Ingest third-party cloud security data

edit

Ingest third-party cloud security data

edit

This section describes how to ingest cloud security data from third-party tools into Elasticsearch. Once ingested, this data can provide additional context and enrich your Elastic Security workflows.

You can ingest both third-party cloud workload protection data and third-party security posture and vulnerability data.

Ingest third-party workload protection data
edit

You can ingest third-party cloud security alerts into Elastic Security to view them on the Alerts page and incorporate them into your triage and threat hunting workflows.

Ingest third-party security posture and vulnerability data
edit

You can ingest third-party data into Elastic Security to review and investigate it alongside data collected by Elastic Security’s native cloud security integrations. Once ingested, cloud security posture and vulnerability data appears on the Findings page and in the entity details flyouts for alerts, users, and hosts flyouts.