick-off call.
• Confirm all onboarding and access requirements prior to purchasing services.
• Determine clear and concise requirements prior to engagement kick-off.

Total consulting days: 24