Looking for a list of "Out of the Box" Use Cases for Elastic SIEM

I am working on a secure project that is utilizing ELK SIEM and we are looking for Use Cases that we can direct the client towards for answering what the Elastic SIEM can do for them. Is there a link or area that I can use to answer common Use Case scenarios?

Hey there @MKirby :wave:

This post from @Frank_Hassanabad is a good summary of information available around what Elastic SIEM and now Elastic Security can do, so highly recommend checking that out!


Since then though, we've had six additional releases, and have added all sorts of new functionality, from Malware and Ransomware detection/prevention on Elastic Endpoint, introduction of OSQuery for host instrumentation, and the GA of Fleet/Elastic Agent for managing all your hosts and integrations. I highly recommend checking out the below release blog posts for all the details around the functionality and use-cases we've added since that original post.

Hope this helps, and please let us know if you have any additional questions around a specific topic in any of these posts -- cheers! :slightly_smiling_face:

-Garrett