Adds new Advanced Behavioral Detections section #4296
Conversation
|
Documentation previews: |
|
This pull request is now in conflicts. Could you fix it @natasha-moore-elastic? 🙏 |
natasha-moore-elastic
added
Feature: Entity Analytics
There was a problem hiding this comment.
I know this PR was mostly focused on reorg, but I ended up editing some of content that got moved. A few things jumped out at me, so I left some suggestions for your consideration. Feel free to take them with a grain of salt, I am certainly not the most informed about this set of features. Hope they're helpful, lmk if anything doesn't make sense.
docs/advanced-entity-analytics/advanced-behavioral-detections.asciidoc
Outdated
Show resolved
Hide resolved
docs/advanced-entity-analytics/advanced-behavioral-detections.asciidoc
Outdated
Show resolved
Hide resolved
docs/advanced-entity-analytics/behavioral-detection-use-cases.asciidoc
Outdated
Show resolved
Hide resolved
docs/advanced-entity-analytics/behavioral-detection-use-cases.asciidoc
Outdated
Show resolved
Hide resolved
docs/advanced-entity-analytics/behavioral-detection-use-cases.asciidoc
Outdated
Show resolved
Hide resolved
docs/advanced-entity-analytics/behavioral-detection-use-cases.asciidoc
Outdated
Show resolved
Hide resolved
|
|
||
| The next-generation risk scoring engine provides greater scalability and performance. It leverages the Elastic SIEM detection engine to generate host and user risk scores from the last 30 days. | ||
|
|
||
| It also generates risk scores on a recurring interval, and allows for easy onboarding and management. The engine is built to factor in risks from all {elastic-sec} use cases, and allows you to customize and control how and when risk is calculated. |
There was a problem hiding this comment.
| It also generates risk scores on a recurring interval, and allows for easy onboarding and management. The engine is built to factor in risks from all {elastic-sec} use cases, and allows you to customize and control how and when risk is calculated. | |
| It also generates risk scores on a recurring interval, and allows for easy onboarding and management. The engine is built to factor in risks from all {elastic-sec} use cases, and allows you to customize and control how and when risk is calculated. |
"data from... use-cases" seems off to me. Maybe replace with "Data from various sources" or "Data from across SIEM"?
There was a problem hiding this comment.
I'm not sure which sentence this suggestion refers to? There's no mention of 'data' in this paragraph.
Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com>
There was a problem hiding this comment.
Hi @natasha-moore-elastic - lots of good feedback here, but we could definitely use @SourinPaul's help to address some of the questions. Incorporate what you can, and once feedback is completely merged we'll do a final pass-through. Thanks for pulling this together!
docs/advanced-entity-analytics/behavioral-detection-use-cases.asciidoc
Outdated
Show resolved
Hide resolved
docs/advanced-entity-analytics/behavioral-detection-use-cases.asciidoc
Outdated
Show resolved
Hide resolved
docs/advanced-entity-analytics/behavioral-detection-use-cases.asciidoc
Outdated
Show resolved
Hide resolved
docs/advanced-entity-analytics/advanced-behavioral-detections.asciidoc
Outdated
Show resolved
Hide resolved
|
@elasticmachine run elasticsearch-ci/docs |
|
@elasticmachine run elasticsearch-ci/docs |
|
It looks like the build is failing due to: @hop-dev, I see that in this PR we added a link to |
|
@natasha-moore-elastic here is the PR elastic/kibana#172560 |
Thanks for the quick turnaround, @hop-dev, I appreciate it! |
…w page (#172560) Update: We are now setting the link to a temporary link to get elastic/security-docs#4296 merged and will then update to the new page As requested by @natasha-moore-elastic [here](elastic/security-docs#4296 (comment)) The entity risk scorign documentation is moving to a new page and we need to update this link to fix the build in elastic/security-docs#4296.
|
@elasticmachine run elasticsearch-ci/docs |
* Adds new Advanced Behavioral Detections section * Moves L4 pages to L3 * Moves ml-integrations under Behavioral detection use cases * Adds Advanced Behavioral Detections intro section * Adds links to AEA page * Uncomments reference that previously broke the build for no reason * Replaces verbal reference to ml-integrations * Removes frontmatter * Behavioral detection updates * Apply suggestions from code review Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> * Apply suggestion from TW review * Applies review feedback * Lowercase advanced behavioral detections * Lowercase entity risk scoring --------- Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> (cherry picked from commit e700a62)
* Adds new Advanced Behavioral Detections section * Moves L4 pages to L3 * Moves ml-integrations under Behavioral detection use cases * Adds Advanced Behavioral Detections intro section * Adds links to AEA page * Uncomments reference that previously broke the build for no reason * Replaces verbal reference to ml-integrations * Removes frontmatter * Behavioral detection updates * Apply suggestions from code review Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> * Apply suggestion from TW review * Applies review feedback * Lowercase advanced behavioral detections * Lowercase entity risk scoring --------- Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com> (cherry picked from commit e700a62) Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>
…e new page (#172592) Follow on from #172560 As requested by @natasha-moore-elastic elastic/security-docs#4296 (comment) The entity risk scoring documentation is moving to a new page and we need to update this link to fix the build in elastic/security-docs#4296.
Contributes to #4227.
Summary of changes:
Previews: