Elastic Stack 7.6 streamlines automated threat detection with the launch of a new SIEM detection engine and a curated set of detection rules aligned to the MITRE ATT&CK knowledge base, brings performance improvements to Elasticsearch, makes supervised machine learning more turnkey with inference-on-ingest features, and deepens cloud observability and security with the launch of new data integrations. Elasticsearch gets faster Elastic has improved the performance of queries that are sorted by date or other long values by applying the block-max WAND optimization to sorted queries — a clever way to stop counting new results when they’re clearly not going to change the results.
Read full article on Help Net Security