Threat research

Prepare for what's next

Understand threat actor's most recent targets and attack behaviors with the 2024 Elastic Global Threat Report — designed to provide your cybersecurity team with crucial insights for the upcoming year.

Insights you can't get anywhere else

We're revealing real-world adversary actions through billions of data points from Elastic's unique telemetry, built on the Search AI Platform.

  • 89
    %

    of Linux behaviors involved Brute Force.

  • 70
    %

    of endpoint behaviors were Defense Evasion, Execution, and Persistence.

  • 47
    %

    of Microsoft Azure failures were tied to storage account misconfigurations.

Short on time?

  • Adversary Actions in the 2024 Elastic Global Threat Report

    What are adversaries doing in environments?

  • See key insights and suggestions in this two page overview.

  • Elastic's CISO speaks on the Global Threat Report

    Mandy Andress shares crucial details and how she's using them to strategize for 2025.

  • A sneak peek of the forecasts

    Elastic Security's General Manager covers a few of the key recommendations.

Frequently asked questions

What is the Elastic Global Threat Report?

The Elastic Global Threat Report is a report from Elastic Security Labs that explores a full year of telemetry. The Global Threat Report provides a comprehensive look at several threat topics, including malware, cloud, endpoint, and adversaries campaigns. It also provides cybersecurity forecasts for the upcoming year.

Explore Elastic Security

  • Empower your SOC

    Resist advancing threats with AI-driven security analytics, the future of SIEM.

  • Work smarter with AI

    Detect sooner, investigate faster, and respond before threats have a chance with the Elastic Search AI Platform.

  • Fueled by Elastic Security Labs

    Apply novel research on threats, malware, and protections from our expert security researchers.